67025701ad17a94ae2680602fa26074f

Sharing

Copy URL Twitter E-mail

General

Target

67025701ad17a94ae2680602fa26074f
Size

130KB
MD5

67025701ad17a94ae2680602fa26074f
SHA1

bc318f04e48a421a3b6b65831e32d999a2dc2bd9
SHA256

d3e10a6867439078e4f931d2a33b95b4e76a41d01aa210a38ae527ef40af9957
SHA512

0ad3cd29ecc6c19a135fc693fc082cd76931d58c28a1c82c85356525496b8c3e2a1a0e8cc2719ae4fa28a0e37b255bf6ab080c107a3e3f700efb8f84bd5a3f4e
SSDEEP

3072:o/hBVKWPT81wDXtFlfqQiUmtXw2uBhWJWCFOYmTFtOtxdBhT6B2ju:EhBVKWb9lSQAtjusWCloFtg6Uju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67025701ad17a94ae2680602fa26074f

Files

67025701ad17a94ae2680602fa26074f
.exe windows:5 windows x86 arch:x86

51518cd4fdb0417f4d6eee99a4d68dd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fprintf
strncpy
_controlfp
__set_app_type
wcsrchr
perror
bsearch
ungetc
memset
wcschr
time
strtol
free
__p__fmode
qsort
atoi
srand
swprintf
strspn
__p__commode
wcstombs
sscanf
fgetc
_amsg_exit
realloc
_initterm
fwrite
getenv
_ismbblead
malloc
_XcptFilter
strtok
swscanf
_exit
_cexit
sprintf
wcsncmp
strcoll
fclose
fputs
wcscoll
setvbuf
__setusermatherr
clearerr
wcscpy
floor
__getmainargs
strcspn

comdlg32

PrintDlgW
ReplaceTextW
GetSaveFileNameA
ChooseColorW
ChooseFontW
GetFileTitleW

shlwapi

PathIsUNCA

kernel32

VirtualFree
GetComputerNameA
FoldStringW
GetThreadTimes
lstrcpyA
HeapValidate
VirtualQuery
CancelWaitableTimer
OpenSemaphoreW
GetFileInformationByHandle
IsDBCSLeadByte
TlsSetValue
GetModuleHandleA
FindNextFileA
FindFirstFileA
GetHandleInformation
GetTempPathW
GetExitCodeThread
lstrcmpA
GetPriorityClass
GetModuleFileNameA
GetCommState
SetWaitableTimer
HeapUnlock
GetLongPathNameW
TerminateThread
IsBadStringPtrW
FindNextFileW
CreateSemaphoreW
GetSystemDefaultLangID
GetComputerNameW
EscapeCommFunction
UnmapViewOfFile
GetBinaryTypeW
FindCloseChangeNotification
GetTempPathA
GetCompressedFileSizeW
ReleaseMutex
GetThreadContext
GlobalDeleteAtom
ResumeThread
GetACP
AreFileApisANSI
GetWindowsDirectoryA
GlobalUnlock
GetLocaleInfoW
MulDiv
CopyFileA
SetFileAttributesW
GlobalAlloc
SetLastError
GetCurrentDirectoryW
OpenEventW
HeapAlloc
CreateNamedPipeA

user32

GetClassInfoW
LoadCursorW
RegisterWindowMessageA
DefFrameProcW
PostMessageA
UnionRect
CharLowerW
DrawFrameControl
GetScrollRange
EnumThreadWindows
SetWindowRgn
DrawIcon
DestroyWindow
DialogBoxIndirectParamA
RegisterClassExW
wvsprintfA
IsDialogMessageW
CreateIconIndirect
ShowOwnedPopups
GetKeyboardType
GetFocus
SetDlgItemTextA
CreateWindowExA
GetSysColorBrush
PostThreadMessageA
LockWindowUpdate
DrawEdge
GetCursorPos
GetMenuItemCount
GetMessageExtraInfo
DestroyMenu
GetMonitorInfoW
GetMenuItemID
CharUpperBuffW
EnableScrollBar
GetCaretPos
GetMenuState
mouse_event
SetForegroundWindow
wsprintfW
WaitMessage
EnableWindow
SetCaretPos
DialogBoxParamW
DrawTextA
LoadIconW
CopyRect
ChangeMenuW
ScreenToClient
CheckDlgButton
IsCharAlphaNumericW
GetTopWindow
ValidateRect
CloseDesktop
IsDialogMessageA
GetWindow
GetSubMenu
SystemParametersInfoW
DeleteMenu
CreateDialogParamW
DrawMenuBar
PostMessageW
FindWindowExW
CallWindowProcW
VkKeyScanW
GetForegroundWindow
MessageBoxExW
CharPrevA
SendInput
SetRectEmpty
SendDlgItemMessageW
DeferWindowPos
SetMenu
DialogBoxIndirectParamW
ScrollWindowEx
AllowSetForegroundWindow
GetDlgCtrlID
CallWindowProcA
GetKeyboardLayout
MessageBoxA
GetWindowRect
RegisterWindowMessageW
CreateWindowExW
LoadMenuW
RegisterClassW
GetDoubleClickTime
MessageBoxExA
DestroyCaret
ChildWindowFromPoint
CharUpperBuffA
RemoveMenu
GetIconInfo
GetSystemMetrics
FindWindowA
GetActiveWindow
RedrawWindow
WaitForInputIdle
CharLowerA
RemovePropW
AttachThreadInput
InvalidateRgn
IsWindowEnabled
SetFocus
DrawStateA
GetShellWindow
GetDlgItemTextA
CopyImage
SetParent
SetWindowTextW
DefWindowProcA
LoadBitmapW
FrameRect
SetPropW
GetClassInfoExW
SetRect
GetDCEx
ReplyMessage
CheckRadioButton
EnumChildWindows
DrawStateW

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51518cd4fdb0417f4d6eee99a4d68dd9

Headers

File Characteristics

Imports

msvcrt

comdlg32

shlwapi

kernel32

user32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 104KB

.ips3 Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 28KB - Virtual size: 27KB

.rsrc Size: 65KB - Virtual size: 64KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 104KB

.ips3
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 65KB - Virtual size: 64KB

.reloc
Size: 2KB - Virtual size: 1KB