64e4b9708519cb01c0f3a07e5aca750e

Sharing

Copy URL Twitter E-mail

General

Target

64e4b9708519cb01c0f3a07e5aca750e
Size

660KB
MD5

64e4b9708519cb01c0f3a07e5aca750e
SHA1

a8ef20d133561c062013ad72335e808a5e3087e1
SHA256

dad47e1606fbf39962832c13ee5ad67a514e03fef68a1c6797362cb2b1b65879
SHA512

dc27f912edaaae11d087791c8ab5e9a9530dfd49ef380cf92bdedb9cb7f957b5dd2ad7609ae7beb79f9d68dd60ba3d365d6a8ef89b623ff6fccf8e4e37dcba2c
SSDEEP

12288:vJQav+LPE38USQjoxoehtlzR0cfHHUAy:vuamLPE38UFGoeDf0cfHHry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64e4b9708519cb01c0f3a07e5aca750e

Files

64e4b9708519cb01c0f3a07e5aca750e
.exe windows:4 windows x86 arch:x86

069129be5f31b9fd2a99cc491336e2c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectW
CloseFigure
ColorCorrectPalette
GetMetaFileA
GetNearestPaletteIndex
ExtEscape
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CloseMetaFile
CreatePalette
SetPixel
CreateCompatibleDC
UnrealizeObject

comctl32

ImageList_SetFlags
ImageList_LoadImageW
MakeDragList
_TrackMouseEvent
ImageList_ReplaceIcon
GetEffectiveClientRect
ImageList_Merge
ImageList_GetImageInfo
ImageList_Read
DrawStatusTextA
CreatePropertySheetPageA
ImageList_AddIcon
ImageList_GetIcon
InitCommonControlsEx
DrawStatusTextW
CreateUpDownControl
ImageList_GetFlags
ImageList_SetImageCount
ImageList_BeginDrag
ImageList_Destroy

user32

CloseClipboard
GetPropW
AnyPopup
DefWindowProcW
CreateDialogParamW
GetPriorityClipboardFormat
LockWindowUpdate
RegisterClassExA
ShowWindow
ReplyMessage
GetGUIThreadInfo
UpdateWindow
MessageBoxW
ReuseDDElParam
EnumDisplaySettingsW
DestroyWindow
FlashWindow
GetClipboardOwner
InvalidateRect
SetWindowRgn
EnumChildWindows
GetMessageA
OemKeyScan
GetCapture
ChangeDisplaySettingsA
SwitchToThisWindow
RegisterClassA
CreateWindowExA
DrawIconEx
CreateDesktopA
SendDlgItemMessageW
LoadKeyboardLayoutW
RegisterClipboardFormatW
MessageBoxA
IsZoomed
wsprintfA
ReleaseCapture
EndTask
DdeGetData
EnumPropsExW
DdeQueryStringW
ShowScrollBar
RemovePropA
LoadStringA
GetSubMenu
IsWindowEnabled
SendInput
RegisterWindowMessageA
MonitorFromPoint
ArrangeIconicWindows
DlgDirSelectComboBoxExA
SendNotifyMessageW

kernel32

WriteProfileSectionA
IsDebuggerPresent
HeapDestroy
FreeLibrary
SetConsoleCtrlHandler
GetUserDefaultLCID
GetTickCount
CommConfigDialogW
TlsSetValue
GetStartupInfoW
EnumSystemLocalesA
CompareStringA
HeapLock
GetProcAddress
FindAtomA
SetUnhandledExceptionFilter
GetCurrentThreadId
LoadResource
IsValidLocale
HeapCreate
LeaveCriticalSection
GetDateFormatA
GetTimeZoneInformation
TlsGetValue
GetOEMCP
VirtualQuery
GetVersionExA
CompareStringW
GetStringTypeW
GetEnvironmentStringsW
SetStdHandle
WriteFile
RtlUnwind
GetConsoleCP
InterlockedExchange
LCMapStringW
TlsFree
HeapReAlloc
WriteConsoleA
InitializeCriticalSection
FlushFileBuffers
GetConsoleOutputCP
VirtualAlloc
GetConsoleMode
QueryPerformanceCounter
GetModuleFileNameA
InterlockedIncrement
IsValidCodePage
MultiByteToWideChar
GetFileType
WriteConsoleW
WideCharToMultiByte
OpenMutexA
MapViewOfFileEx
DeleteCriticalSection
GetCurrentProcess
GetModuleFileNameW
SetConsoleWindowInfo
SetFilePointer
VirtualFree
GetStdHandle
GetStringTypeA
GetProcessHeap
LCMapStringA
FreeEnvironmentStringsA
GetLocaleInfoW
GetACP
LoadLibraryA
GetShortPathNameA
GetCurrentThread
GetLogicalDrives
TerminateProcess
GetModuleHandleA
SetLastError
HeapAlloc
GetPrivateProfileSectionA
CloseHandle
GetCommandLineA
GetLastError
GetEnvironmentStrings
SetHandleCount
Sleep
HeapSize
GetSystemTimeAsFileTime
TlsAlloc
GetCurrentProcessId
GetVolumeInformationW
FreeEnvironmentStringsW
ExitProcess
CreateFileA
EnterCriticalSection
CreateMutexA
UnhandledExceptionFilter
GetStartupInfoA
GetLocaleInfoA
ReadFile
GetCPInfo
WritePrivateProfileSectionW
HeapFree
InterlockedDecrement
GetTimeFormatA
SetEnvironmentVariableA
GetCommandLineW

shell32

DragQueryPoint
FindExecutableW

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

069129be5f31b9fd2a99cc491336e2c3

Headers

File Characteristics

Imports

gdi32

comctl32

user32

kernel32

shell32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 112KB - Virtual size: 126KB

.rsrc Size: 120KB - Virtual size: 116KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 112KB - Virtual size: 126KB

.rsrc
Size: 120KB - Virtual size: 116KB