7149b73c855206921c2bbca3fd2d067c

Sharing

Copy URL Twitter E-mail

General

Target

7149b73c855206921c2bbca3fd2d067c
Size

218KB
MD5

7149b73c855206921c2bbca3fd2d067c
SHA1

4176476bd48198ff16c6985d82dfdf9f22edbf1d
SHA256

9aa3e99177e7b1f4438a21115fa356aad1155b1dcf9ab40f226ab4a52fe835d4
SHA512

94b261a5b57ce0dd465006596c764b0e2517c445595a5473cc7ac795b55ee6f4e8e512f3c5778be282318671262febacc340eb27bf8384dfd808361ec9ba17d0
SSDEEP

6144:iheB6JUi1QICRC/HR4nsG/mFgZtIjQ84QKKsaMIxM:ibHCRUHSnYgklPJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7149b73c855206921c2bbca3fd2d067c

Files

7149b73c855206921c2bbca3fd2d067c
.exe windows:4 windows x86 arch:x86

ac8e30a25c309b00c67024bf48f3c47b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap
FindTextW
ReplaceTextA
ChooseFontA
PageSetupDlgA

user32

GetMenuStringA
SetUserObjectSecurity
DdeAbandonTransaction
DlgDirListA
DestroyMenu
InvalidateRgn
DefFrameProcA
CharNextA
DdeCreateStringHandleW
MoveWindow
GetMenu
GetUserObjectInformationW
GetUserObjectSecurity
CharToOemW
GetClassInfoW
GetIconInfo
ChangeMenuW
DdeCreateDataHandle
CloseDesktop
WinHelpW
RegisterClipboardFormatW
GetWindowDC
PackDDElParam
EnumDisplaySettingsExW
GetClipboardFormatNameA
EnumPropsExA
CreateWindowExW
ScrollWindowEx
GetAltTabInfo
SetSystemCursor
GetScrollRange
DrawEdge
SendIMEMessageExA
SetWindowsHookExA
GetMessagePos
GetDesktopWindow
DestroyIcon
CallWindowProcA
SystemParametersInfoW
ClipCursor
SetMessageExtraInfo
LoadIconW
SetProcessDefaultLayout
CharPrevA
MessageBeep
GetScrollBarInfo
OpenDesktopW
PostMessageW
TranslateAccelerator
DefWindowProcW
ChangeMenuA
DispatchMessageA
RegisterClassExW
GetKeyboardLayoutList
LockWindowUpdate
ReleaseCapture

wsock32

ord1105
gethostbyaddr
ord1103
inet_addr
__WSAFDIsSet
htonl
ntohs
listen
gethostname
htons
setsockopt
WSAUnhookBlockingHook
inet_ntoa
ord1104
ord1119
ord1116
recv
ord1108
WSAAsyncGetServByName
WSAAsyncSelect
WSASetBlockingHook
ord1102
getprotobynumber
ord1000
WSACancelAsyncRequest
getsockname
ord1110
WSACleanup
ord1111
getprotobyname
WSAAsyncGetServByPort
WEP
WSAAsyncGetHostByName
ntohl
send
WSAStartup
connect
WSACancelBlockingCall
WSAAsyncGetProtoByNumber
getsockopt
ord1101
sendto
ord1130
ord1115
ord1142
ord1117
shutdown
getservbyname
ord1100
ord1109
getservbyport
accept
socket
WSASetLastError
ord1140
ord1106

