72f46413e0adcd79ee6391b7618147d0

Sharing

Copy URL Twitter E-mail

General

Target

72f46413e0adcd79ee6391b7618147d0
Size

338KB
MD5

72f46413e0adcd79ee6391b7618147d0
SHA1

78a12fc661ac6618366962b05f52df0df9fdbb27
SHA256

75446d3a08c49c7be689fc7b62b34ce6882cb9c727d9cbfff720619db301ca33
SHA512

a4e3b456d91e9eb12c15be5356167ed27f2573f3f333a0183656a6e11a1cf5cfa4a8ec59a4a933e97124d82e6a30c607888f4ac9c807da77707e231acf45e73b
SSDEEP

6144:oV4c/HrF3p3oBWgXF2nuraRorr8HfES47/GC5AooYPwClIe620Mr:Q4c/HrF3p342JHfELyynw5eD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f46413e0adcd79ee6391b7618147d0

Files

72f46413e0adcd79ee6391b7618147d0
.exe windows:4 windows x86 arch:x86

225165358ca66c711e2c713f9fc20fd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htons
bind
inet_addr
listen
shutdown
WSAStartup
WSACleanup
gethostbyname
ioctlsocket
getprotobyname
connect
WSASetBlockingHook
socket
select
send
ntohs
WSAGetLastError
closesocket
getsockname
setsockopt
WSACancelBlockingCall
accept
recv
WSASetLastError
WSAIsBlocking

winmm

sndPlaySoundA

kernel32

lstrcpyA
SetFilePointer
CloseHandle
Sleep
GetFileSize
GetPrivateProfileStringA
CreateFileA
lstrcatA
lstrlenA
GlobalFree
GetPrivateProfileIntA
GlobalUnlock
GlobalLock
GlobalAlloc
LocalUnlock
LocalLock
WinExec
GetProfileStringA
GetWindowsDirectoryA
WriteProfileStringA
CopyFileA
lstrcmpA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
_lclose
GetTickCount
_lread
_lopen
LocalAlloc
WritePrivateProfileStringA
LocalFileTimeToFileTime
SystemTimeToFileTime
FlushFileBuffers
WaitForSingleObject
CreateProcessA
FindClose
FindNextFileA
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
InitializeCriticalSection
GetVersion
DeleteCriticalSection
TerminateThread
GetTempPathA
GetVolumeInformationA
MulDiv
HeapFree
GetProcessHeap
HeapAlloc
LockResource
FreeResource
LoadResource
FindResourceA
GetDiskFreeSpaceA
GlobalMemoryStatus
GetSystemInfo
GetLastError
GetTempFileNameA
LocalFree
CreateThread
GetStdHandle
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
ReadFile
SetEndOfFile
LoadLibraryA
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
HeapReAlloc
RemoveDirectoryA
DeleteFileA
GetFileAttributesA
SetFileTime
WriteFile
SetLastError
TlsAlloc
GetCurrentThreadId
GetProcAddress
GetStringTypeW
GetStringTypeA
HeapCreate
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitThread
TlsSetValue
ResumeThread
SetHandleCount
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
SetEnvironmentVariableA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
MoveFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
TlsGetValue
SetStdHandle
GetFileType

user32

TranslateAcceleratorA
IsDialogMessageA
MessageBeep
GetMessageA
IsZoomed
LoadAcceleratorsA
GetDialogBaseUnits
PostQuitMessage
IsIconic
RegisterClassA
LoadIconA
DispatchMessageA
TranslateMessage
GetClassInfoA
GetDesktopWindow
EnableMenuItem
ValidateRect
RedrawWindow
LoadCursorA
LoadStringA
IsWindowVisible
IsWindowEnabled
GetKeyState
DestroyMenu
UnregisterClassA
BeginPaint
GetParent
CreatePopupMenu
SetForegroundWindow
GetWindowTextA
SendDlgItemMessageA
GetDlgItemTextA
GetDC
ReleaseDC
SetTimer
WinHelpA
MessageBoxA
KillTimer
DialogBoxParamA
SetDlgItemTextA
ShowWindow
GetDlgItem
SetFocus
PostMessageA
EndDialog
wsprintfA
GetSystemMenu
AppendMenuA
SetWindowTextA
SendMessageA
EnableWindow
EndPaint
GetActiveWindow
CreateDialogParamA
SetActiveWindow
DrawTextA
TrackPopupMenu
DeleteMenu
CreateWindowExA
BringWindowToTop
SetWindowLongA
DestroyWindow
InvalidateRect
LoadBitmapA
GetSysColor
TabbedTextOutA
GetCursor
WindowFromPoint
IsWindow
GetAsyncKeyState
GetCursorPos
ScreenToClient
MoveWindow
UpdateWindow
SetDlgItemInt
CheckDlgButton
CheckRadioButton
GetDlgItemInt
IsDlgButtonChecked
PeekMessageA
SetCursor
ReleaseCapture
SetCapture
GetWindowRect
GetWindowDC
InvertRect
DefWindowProcA
DestroyCursor
CallWindowProcA
ClientToScreen
GetClientRect
GetWindowLongA

gdi32

GetTextExtentPoint32A
SetBkColor
SetTextColor
DeleteObject
SelectObject
Rectangle
CreateSolidBrush
CreatePen
GetTextMetricsA
SetBkMode
GetStockObject
DeleteDC
BitBlt
ExtFloodFill
GetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
CreateFontIndirectA
GetDeviceCaps
EndDoc
EndPage
TextOutA
StartPage
StartDocA
SetAbortProc
StretchDIBits
RealizePalette
SelectPalette
SetTextAlign
LineTo
MoveToEx

comdlg32

PrintDlgA
ChooseFontA
GetOpenFileNameA

shell32

DragQueryFileA
DragFinish
ShellExecuteA
DragAcceptFiles
DragQueryPoint

Exports

Exports

FillProc
ListProc
SizeProc
StatusWndProc
TabProc
WS_AssociateMsgProc
WS_HostMsgProc
WS_InputMsgProc
WS_OptionsMsgProc
WndProc

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

XOR
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yvs
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

225165358ca66c711e2c713f9fc20fd6

Headers

File Characteristics

Imports

wsock32

winmm

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 25KB - Virtual size: 56KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 74KB - Virtual size: 73KB

.reloc Size: 18KB - Virtual size: 18KB

XOR Size: - Virtual size: 2KB

.yvs Size: 25KB - Virtual size: 28KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 25KB - Virtual size: 56KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 74KB - Virtual size: 73KB

.reloc
Size: 18KB - Virtual size: 18KB

XOR
Size: - Virtual size: 2KB

.yvs
Size: 25KB - Virtual size: 28KB