59cc045a1d645dfdce076f0b66ddbb1f

Sharing

Copy URL Twitter E-mail

General

Target

59cc045a1d645dfdce076f0b66ddbb1f
Size

1.1MB
MD5

59cc045a1d645dfdce076f0b66ddbb1f
SHA1

7856920e524d73ef649ecf354b5b20c3a018f172
SHA256

79d95d9e9c040373fd5e8bd0273536668b2d15e78f156bd9b150a854c4141038
SHA512

19ba190f11705ddbe3d250b9797e5e9e87af578e4645c5e7de456c1e0779a9589055914a7e9a34550b7d9783152f29ed1e4ae87188a2dfb14d37aa8c78f97a22
SSDEEP

24576:MT55EDka7aF197M3T3d/1o5vZhoxIT8Ij:McDj7K1ybVuvgc8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59cc045a1d645dfdce076f0b66ddbb1f

Files

59cc045a1d645dfdce076f0b66ddbb1f
.exe windows:5 windows x86 arch:x86

392baf4b947297aa68d4b1e606e52337

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msacm32

acmMetrics

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__setusermatherr
memset

comctl32

ord17
ImageList_Destroy
ImageList_Create

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

FindNextFileW
FindResourceA
FindResourceW
FlushInstructionCache
FormatMessageA
FormatMessageW
FreeResource
GetACP
GetCommandLineA
GetCommandLineW
GetComputerNameA
GetComputerNameW
GetConsoleCP
GetConsoleOutputCP
GetCPInfoExW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeW
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPriorityClass
GetProcAddress
GetStartupInfoW
GetStdHandle
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetTempPathA
GetTempPathW
FindNextFileA
GetThreadLocale
GetThreadPriority
GetTickCount
GetVolumeInformationW
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
IsBadReadPtr
IsDBCSLeadByteEx
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalSize
LockResource
lstrcmpA
lstrcmpiW
lstrlenW
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenFileMappingW
OpenProcess
FindFirstFileW
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetNamedPipeHandleState
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
IsValidCodePage
GetSystemTimeAsFileTime
GetStartupInfoA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
EnumSystemLocalesW
EnumCalendarInfoW
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CloseHandle
ExitProcess
GetOEMCP
GetThreadContext
QueryPerformanceCounter

user32

CreateWindowExA
CloseClipboard
CallWindowProcW
BeginPaint
CharUpperBuffW
CharNextW
CharLowerBuffW
BringWindowToTop
CallWindowProcA
CharUpperW

gdi32

MoveToEx
GetTextMetricsW
GetTextFaceA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetStockObject
GetRgnBox
GetObjectW
GetDeviceCaps
GdiFlush
EndPage
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreateFontW
CreateFontA
CreateDIBSection
CreateDCW
CreateCompatibleDC
CombineRgn
SetBkColor
SetBkMode
SetMapMode
SetTextColor
StartDocA
StartDocW
StartPage
TextOutA
TextOutW
LineTo
SelectObject
SelectClipRgn

comdlg32

GetSaveFileNameW
GetSaveFileNameA
PrintDlgW

advapi32

GetTokenInformation
FreeSid
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfigW
GetUserNameA
GetUserNameW
InitializeSecurityDescriptor
OpenProcessToken
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryValueExA
RegQueryValueExW
StartServiceW
SetSecurityDescriptorDacl
RegSetValueExW
RegSetValueExA

shell32

ShellExecuteExA
ShellExecuteA

oleaut32

SafeArrayGetLBound
VariantClear
VariantInit
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
GetErrorInfo
VariantCopy

ws2_32

recvfrom
WSAStartup
closesocket
connect
gethostbyname
htons
inet_addr
ioctlsocket
recv
WSAGetLastError
select
sendto
setsockopt
WSACleanup

Sections

.text
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifx
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 628KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

392baf4b947297aa68d4b1e606e52337

Headers

File Characteristics

Imports

msacm32

msvcrt

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

ws2_32

Sections

.text Size: 424KB - Virtual size: 423KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 12.1MB

.data1 Size: 4KB - Virtual size: 648B

.ifx Size: 8KB - Virtual size: 4KB

.rsrc Size: 628KB - Virtual size: 626KB

.text
Size: 424KB - Virtual size: 423KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 12.1MB

.data1
Size: 4KB - Virtual size: 648B

.ifx
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 628KB - Virtual size: 626KB