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
TlsGetValue
WriteConsoleInputA
LocalSize
FlushInstructionCache
OutputDebugStringW
CreateSemaphoreA
OpenMutexA
GetPrivateProfileStructW
LocalAlloc
GetPrivateProfileStructA
EnumSystemCodePagesA
GetThreadContext
GetUserDefaultLCID
BeginUpdateResourceA
GetCommandLineA
ResumeThread
OpenProcess
FindAtomA
ExpandEnvironmentStringsA
GetCurrentDirectoryA
SetConsoleMode
Heap32Next
lstrcat
DisconnectNamedPipe
GlobalUnWire
ResetWriteWatch
HeapDestroy
GetEnvironmentStrings
GetPriorityClass
ReadFileEx
FileTimeToSystemTime
CreateFileMappingW
GetLocaleInfoW
LoadResource
SetThreadPriority
SetEnvironmentVariableW
lstrcmpi
GetThreadPriority
WaitForDebugEvent
HeapCreate
DeleteAtom
EnumSystemCodePagesW
EnumDateFormatsExW
GlobalCompact
GetExitCodeThread
FlushConsoleInputBuffer
UnlockFileEx
GetDiskFreeSpaceExW
SetEvent
OpenFileMappingA
FindNextFileW
LockFile
CreateProcessA
InterlockedExchangeAdd
CompareStringA
FileTimeToDosDateTime
FormatMessageA
GetDiskFreeSpaceW
OpenMutexW
CreateSemaphoreW
ReadFileScatter
PeekConsoleInputW
ReadConsoleInputA
FormatMessageW
ExitThread
GetDriveTypeA
GetShortPathNameW
SetConsoleTitleW
CreatePipe
LocalCompact
UnhandledExceptionFilter
FillConsoleOutputAttribute
WriteFileGather
GetFileType
InterlockedCompareExchange
WritePrivateProfileSectionA
GetSystemTimeAdjustment
GetSystemDefaultLangID
SearchPathW
FindClose
VirtualQueryEx
GetProfileStringA
WriteProfileStringW
CreateMailslotA
IsDebuggerPresent
PulseEvent
WriteConsoleOutputAttribute
FindFirstFileA
LocalShrink
OpenWaitableTimerW
FreeResource
GetPrivateProfileSectionW
EnumResourceNamesA
GetConsoleScreenBufferInfo
ReadFile
GetCurrentThread
InitializeCriticalSectionAndSpinCount
FindNextFileA
FindCloseChangeNotification
GetEnvironmentStringsW
SearchPathA
GetStringTypeA
SetComputerNameW
GetEnvironmentStringsA
lstrcpyA
FindFirstChangeNotificationA
GetSystemInfo
ExpandEnvironmentStringsW
EnumResourceLanguagesA
WinExec
CompareFileTime
CreateDirectoryExA
LocalFree
SetEnvironmentVariableA
FindFirstFileExW
DisableThreadLibraryCalls
SetThreadIdealProcessor
EnumTimeFormatsW
GetProfileIntA
GlobalGetAtomNameW
SetConsoleActiveScreenBuffer
ContinueDebugEvent
GetConsoleMode
GetEnvironmentVariableW
FindFirstChangeNotificationW
GetProcessTimes
GetConsoleOutputCP
DeleteCriticalSection
HeapSize
GetSystemDirectoryA
HeapValidate
LeaveCriticalSection
WriteConsoleInputW
CreateFileA
lstrlen
VirtualProtect
EnterCriticalSection
CreateDirectoryW
TryEnterCriticalSection
GetProcessPriorityBoost
TransmitCommChar
GetDateFormatW
lstrcpyn

gdi32

CreateBitmapIndirect
OffsetWindowOrgEx
GetCharWidthW
PathToRegion
CreateHalftonePalette
WidenPath
StretchBlt
GdiPlayJournal
CreateICW
PolyBezierTo
RemoveFontResourceW
CreateFontIndirectW
ExcludeClipRect
ScaleViewportExtEx
GetLogColorSpaceW
EqualRgn
CreateICA
CreateScalableFontResourceW
ExtCreatePen
GetEnhMetaFileDescriptionW
EnumFontsA
SetWorldTransform
GetTextExtentExPointA
PolyPolyline
GetTextExtentPoint32W
GetEnhMetaFileW
GetTextMetricsA
SetDIBColorTable
SetBrushOrgEx
PtVisible
OffsetClipRgn
GetClipBox
CreateDIBSection
FrameRgn
GetBitmapBits
SetBoundsRect
LineDDA
PlayMetaFileRecord
SetMagicColors
SetPixel
CreateRoundRectRgn
CreateRectRgnIndirect
IntersectClipRect
GdiPlayScript
LineTo
CreateSolidBrush
PolyPolygon
GetFontData
UpdateColors
CombineTransform
GetColorAdjustment
GetObjectType
GetCharWidthFloatW
CreateBrushIndirect
SetPolyFillMode
GetPaletteEntries
EnumFontFamiliesA
PatBlt
CreateScalableFontResourceA
CreateColorSpaceW
SelectObject
GetDeviceCaps
GetTextExtentPointW
AddFontResourceW
SetBitmapDimensionEx
GdiGetBatchLimit
GetLayout
GetDIBits
GetObjectA
SetBkColor
AddFontResourceA
CombineRgn
CreateFontA
FlattenPath
SetColorAdjustment
GetClipRgn
GetWinMetaFileBits
EnumICMProfilesA
GetTextCharacterExtra
SetViewportExtEx
GetMapMode
Pie
SetWindowOrgEx
CancelDC
GetRegionData
CreateRectRgn
PaintRgn
GetCurrentObject
UnrealizeObject
GetTextFaceW
SetAbortProc
Escape
CreateColorSpaceA
RectVisible
SetROP2
Arc
GetCharABCWidthsFloatA
AnimatePalette
AbortDoc
SetPaletteEntries
BitBlt
gdiPlaySpoolStream
GdiFlush
UpdateICMRegKeyW

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac8e30a25c309b00c67024bf48f3c47b

Headers

File Characteristics

Imports

comdlg32

user32

wsock32

kernel32

gdi32

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 103KB - Virtual size: 103KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 103KB - Virtual size: 103KB