679ebef2c1741b089fa6d3e044dbac74

Sharing

Copy URL Twitter E-mail

General

Target

679ebef2c1741b089fa6d3e044dbac74
Size

746KB
MD5

679ebef2c1741b089fa6d3e044dbac74
SHA1

70a5f0e20709b4907d610f3e19485bd74ee15ec2
SHA256

579a231c12ac171000d1bb0eba4437f32e58a0d5ab897b82ba103cacbce2d6c2
SHA512

31919ab16f7899a49ea625359e1e9c3669f92df0a9158b38aa04b201fc19d372148d0789c9fead75c3b548801b451dc44a5005e7dd1d07d1ed5ecbdf9352d1a6
SSDEEP

3072:JO5NHWWgiWcezScFXBHePXOIzmyaRrUY1BN6BI:SPgighFXB+fOIzC5N6S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
679ebef2c1741b089fa6d3e044dbac74

Files

679ebef2c1741b089fa6d3e044dbac74
.exe windows:5 windows x86 arch:x86

22d0aed4110c24339e667db5b6325b1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc90u

ord2617
ord2621
ord2623
ord2625
ord2615
ord5683
ord5685
ord600
ord813
ord296
ord1108
ord1599
ord909
ord3736
ord1183
ord2537
ord3185
ord1243
ord4518
ord4324
ord2326
ord811
ord935
ord933
ord938
ord286
ord280
ord2628
ord1665
ord6780
ord1047
ord2694
ord4442
ord5939
ord899
ord1719
ord5535
ord582
ord1675
ord2057
ord6579
ord6170
ord4519
ord589
ord5548
ord1048
ord2206
ord4747
ord814
ord290
ord580
ord4398
ord2271
ord5322
ord1533
ord1355
ord4543
ord2593
ord1552
ord663
ord1254
ord4044
ord586
ord6065
ord4527
ord790
ord611
ord2274
ord4652
ord5602
ord6800
ord5664
ord5404
ord5625
ord2139
ord3286
ord3489
ord595
ord2069
ord6577
ord6822
ord5778
ord686
ord2100
ord436
ord6187
ord6811
ord5767
ord3589
ord2640
ord2263
ord6094
ord6095
ord2597
ord2592
ord2596
ord3486
ord3537
ord3488
ord1354
ord3622
ord2106
ord3543
ord1137
ord1063
ord1088
ord799
ord1250
ord265
ord266
ord757
ord3630
ord553
ord1792
ord1791
ord1727
ord6808
ord6806
ord1098
ord794
ord4448
ord4423
ord6801
ord4173
ord6803
ord2251
ord6035
ord4179
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord2447
ord4347
ord4996
ord5680
ord5663
ord6018
ord3115
ord4905
ord3670
ord4967
ord4043
ord4000
ord374
ord4774
ord5008
ord6760
ord2364
ord1938
ord5632
ord4631
ord5167
ord5324
ord2208
ord1810
ord1809
ord3353
ord6408
ord1492
ord5653
ord4682
ord3515
ord639
ord3500
ord784
ord6604
ord404
ord324
ord608
ord326
ord590
ord4165
ord795
ord524
ord744
ord3355
ord6411
ord1754
ord1751
ord4345
ord1493
ord4664
ord2074
ord5512
ord4603
ord3743
ord5154
ord4702
ord1728
ord6466
ord960
ord965
ord969
ord967
ord971
ord2635
ord2619
ord2638
ord2633
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord6376
ord3226
ord1442
ord5650
ord2771
ord2983
ord3112
ord4728
ord2966
ord3140
ord2774
ord2893
ord2764
ord6088
ord2431
ord3637
ord2283
ord4080
ord4081
ord4071
ord2891
ord4660
ord3654
ord778
ord782
ord4348
ord4910
ord4681
ord587
ord792
ord6172
ord1248
ord4131
ord801
ord1272

msvcr90

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
_XcptFilter
_cexit
__wgetmainargs
_amsg_exit
_exit
exit
_vsnwprintf
_purecall
wcsrchr
atoi
_recalloc
calloc
memcpy_s
malloc
free
memset
__CxxFrameHandler3

kernel32

LoadLibraryW
lstrlenW
FindResourceW
LoadResource
LockResource
FreeResource
GetVersion
GetVersionExW
Sleep
GetTickCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
MulDiv
CreateMutexW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GetCurrentProcess
GetSystemDefaultLCID
GetModuleFileNameW
WideCharToMultiByte
GetPrivateProfileIntW
GetPrivateProfileStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFree
lstrcpyW
GetStartupInfoW
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW

user32

SetActiveWindow
IsRectEmpty
SetForegroundWindow
IsIconic
GetSystemMenu
DrawIcon
BeginPaint
EndPaint
AdjustWindowRectEx
MoveWindow
GetWindow
GetDlgCtrlID
SetWindowRgn
ReleaseCapture
MessageBeep
SetWindowLongW
IntersectRect
LoadIconW
SetRectEmpty
IsWindow
LoadCursorFromFileW
LoadCursorW
LoadImageW
PostMessageW
SetCursor
DestroyCursor
GetWindowLongW
SetRect
GetParent
InvalidateRect
ClientToScreen
GetClientRect
SendMessageW
DrawFocusRect
FrameRect
OffsetRect
InflateRect
GetIconInfo
GetSystemMetrics
GetSysColor
DestroyIcon
EnableWindow
ReleaseDC
GetDC
AppendMenuW
FillRect
LoadBitmapW
CopyRect

gdi32

GetDeviceCaps
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
CreateSolidBrush
CreateFontW
CreateRoundRectRgn
CreatePen
GetTextMetricsA
GetTextExtentPointA
ExtCreateRegion
CombineRgn
CreateRectRgnIndirect
GetTextColor
GetStockObject
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetTextExtentPoint32W
BitBlt

advapi32

RegOpenKeyExW

shell32

ShellExecuteW

comctl32

_TrackMouseEvent
ImageList_Create

oleaut32

OleLoadPicture

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 679KB - Virtual size: 692KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22d0aed4110c24339e667db5b6325b1f

Headers

DLL Characteristics

File Characteristics

Imports

mfc90u

msvcr90

kernel32

user32

gdi32

advapi32

shell32

comctl32

oleaut32

msvcp90

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 679KB - Virtual size: 692KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 679KB - Virtual size: 692KB