71855369ec587520e8f1388afea34509

Sharing

Copy URL Twitter E-mail

General

Target

71855369ec587520e8f1388afea34509
Size

508KB
MD5

71855369ec587520e8f1388afea34509
SHA1

0ded50239dfcbc27128bd676b17e8e9a1f59c84b
SHA256

98c7208bca64ee948ccdf82c6b304cf9606a66c3823d3aadd2383f3420570b64
SHA512

ef9df728a7cdc934d5f786fc523779c2e8deb26c469b8e5640ef1fd1bdafa429a73ac9d424345b0f7ba17d533aaa4ce15824cf6b1ef7cd2f6715bf50dc9ff2cb
SSDEEP

12288:fQSNuYaCAFfusUyCQxFwXjjnFu1Cu/qDyTns:HZAFfvCQHyjjnFu114yzs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71855369ec587520e8f1388afea34509

Files

71855369ec587520e8f1388afea34509
.exe windows:4 windows x86 arch:x86

dac64b3e255f05d2c1af9589e02a4057

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

MakeDragList
ImageList_Read
ImageList_LoadImage
CreateToolbarEx
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_BeginDrag
CreatePropertySheetPageA
ImageList_SetBkColor
InitCommonControlsEx
DestroyPropertySheetPage
CreateToolbar
ImageList_SetFilter
DrawStatusTextW
DrawStatusText
ImageList_SetFlags
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_Create
ImageList_Copy
ImageList_GetImageRect
CreateUpDownControl
ImageList_Remove
ImageList_Add
CreatePropertySheetPageW

shell32

SHBrowseForFolderA

gdi32

GetOutlineTextMetricsA
SetColorSpace
RealizePalette
CreatePen
GetTextExtentPointA
CreateDCW
EnumICMProfilesW
ExcludeClipRect
GetDeviceCaps
CreateEnhMetaFileA
DeleteDC
InvertRgn
GetTextAlign
GetDCOrgEx
EnumEnhMetaFile
ColorMatchToTarget
GetCharABCWidthsFloatW
AddFontResourceW
RectVisible
UpdateColors

comdlg32

ChooseColorA
PrintDlgA
ChooseColorW

user32

ChangeDisplaySettingsA
GrayStringW
SetUserObjectSecurity
MessageBoxA
FindWindowW
CreateWindowExA
DdeInitializeA
GetSysColor
SwitchDesktop
GetClassLongA
IsCharAlphaA
DdeQueryConvInfo
MsgWaitForMultipleObjects
ShowWindow
ModifyMenuA
DialogBoxParamW
DdeGetData
SetWindowLongA
GetClipboardViewer
RegisterClassExA
DlgDirListA
OemToCharBuffW
CreateWindowStationW
GetUpdateRgn
CharPrevExA
CharUpperW
SetThreadDesktop
DefFrameProcW
RegisterClassA

advapi32

AbortSystemShutdownA
RegSaveKeyA
RegEnumKeyExA
CryptReleaseContext
CryptAcquireContextA
LookupPrivilegeDisplayNameA
CryptDecrypt
CryptHashData
CryptGenRandom
StartServiceW
InitiateSystemShutdownA
RegLoadKeyW
LogonUserA
RegOpenKeyExW
RegOpenKeyExA
DuplicateToken
CryptEncrypt
RegEnumValueW
RegCreateKeyW
RegFlushKey
CryptEnumProviderTypesW
AbortSystemShutdownW
CryptGetKeyParam

kernel32

GetConsoleMode
EnterCriticalSection
SetLastError
HeapSize
VirtualAlloc
UnmapViewOfFile
GetCommandLineW
LocalFileTimeToFileTime
DeleteCriticalSection
ReadConsoleOutputW
SetFilePointer
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
FindFirstFileExW
GetLocaleInfoA
FreeLibrary
WriteConsoleW
TlsFree
InterlockedDecrement
HeapFree
GetACP
GetCurrentDirectoryA
InterlockedIncrement
WriteFile
GetStdHandle
VirtualFree
LCMapStringW
TlsGetValue
GetCommandLineA
InterlockedExchange
LocalReAlloc
HeapCreate
FillConsoleOutputCharacterA
GetModuleHandleA
GetUserDefaultLCID
SetUnhandledExceptionFilter
GetTickCount
IsDebuggerPresent
GetThreadSelectorEntry
VirtualQuery
GetFileType
InitializeCriticalSectionAndSpinCount
ReadFile
TlsSetValue
GetConsoleOutputCP
GetProcAddress
GetStartupInfoW
ExitProcess
WriteConsoleA
SetStdHandle
HeapReAlloc
GetModuleFileNameW
GetTimeFormatA
LCMapStringA
LoadLibraryA
CompareStringW
UnhandledExceptionFilter
GetCPInfo
GetCurrentThreadId
GetStringTypeA
lstrcatA
CompareStringA
IsValidCodePage
GetCurrentProcessId
CreateMutexA
GetPrivateProfileIntA
TlsAlloc
LeaveCriticalSection
CloseHandle
OpenMutexA
RtlUnwind
MultiByteToWideChar
SetHandleCount
GetComputerNameA
GetDateFormatA
CreateSemaphoreA
FillConsoleOutputAttribute
GetConsoleCP
GetLastError
EnumSystemLocalesA
GetCurrentProcess
CreateFileA
HeapDestroy
Sleep
GetEnvironmentStringsW
GetCurrentThread
GetTimeZoneInformation
OpenWaitableTimerW
IsValidLocale
FreeEnvironmentStringsW
SetEnvironmentVariableA
FillConsoleOutputCharacterW
GetStartupInfoA
GetModuleFileNameA
GetPrivateProfileIntW
GetLocaleInfoW
HeapAlloc
WideCharToMultiByte
SetPriorityClass
GetNamedPipeHandleStateA
SetConsoleCtrlHandler
GetModuleHandleW
FlushFileBuffers
GetStringTypeW
CreateWaitableTimerW
GetOEMCP

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dac64b3e255f05d2c1af9589e02a4057

Headers

File Characteristics

Imports

comctl32

shell32

gdi32

comdlg32

user32

advapi32

kernel32

Sections

.text Size: 312KB - Virtual size: 312KB

.rdata Size: 69KB - Virtual size: 76KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 312KB - Virtual size: 312KB

.rdata
Size: 69KB - Virtual size: 76KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 10KB - Virtual size: 10KB