666943bed9ff9c72bd00c169c9c0bf73

Sharing

Copy URL

Twitter E-mail

General

Target

666943bed9ff9c72bd00c169c9c0bf73
Size

155KB
MD5

666943bed9ff9c72bd00c169c9c0bf73
SHA1

3c81b65e19d25dc17a78827d1054e83cb66ef65c
SHA256

7bf3daee4c7473b451169de91f9ae21b822166b6c0ded775654aaeee1fec9103
SHA512

ab1cce9037e70e5d8394220547b1c9c85d2e11b8d80c6562cae32a66e0bdbab1bc467d366ebf83ba554afb00a9e59d2fbfe7e4f3781727638de89d0606a5c741
SSDEEP

3072:f2RzPdqXXu14I+SuDIU0IeH2XbwKInNOKsje1uZQNlhMPl24OShwP2GL:f2RzPdqnu1R+hIZIhLrInN8jTeMk4OSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
666943bed9ff9c72bd00c169c9c0bf73

Files

666943bed9ff9c72bd00c169c9c0bf73
.exe windows:8 windows x86 arch:x86

8d5e45f8ae4d4f4bed3c56a069cac4ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCurrentProcessId
GetACP
SetEvent
GetTickCount
LocalFree
SetEvent
GetCurrentThreadId
GetCurrentProcessId
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcessId
LocalFree
GetCurrentProcessId
GetCommandLineW
GetCommandLineW
SetUnhandledExceptionFilter
SetEvent
GetCurrentProcess
GetProcessHeap
MultiByteToWideChar
GetCurrentThreadId
WaitForSingleObject
MultiByteToWideChar
GetACP
GetModuleHandleA
SetEvent
GetModuleHandleW
GetCurrentProcessId
MultiByteToWideChar
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentProcess
GetModuleFileNameA
GetTickCount
GetACP
LocalAlloc
SetEvent
FormatMessageW
GetCommandLineW
SetEvent
GetCurrentProcess
FormatMessageW
GetModuleHandleA
QueryPerformanceCounter
VirtualFree
GetCurrentProcessId
SetUnhandledExceptionFilter
LocalFree
GetTickCount
GetModuleHandleA
GetCurrentProcess
GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceCounter
GetACP
GetCommandLineW
GetCurrentProcess
MultiByteToWideChar
GetCurrentProcess
GetCurrentThreadId
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentThreadId
SetEvent
SleepEx
GetModuleFileNameA
GetProcessHeap
GetModuleHandleW
VirtualFree
GetCommandLineA
FormatMessageW
SetEvent
GetTickCount
FormatMessageW
GetCurrentThreadId
GetProcessHeap
GetCommandLineA
WaitForSingleObject
WaitForSingleObject
QueryPerformanceCounter
GetProcessHeap
GetCurrentProcess
GetTickCount
LocalAlloc
GetCurrentThreadId
GetACP
GetCommandLineW
GetCurrentThreadId
GetCommandLineW
SetUnhandledExceptionFilter

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
GetTextMetricsW
DeleteDC
CreateCompatibleDC
DeleteDC
BitBlt
PatBlt
MoveToEx
MoveToEx
LineTo
GetObjectW
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
GetDeviceCaps
PatBlt
GetStockObject
DeleteObject
SelectObject
SetTextColor
SetTextColor
CreateCompatibleDC
DeleteDC
GetDeviceCaps
CreateCompatibleDC
SelectObject
CreateCompatibleDC
SelectObject
GetTextMetricsW
CreateCompatibleDC
GetObjectW
SelectObject
GetDeviceCaps
GetDeviceCaps
PatBlt
GetDeviceCaps
GetStockObject
GetObjectW
LineTo
GetTextMetricsW
BitBlt
DeleteDC
GetTextMetricsW
GetTextMetricsW
BitBlt
DeleteObject
GetStockObject
GetTextMetricsW
GetDeviceCaps
GetObjectW
MoveToEx
DeleteDC
GetDeviceCaps
CreateCompatibleDC
GetObjectW
SetTextColor
MoveToEx
GetObjectW
BitBlt
GetStockObject
CreateCompatibleDC
MoveToEx
SelectObject
SetTextColor
SelectObject
GetStockObject
CreateCompatibleDC
BitBlt
SetTextColor
MoveToEx
PatBlt
BitBlt
DeleteDC
DeleteObject
MoveToEx
LineTo
MoveToEx
SelectObject
SetTextColor
GetDeviceCaps

ntdll

NtAllocateVirtualMemory

user32

SetTimer
GetDC
SendMessageW
CreateWindowExW
GetDlgItem
GetDC
PostMessageW
GetSystemMetrics
GetDC
SetTimer
GetMessageW
ShowWindow
ShowWindow
CreateWindowExW
ShowWindow
GetWindowRect
DestroyWindow
ReleaseDC
PostMessageW
SendMessageW
GetSystemMetrics
ShowWindow
SetTimer
GetDlgItem
SendMessageW
PostMessageW
GetWindowRect
ShowWindow
PostMessageW
GetSystemMetrics
GetDC
ShowWindow
DefWindowProcW
GetWindowRect
LoadIconW
DefWindowProcW
GetWindowRect
PostMessageW
GetDlgItem
SetTimer
LoadIconW
ShowWindow
GetMessageW
DefWindowProcW
GetDlgItem
LoadIconW
SendMessageW
GetWindowRect
PostMessageW
DefWindowProcW
ShowWindow
SetTimer
SetTimer
CreateWindowExW
DestroyWindow
DefWindowProcW
ReleaseDC
DefWindowProcW
DefWindowProcW
GetSystemMetrics
LoadIconW
CreateWindowExW
PostMessageW
SetTimer
CreateWindowExW
SetTimer
SendMessageW
DefWindowProcW
ReleaseDC
PostMessageW
GetSystemMetrics
LoadIconW
CreateWindowExW
GetWindowRect
SetTimer
ReleaseDC
DestroyWindow
SetTimer
GetWindowRect
GetDlgItem
ReleaseDC
SendMessageW
ShowWindow
GetWindowRect
LoadIconW
SendMessageW
ShowWindow
GetSystemMetrics

Sections

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d5e45f8ae4d4f4bed3c56a069cac4ab

Headers

File Characteristics

Imports

kernel32

gdi32

ntdll

user32

Sections

.data Size: 24KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 121KB - Virtual size: 124KB

.rsrc Size: 2KB - Virtual size: 148KB

.data
Size: 24KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 121KB - Virtual size: 124KB

.rsrc
Size: 2KB - Virtual size: 148KB