70cf20bcbb93e9530a3a9467a0f8bed1

Sharing

Copy URL Twitter E-mail

General

Target

70cf20bcbb93e9530a3a9467a0f8bed1
Size

278KB
MD5

70cf20bcbb93e9530a3a9467a0f8bed1
SHA1

89f2d8976aa74a093063bdaab3662b5483bdc780
SHA256

15ba27a6046a75d31f289502f0bf2c2148532747712bdab3cec56ab546518011
SHA512

f764198dc2d589ce86b3f1da7db0892b3d6333a0dc9321ba24106c15c6eb5c1a88fab0cc9028111812280f1d2b582c86db3e1837d715a937e70633a92596e1bf
SSDEEP

6144:aqlO+TchOUJZIZi0f4fiSX6w7C99J0tgPeP3XCsDRf:amXchOeN0Al6SC9b0qePHCsD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70cf20bcbb93e9530a3a9467a0f8bed1

Files

70cf20bcbb93e9530a3a9467a0f8bed1
.exe windows:4 windows x86 arch:x86

7dc9dcf67982bddd2a0c7604d732a3b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
TlsSetValue
DeleteCriticalSection
FlushInstructionCache
CreateFileMappingA
SetEndOfFile
GetFileSize
lstrlenW
GlobalSize
FreeLibrary
FindNextFileW
GetCurrentThreadId
InterlockedPushEntrySList
FindResourceExW
GetProcessHeap
LockResource
GetModuleHandleW
lstrlenA
CreateFileA
LoadLibraryExW
GetComputerNameW
GetFileTime
SetFilePointer
DeleteFileW
TlsFree
SetUnhandledExceptionFilter
FindFirstFileW
ReadFile
LocalFree
HeapFree
FormatMessageW
GetSystemTimeAsFileTime
GetACP
SetLastError
CopyFileW
lstrcmpW
GlobalUnlock
IsValidCodePage
FlushFileBuffers
HeapDestroy
IsDBCSLeadByte
FindResourceW
HeapAlloc
SizeofResource
TlsAlloc
CompareStringW
InitializeCriticalSectionAndSpinCount
GlobalLock
FileTimeToSystemTime
RaiseException
RemoveDirectoryW
LeaveCriticalSection
IsProcessorFeaturePresent
MulDiv
FindClose
OpenFile
GlobalReAlloc
VirtualFree
SetFileTime
UnhandledExceptionFilter
InterlockedPopEntrySList
GetUserDefaultLCID
HeapReAlloc
WideCharToMultiByte
CreateDirectoryW
EnterCriticalSection
HeapSize
GetTempFileNameW
LoadResource
GlobalFree
CloseHandle
WriteFile
MapViewOfFile
GetFullPathNameW
VirtualAlloc
lstrcmpiW
IsDebuggerPresent
UnmapViewOfFile
GlobalAlloc
TlsGetValue
MoveFileW
SetFileAttributesW
CreateFileW
GetLocalTime
CreateMutexW
VirtualAllocEx

gdi32

CreateSolidBrush
GetTextExtentPoint32W
CreateFontIndirectW
GetTextExtentPointW
SetBkColor
ExtTextOutW
CreateBitmap
GetDeviceCaps
CreateCompatibleBitmap
CopyMetaFileW
GetStockObject
GetObjectW
DeleteDC
SelectObject
CreateCompatibleDC
SetTextColor
BitBlt
DeleteObject
GetTextMetricsW
GetTextColor

advapi32

RegEnumValueW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
CryptDestroyKey
CryptReleaseContext
RegSetValueExW
RegDeleteKeyW

crypt32

CryptUnprotectData
CryptProtectData

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon

shell32

DragQueryFileW
ShellExecuteExW

oleaut32

SafeArrayGetLBound
SysFreeString
VariantCopyInd
VarBstrFromDate
SafeArrayGetVartype
RegisterTypeLi
SysAllocStringLen
OleCreateFontIndirect
VariantChangeType
SafeArrayDestroy
VariantChangeTypeEx
GetErrorInfo
VariantInit
SafeArrayCreate
VariantCopy
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
SysAllocString
SafeArrayRedim
SysAllocStringByteLen
SafeArrayGetUBound
SafeArrayUnlock
SysStringLen
VarBstrCmp
SafeArrayLock
UnRegisterTypeLi
LoadTypeLibEx
LoadTypeLi
VarUI4FromStr
VarBstrCat
SysStringByteLen
VariantClear
SetErrorInfo

ole32

StringFromCLSID
CLSIDFromProgID
CoTaskMemFree
OleGetClipboard
CoTaskMemAlloc
OleInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
OleSetClipboard
OleDuplicateData
CoGetClassObject
CoGetMalloc
ReleaseStgMedium
ReadClassStm
GetHGlobalFromStream
CreateDataAdviseHolder
OleUninitialize
CLSIDFromString
OleLockRunning
CoCreateInstance
StringFromGUID2

user32

GetDialogBaseUnits
GetNextDlgTabItem
EndDialog
GetClientRect
SendMessageW
CharNextA
SetDlgItemInt
SetCapture
GetDesktopWindow
MoveWindow
GetDlgItemInt
GetDlgItemTextW
IsChild
SetWindowPos
GetClassInfoExW
EndPaint
GetSysColor
UnregisterClassA
CreateWindowExW
RegisterClassExW
IsWindow
DialogBoxParamW
GetMonitorInfoW
GetCursorPos
EmptyClipboard
SetCursor
SetFocus
ReleaseDC
FillRect
GetWindowTextLengthW
GetWindow
DrawTextExW
CharNextW
IsDialogMessageW
PostMessageW
EnableWindow
MonitorFromWindow
CheckDlgButton
IsWindowEnabled
LoadIconW
CallWindowProcW
SetWindowLongW
BeginPaint
ClientToScreen
GetClassNameW
RegisterClipboardFormatW
CreateAcceleratorTableW
RedrawWindow
DispatchMessageW
IsClipboardFormatAvailable
SetDlgItemTextW
GetWindowRect
DialogBoxIndirectParamW
SendDlgItemMessageW
LoadStringA
MessageBoxW
DestroyWindow
GetActiveWindow
CreateDialogIndirectParamW
IsDlgButtonChecked
DestroyAcceleratorTable
DrawFocusRect
PeekMessageW
OpenClipboard
MapWindowPoints
ScreenToClient
LoadStringW
GetWindowLongW
GetWindowTextW
ShowWindow
IsCharAlphaNumericW
RegisterWindowMessageW
GetParent
TranslateMessage
LoadImageW
GetKeyState
InvalidateRect
SetWindowTextW
InvalidateRgn
GetDC
ReleaseCapture
LoadBitmapW
CreateDialogParamW
GetFocus
CharLowerBuffW
DefWindowProcW
GetDlgItem
LoadCursorW
LoadImageA
MonitorFromRect
RegisterClassExA
WaitMessage
SendDlgItemMessageA
GetSubMenu
GetMenuStringW
DialogBoxIndirectParamA
EnumWindows
DialogBoxParamA
TrackPopupMenuEx
SetWindowTextA
SetParent
PeekMessageA
ShowCursor

deskperf

DllGetClassObject

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 241KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dc9dcf67982bddd2a0c7604d732a3b2

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

crypt32

comctl32

shell32

oleaut32

ole32

user32

deskperf

Sections

.text Size: 25KB - Virtual size: 24KB

.data Size: 241KB - Virtual size: 1.1MB

.rdata Size: 7KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 9KB

.text
Size: 25KB - Virtual size: 24KB

.data
Size: 241KB - Virtual size: 1.1MB

.rdata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 9KB