645ddd621a5b3998e31d2ac161d3cbd5

Sharing

Copy URL Twitter E-mail

General

Target

645ddd621a5b3998e31d2ac161d3cbd5
Size

412KB
MD5

645ddd621a5b3998e31d2ac161d3cbd5
SHA1

43da496069a53792c0e02b468e4368cfbcc19255
SHA256

5442a07b4178b28a45c3f04ad1d7664ce48b7b477fa6b155959ded4ece5c11aa
SHA512

60cb2e0346cea9a5756862f154fa1e916ff538883c867eaa996c9428113d79080e0683f2b05a881d42a466e120e41f9af6c771efd26591bbf8979f3e7a42f7f3
SSDEEP

12288:zzgXLR6Q7VOBPmUTRJ+cvjm7HmKB9YYo7I:qR6Q7VQPzTK6EOYo7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
645ddd621a5b3998e31d2ac161d3cbd5

Files

645ddd621a5b3998e31d2ac161d3cbd5
.exe windows:4 windows x86 arch:x86

5b5c742023a43a1b0e4f2a482adac082

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapReAlloc
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
RaiseException
CreateThread
ExitThread
HeapSize
GetACP
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
LocalFree
GlobalFree
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
lstrcpynA
MultiByteToWideChar
WaitForSingleObject
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
OutputDebugStringA
ExpandEnvironmentStringsA
CreateFileA
WriteFile
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
GetProcessHeap
HeapAlloc
Sleep
GetLocalTime
UnhandledExceptionFilter

user32

PeekMessageA
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
IsWindowEnabled
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetCursorPos
LoadStringA
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
CreateDialogIndirectParamA
EndDialog
GetClassNameA
GetSysColorBrush
IsWindowVisible
GetTopWindow
MessageBoxA
GetCapture
DispatchMessageA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadCursorA
CopyIcon
GetMessagePos
ScreenToClient
PtInRect
SetTimer
MessageBeep
SetWindowLongA
KillTimer
LoadIconA
IsWindow
EnableWindow
LoadImageA
GetIconInfo
GetDC
CreateIconIndirect
ReleaseDC
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
DestroyMenu
DestroyCursor
GetFocus
SetActiveWindow
SetFocus
WinHelpA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
DestroyIcon
AdjustWindowRectEx
RemovePropA

gdi32

CreatePalette
GetDIBColorTable
CreateHalftonePalette
CreateFontIndirectA
GetTextExtentPoint32A
GetClipBox
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
GetObjectA
GetDeviceCaps
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetPixel
SetPixel
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
DeleteObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegQueryValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

Exports

Exports

Loader

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 200KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b5c742023a43a1b0e4f2a482adac082

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 200KB - Virtual size: 210KB

.rsrc Size: 84KB - Virtual size: 82KB

.code Size: 4KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 200KB - Virtual size: 210KB

.rsrc
Size: 84KB - Virtual size: 82KB

.code
Size: 4KB - Virtual size: 4KB