71bf37e9aee3d62fbb28ed14ea8bfcb8

Sharing

Copy URL

Twitter E-mail

General

Target

71bf37e9aee3d62fbb28ed14ea8bfcb8
Size

178KB
MD5

71bf37e9aee3d62fbb28ed14ea8bfcb8
SHA1

d8c4c0ba592deea7bebb3ca25b4eb7706d827de5
SHA256

bdcb607556cfa1fd092b52e006a7d1d53a9290b7bbab8b2f78f030f86b19c954
SHA512

28fd9ba2e46b1b0fd119d3e3423f0908996158efd6417d951df425768e7f6fa1302c8ddcf24ad9e1b5ccd5aeb09e998bd9e53bf96462716047c0dec2a8e4b370
SSDEEP

3072:8N5lZKCW19bSDG6ISysEbNybX7ZnQgtJMDpMvmHguiXauqLh/cyx+0QD4538/XBP:8/lZK4KLsCeVadMOHpEaHWy3tyBCW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71bf37e9aee3d62fbb28ed14ea8bfcb8

Files

71bf37e9aee3d62fbb28ed14ea8bfcb8
.exe windows:4 windows x86 arch:x86

58d716c0b1a475955ddba2336c241ae4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateThread
DeleteFileW
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FileTimeToLocalFileTime
FindFirstFileA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetConsoleMode
GetCurrentThread
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileTime
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeW
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetVersionExA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalFindAtomA
GlobalFree
IsValidCodePage
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileA
MulDiv
QueryPerformanceCounter
RaiseException
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesW
SetStdHandle
SetThreadLocale
TlsAlloc
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

user32

CheckMenuItem
CloseClipboard
CreatePopupMenu
DestroyIcon
DrawFrameControl
DrawIconEx
DrawTextA
EndPaint
EnumWindows
FrameRect
GetClassNameA
GetDC
GetForegroundWindow
GetMenuItemCount
GetMenuState
GetMessageA
GetMessagePos
GetScrollInfo
GetScrollRange
GetSubMenu
GetSysColorBrush
GetTopWindow
InflateRect
InsertMenuItemA
IntersectRect
IsRectEmpty
IsWindowEnabled
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
SetCapture
SetRect
SetScrollInfo
SetWindowPlacement
ShowOwnedPopups
UnregisterClassA
WinHelpA

gdi32

Chord
CloseEnhMetaFile
CopyEnhMetaFileA
CreateFontW
CreatePenIndirect
Ellipse
ExtCreateRegion
ExtEscape
FillPath
GdiFlush
GetBitmapBits
GetDCOrgEx
GetDeviceCaps
GetEnhMetaFileDescriptionA
GetEnhMetaFilePaletteEntries
GetNearestColor
GetNearestPaletteIndex
GetOutlineTextMetricsA
GetStockObject
GetStretchBltMode
GetTextExtentPoint32A
GetTextExtentPointA
GetViewportExtEx
IntersectClipRect
LineTo
PlayMetaFile
Polygon
RemoveFontResourceA
SaveDC
SetAbortProc
SetColorAdjustment
SetDIBColorTable
SetGraphicsMode
SetPolyFillMode
SetRectRgn
SetTextColor
SetWorldTransform

shell32

CommandLineToArgvW
DragAcceptFiles
DragQueryFileA
DragQueryFileW
DragQueryPoint
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHGetDiskFreeSpaceExW
SHGetFileInfoW
SHGetFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteEx
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconA
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
CreateStatusWindowA
CreateToolbarEx
ImageList_DragEnter
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetOverlayImage
ImageList_Write
InitializeFlatSB
PropertySheetA
PropertySheetW

advapi32

AddAccessAllowedAce
ControlService
CryptCreateHash
CryptHashData
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExW
SetSecurityDescriptorDacl

ole32

CLSIDFromString
CoCreateGuid
CoGetClassObject
CoInitializeEx
CoRegisterMessageFilter
CoReleaseMarshalData
CoRevokeClassObject
CreateStreamOnHGlobal
IIDFromString
IsAccelerator
OleGetClipboard
OleIsCurrentClipboard
OleSetClipboard
OleSetMenuDescriptor
ProgIDFromCLSID
RegisterDragDrop
StgOpenStorageOnILockBytes
StringFromGUID2
StringFromIID

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58d716c0b1a475955ddba2336c241ae4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 26KB - Virtual size: 28KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 26KB - Virtual size: 28KB