70dd11219d46c91b353031a6e9a31d42

Sharing

Copy URL Twitter E-mail

General

Target

70dd11219d46c91b353031a6e9a31d42
Size

564KB
MD5

70dd11219d46c91b353031a6e9a31d42
SHA1

ac0e9855be3e71a19d176e5bfff914c7d04971ec
SHA256

784af2a9e767fa578c4b10f694020be9a8def1bce54644b38b2d022ca4e29206
SHA512

543857b7965396f60e8f224ccddb90c881a3dc3ebcafa43a38b9c440376040d8570281683ab6b3a5af0b1fedb9c8d819afbe556b269b03ff6d72caa987e8c41a
SSDEEP

12288:Zvu0v6uJFi4mmi+p40LxvUasPcx3FcPIor+uxlwlMAbtS4+d63uaM9ir:5u0S2FRfix0LRUaskJMr+ElwlMaS4+dU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70dd11219d46c91b353031a6e9a31d42

Files

70dd11219d46c91b353031a6e9a31d42
.exe windows:4 windows x86 arch:x86

0f15852b744ef6cb76bd213d9d0a976c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetStartupInfoA
TerminateProcess
GetStdHandle
VirtualQuery
OpenMutexA
LocalSize
GetOEMCP
GetFullPathNameA
GetACP
TlsGetValue
IsBadWritePtr
GetLocaleInfoA
MultiByteToWideChar
GetCurrentThreadId
LeaveCriticalSection
DeleteCriticalSection
GetFileType
EnumSystemLocalesA
SetEnvironmentVariableA
VirtualProtect
GetCPInfo
LCMapStringW
GetTickCount
GetEnvironmentStrings
GetLastError
GetDateFormatA
GetCurrentProcess
GetTimeFormatA
InterlockedExchange
GetTimeZoneInformation
FlushFileBuffers
IsValidCodePage
UnhandledExceptionFilter
CreateFileW
RtlUnwind
GetProcAddress
WideCharToMultiByte
GetModuleHandleA
LCMapStringA
SetHandleCount
FreeEnvironmentStringsA
EnterCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
TlsSetValue
WritePrivateProfileStructA
SetFilePointer
InitializeCriticalSection
VirtualAlloc
ReadFile
HeapAlloc
HeapFree
WriteFile
GetStringTypeW
HeapSize
SetStdHandle
SetUnhandledExceptionFilter
SetFileTime
GetEnvironmentStringsW
HeapDestroy
ExitProcess
GetCommandLineA
CloseHandle
GetVersionExA
GetLocaleInfoW
GetModuleFileNameA
VirtualFree
GetUserDefaultLCID
SetLastError
CompareStringA
GetCurrentThread
GetStringTypeA
LoadLibraryA
DeleteAtom
IsValidLocale
HeapCreate
HeapReAlloc
CompareStringW
CreateMutexA
GetFileAttributesW
TlsAlloc
FreeEnvironmentStringsW
TlsFree
GetCurrentProcessId

comctl32

ImageList_SetBkColor
DestroyPropertySheetPage
ImageList_GetIcon
CreateToolbarEx
ImageList_Merge
CreateToolbar
CreatePropertySheetPageW
_TrackMouseEvent
InitCommonControlsEx
CreatePropertySheetPage
ImageList_GetBkColor
ImageList_Write
ImageList_GetImageRect
DrawStatusTextW
ImageList_AddIcon
ImageList_Add
ImageList_DragShowNolock
ImageList_Create

comdlg32

ReplaceTextW
PrintDlgW
LoadAlterBitmap
PrintDlgA

user32

BringWindowToTop
GrayStringW
AnyPopup
GetClipboardViewer
GetWindowWord
GetCapture
MapDialogRect
SetCaretBlinkTime
DragObject
DefWindowProcW
SendNotifyMessageA
LoadMenuIndirectA
CreateWindowExW
EnumDisplayDevicesA
ToUnicode
ShowWindow
CharNextA
RegisterClassA
RegisterClipboardFormatW
GetSysColorBrush
SetMessageExtraInfo
GetScrollPos
GetMenuItemInfoA
CharLowerA
DdeNameService
IsCharAlphaNumericA
RegisterWindowMessageW
IsWindow
SendIMEMessageExA
GetComboBoxInfo
LoadIconA
RealChildWindowFromPoint
RedrawWindow
GetFocus
SetCaretPos
OemToCharBuffW
GetWindowContextHelpId
LoadKeyboardLayoutA
IsCharLowerW
IsDialogMessageW
DestroyWindow
RemoveMenu
CascadeWindows
MessageBoxW
TrackPopupMenuEx
GetDlgItemInt
RegisterClassExA
GetClientRect

gdi32

PolyPolygon
EqualRgn
GetWinMetaFileBits
GetObjectW
Polyline
CreateDiscardableBitmap
GdiPlayJournal
SetBitmapDimensionEx
CreateCompatibleBitmap
CreateHalftonePalette
GetPixelFormat

shell32

SHAddToRecentDocs
DragQueryFileW
ShellAboutW
SHGetSpecialFolderPathA
ExtractIconW

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f15852b744ef6cb76bd213d9d0a976c

Headers

File Characteristics

Imports

kernel32

comctl32

comdlg32

user32

gdi32

shell32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 248KB - Virtual size: 244KB

.data Size: 116KB - Virtual size: 126KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 248KB - Virtual size: 244KB

.data
Size: 116KB - Virtual size: 126KB

.rsrc
Size: 32KB - Virtual size: 31KB