664dcec79c6722dd899ef7717c877d16

Sharing

Copy URL Twitter E-mail

General

Target

664dcec79c6722dd899ef7717c877d16
Size

918KB
MD5

664dcec79c6722dd899ef7717c877d16
SHA1

a5e35ba0a6ad980dbe793410e3b1065fbe415bc3
SHA256

9b004d5260d4d5804260f2d72a1a858468cd63dbac1dc3c4d29660e891e6a0cd
SHA512

9e0ea8b8d4658ee31f08fb72cf87f5d6e457747b31c3e9d65b9d5082f4c0d28938a27a2a6b95ce38e85df4e7f087ef10cbf6f0dc9eb312a7f0c92885cff3c13c
SSDEEP

24576:238YJEcyloudKI4PpuMFTiS77IruBKsUdWR+ND:oJETlHYI4UMFu9sh4ND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
664dcec79c6722dd899ef7717c877d16

Files

664dcec79c6722dd899ef7717c877d16
.exe windows:6 windows x86 arch:x86

0f494e1e6ad49f1dcf9010102212810d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetTempPathA
GetTempFileNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateFileA
CreateFileW
SetFileAttributesA
DeleteFileA
MoveFileA
MultiByteToWideChar
SetConsoleScreenBufferSize
ReadConsoleW
SetStdHandle
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetTimeZoneInformation
GetCurrentThreadId
LoadLibraryExW
OutputDebugStringW
IsDebuggerPresent
GetProcessHeap
HeapSize
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
SetThreadpoolThreadMinimum
LoadLibraryA
LCMapStringW
CompareStringW
IsProcessorFeaturePresent
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
lstrlenW
lstrcpyA
UnmapViewOfFile
MapViewOfFile
SetFilePointer
WriteFile
GetFileSizeEx
WaitForSingleObject
SetLastError
GetLastError
VirtualQuery
GlobalFree
GlobalAlloc
GetProcAddress
LockResource
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
CreateThreadpoolWait
SetThreadpoolTimer
CreateThreadpoolTimer
SubmitThreadpoolWork
CreateThreadpoolWork
CloseThreadpoolCleanupGroup
GetCommandLineA
GetSystemTimeAsFileTime
CloseThreadpoolCleanupGroupMembers
CreateThreadpoolCleanupGroup
SetThreadpoolThreadMaximum
CreateThreadpool
SetEnvironmentVariableA
RtlUnwind
RaiseException
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetStdHandle
HeapReAlloc
HeapAlloc
HeapFree
GetStringTypeW
WideCharToMultiByte
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoW
CloseThreadpool
GetModuleHandleA
CreateEventA
CloseHandle
Sleep
IsValidLocale
SetEvent

user32

PeekMessageA
DispatchMessageW
SendMessageA
PostMessageA
DispatchMessageA
TranslateMessage
GetMessageW
GetMessageA
WindowFromPoint
DefWindowProcA
PostQuitMessage
CreateWindowExA
DestroyWindow
ShowWindow
MoveWindow
SetWindowPos
IsIconic
CreateDialogParamA
GetDlgItem
SetDlgItemTextA
GetClipboardData
GetKeyNameTextA
MapVirtualKeyA
SetTimer
KillTimer
GetSystemMetrics
LoadMenuA
CreateMenu
AppendMenuA
GetMenuCheckMarkDimensions
CreateIcon
LoadBitmapA
SetWindowsHookExA
SetWindowLongA
PtInRect
UnionRect
SetRect
MapWindowPoints
GetCursorPos
MessageBoxA
SetWindowContextHelpId
GetWindowRect
GetClientRect
SetWindowTextA
RemovePropA
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow

gdi32

GetTextExtentPoint32A
TextOutA
GetObjectA
SetDIBColorTable
GetDIBColorTable
CreateDIBSection
GetTextMetricsW
SetDCPenColor
SelectPalette
SelectObject
BitBlt
GetStockObject
GetPixel
GetPaletteEntries
GetDeviceCaps
GetCurrentObject
DeleteObject
DeleteDC
CreateFontW
CreateEllipticRgn
CreateCompatibleDC
CreateBitmap
CombineRgn

winspool.drv

DocumentPropertiesA

comdlg32

GetOpenFileNameA

advapi32

OpenProcessToken

shell32

ord239

ole32

CoInitialize
CoCreateInstance
CoTaskMemAlloc
StgCreateDocfile

wininet

HttpQueryInfoA
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetOpenUrlA
InternetOpenA
InternetCrackUrlW

ws2_32

socket
sendto
htons
recvfrom
ioctlsocket
setsockopt
closesocket
inet_addr

msacm32

acmStreamOpen
acmStreamClose
acmStreamPrepareHeader

winscard

SCardGetProviderIdW

shlwapi

StrToIntA
StrToInt64ExA
PathFileExistsA
PathIsNetworkPathW

comctl32

ImageList_Remove
ImageList_ReplaceIcon
ImageList_Add
ImageList_Create
ImageList_Destroy

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdiplusStartup

opengl32

glBegin
glColor3f
glVertex2f
glEnd
glClear
glFlush
glClearColor

imm32

ImmAssociateContext

setupapi

SetupDiInstallDevice
SetupDiDeleteDeviceInterfaceRegKey

tapi32

phoneGetGain

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f494e1e6ad49f1dcf9010102212810d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

wininet

ws2_32

msacm32

winscard

shlwapi

comctl32

gdiplus

opengl32

imm32

setupapi

tapi32

Sections

.text Size: 202KB - Virtual size: 202KB

.rdata Size: 62KB - Virtual size: 62KB

.data Size: 7KB - Virtual size: 18KB

.rsrc Size: 632KB - Virtual size: 631KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 202KB - Virtual size: 202KB

.rdata
Size: 62KB - Virtual size: 62KB

.data
Size: 7KB - Virtual size: 18KB

.rsrc
Size: 632KB - Virtual size: 631KB

.reloc
Size: 12KB - Virtual size: 11KB