677de62d31cf9125aac44fdcaff1de74

Sharing

Copy URL Twitter E-mail

General

Target

677de62d31cf9125aac44fdcaff1de74
Size

376KB
MD5

677de62d31cf9125aac44fdcaff1de74
SHA1

0d4fe78676a6aa20b8656539bb04d52aeb23ff97
SHA256

350a49c2df36de18dfafda2dbd1c32e9af1d3576987e1c25becef393d1b3cfcb
SHA512

1397b2f3209a9a2de15a9ba3e6e040fc1cca67149bd4160fd36c500a57a6fedf20328567ee71bdbb0e5a00d488c715274767185b458ae9977f81cc8858b61f64
SSDEEP

6144:Fk6ubhAVDglKDWx76PU6f2/lGfPoWryPs2OlcobaKku/DlJ4MqIolb:6pVAVDglKDWxGP6OPiPcfDuIo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
677de62d31cf9125aac44fdcaff1de74

Files

677de62d31cf9125aac44fdcaff1de74
.exe windows:4 windows x86 arch:x86

f26aae0767ccd4fb0969b969716e750d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
CreateToolbar
ImageList_DrawIndirect
ImageList_GetImageRect
DestroyPropertySheetPage
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_Add
ImageList_AddMasked
ImageList_Copy
ImageList_DrawEx
ImageList_LoadImage

user32

DdeGetLastError
TrackMouseEvent
RealChildWindowFromPoint
CallMsgFilterW
SendNotifyMessageA
MessageBoxW
DefWindowProcW
GetMenuCheckMarkDimensions
SetKeyboardState
GetClipboardViewer
CreateWindowExA
DrawFrame
CharToOemW
RegisterClassExA
InflateRect
DestroyWindow
CreateDialogParamW
TranslateMDISysAccel
UnregisterClassW
GetAsyncKeyState
LoadAcceleratorsA
GetWindowModuleFileNameW
GetKeyNameTextA
ChangeDisplaySettingsExA
VkKeyScanW
TranslateAcceleratorA
GetProcessDefaultLayout
SetCaretPos
AppendMenuW
GetMessagePos
RegisterClassA
DlgDirSelectExW
DrawIcon
LoadIconA
GetCursorInfo
RegisterWindowMessageW
ShowWindow
WinHelpA
SetClassLongW
CopyAcceleratorTableW
CharNextW
DdeSetQualityOfService
GetMenu
GetSystemMenu

gdi32

GetDIBits
GetObjectType
EnumICMProfilesW
GdiPlayJournal
EndDoc
CombineTransform
GetTextMetricsW
GetObjectW
ExtCreateRegion
StretchDIBits
DeleteDC
SetStretchBltMode
DeleteObject
GetCharABCWidthsFloatW
Polygon
DrawEscape
SetWinMetaFileBits
AbortPath
GdiPlayDCScript
CreateBrushIndirect
FixBrushOrgEx
GetPixel
GetDeviceCaps
SelectObject
CreateDCW
GdiSetBatchLimit
GetArcDirection
GetFontData
CreateMetaFileA

advapi32

RegRestoreKeyA
AbortSystemShutdownW
LookupAccountSidA
RegReplaceKeyW
RegSetValueA
RegEnumKeyExA
RegDeleteValueW
CryptDecrypt
RegDeleteKeyW
CryptExportKey
CryptEnumProviderTypesW
RegNotifyChangeKeyValue
RegFlushKey
RegOpenKeyW
CreateServiceA
RegCreateKeyW
CryptGetProvParam
RegOpenKeyExA
CryptSetProvParam
CryptDestroyKey
LookupAccountSidW
CryptAcquireContextW

kernel32

InitializeCriticalSection
WideCharToMultiByte
TlsSetValue
GetLastError
GetProcessHeap
GetCurrentThread
SetConsoleCtrlHandler
FillConsoleOutputCharacterW
HeapDestroy
QueryPerformanceCounter
HeapAlloc
FreeResource
GetProcAddress
EnterCriticalSection
GetStartupInfoW
FreeLibrary
LCMapStringA
TlsGetValue
SetFilePointer
ReadFile
SetStdHandle
WriteConsoleA
FreeEnvironmentStringsA
GetStdHandle
GetEnvironmentStringsW
SetEnvironmentVariableW
FlushFileBuffers
GetLocaleInfoW
GetVersionExA
SetHandleCount
GetCurrentThreadId
GetCurrentProcessId
HeapFree
GetDateFormatA
GetFileType
DeleteCriticalSection
HeapReAlloc
IsValidLocale
HeapSize
GetConsoleOutputCP
CompareStringW
WriteConsoleW
GetOEMCP
LCMapStringW
CloseHandle
GetCurrentProcess
SleepEx
TlsFree
GetConsoleScreenBufferInfo
ExpandEnvironmentStringsA
CreateMutexA
LockResource
IsDebuggerPresent
RtlUnwind
MultiByteToWideChar
TerminateProcess
CompareStringA
InterlockedIncrement
WriteConsoleOutputCharacterA
SetLastError
InterlockedDecrement
EnumResourceLanguagesW
GetTempFileNameA
CreateFileA
VirtualQuery
Sleep
GetModuleFileNameA
GlobalLock
SuspendThread
SetEnvironmentVariableA
GetShortPathNameA
GetConsoleMode
GetTimeZoneInformation
ExitProcess
TlsAlloc
GetTimeFormatA
VirtualAllocEx
GetEnvironmentStrings
GetACP
GetConsoleCP
FreeEnvironmentStringsW
UnhandledExceptionFilter
LocalLock
lstrlenA
SetSystemTime
CreateSemaphoreA
EnumSystemLocalesA
GetStringTypeW
LoadLibraryA
IsValidCodePage
GetCommandLineW
OpenMutexA
GetCurrentDirectoryA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetThreadContext
GetLocaleInfoA
GetModuleHandleA
lstrcpyW
MapViewOfFileEx
WriteFile
GetStartupInfoA
VirtualAlloc
SetUnhandledExceptionFilter
lstrcatA
GetTickCount
GetStringTypeA
GetModuleFileNameW
InterlockedExchange
GetCPInfo
VirtualFree
GetCommandLineA
GetUserDefaultLCID
HeapCreate

wininet

UnlockUrlCacheEntryFileW
InternetGetCookieW

shell32

RealShellExecuteExA
SHEmptyRecycleBinA
CheckEscapesW
ShellExecuteA

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26aae0767ccd4fb0969b969716e750d

Headers

File Characteristics

Imports

comctl32

user32

gdi32

advapi32

kernel32

wininet

shell32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 96KB - Virtual size: 106KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 96KB - Virtual size: 106KB

.rsrc
Size: 28KB - Virtual size: 25KB