72bb2fdff205f78daf0577f370c356a6

Sharing

Copy URL

Twitter E-mail

General

Target

72bb2fdff205f78daf0577f370c356a6
Size

548KB
MD5

72bb2fdff205f78daf0577f370c356a6
SHA1

93eb938bc04814c8b9f714b81baa41dd370eb7ac
SHA256

18049f675f05f1556c40cbfd8c37abeb50b3635ba0f4167b18634d666fbd1184
SHA512

826236d7ad645fbdd46fe67559a9e71afc9d93c17fc79f327ba783adad9c4ecb9dcffee579facf7bef7022238b7bed43e50e4c64648358d4f0ca2d5389d6cbab
SSDEEP

12288:WT/AwMrMOtln9Eh/94vBgWT1k+kDQex0GMEGdLLju9aF5:WjAw0M4lnC/SaW2+2x0fEAL3ua

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72bb2fdff205f78daf0577f370c356a6

Files

72bb2fdff205f78daf0577f370c356a6
.exe windows:4 windows x86 arch:x86

cb952a87a435d0e4d253c7fb7a7bc4cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectW
DeleteDC
DeleteColorSpace
PlgBlt
GetEnhMetaFileDescriptionA
SetBitmapDimensionEx
EqualRgn
ColorMatchToTarget
DeleteEnhMetaFile
TextOutW
GetBitmapBits
GetDeviceCaps
PolyTextOutW
GetGlyphOutline
ResetDCW
CreateRectRgn
AngleArc
SetStretchBltMode
CreateDCA
SetRectRgn

shell32

ShellExecuteExA

wininet

InternetCreateUrlA
UnlockUrlCacheEntryFileW

advapi32

CryptImportKey
InitializeSecurityDescriptor
StartServiceA
CryptSetProvParam
RegSetValueA
CryptGenRandom
RegQueryMultipleValuesA
LookupAccountSidW
RegQueryValueW
CryptGetDefaultProviderA
RegDeleteKeyA

user32

GetMenu
GetMenuInfo
RegisterClassA
CloseWindow
ToUnicode
EmptyClipboard
ActivateKeyboardLayout
PostQuitMessage
DefWindowProcW
DdeAccessData
RegisterDeviceNotificationA
CharUpperA
GetScrollRange
ShowWindow
KillTimer
GetWindowThreadProcessId
RegisterClassExA
CreateWindowExA
CharNextW
GetClassInfoExW
DestroyWindow
OpenDesktopW
BeginPaint
GetQueueStatus
DestroyCaret
CheckMenuItem
OpenIcon
DdeGetLastError
SetUserObjectInformationA
DrawMenuBar
CopyImage
GetCaretPos
ToUnicodeEx
DragDetect
FindWindowExW
LoadBitmapA
EnumDisplaySettingsExW
MessageBoxA
WaitMessage
GetSubMenu
ReleaseDC
GetAltTabInfo
DialogBoxIndirectParamW
GetClipboardFormatNameW
DdeUninitialize
InvalidateRgn
WINNLSGetIMEHotkey
GetWindowDC
GetKeyboardType
SendNotifyMessageA
InsertMenuW
ChangeDisplaySettingsA
SendMessageA

kernel32

GetProcessHeap
GetCommandLineW
SetFilePointer
SetStdHandle
FreeLibrary
GetTimeZoneInformation
SetHandleCount
GetConsoleMode
GetStringTypeA
ExitProcess
lstrlenA
GetCurrentDirectoryW
GetModuleFileNameA
WriteFile
GetCurrentProcess
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
HeapFree
VirtualFree
WideCharToMultiByte
ReadFile
TlsFree
GetConsoleOutputCP
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetThreadPriorityBoost
HeapSize
GetEnvironmentStrings
CompareStringA
HeapAlloc
FreeEnvironmentStringsA
GetPrivateProfileSectionA
GetStartupInfoW
GetProcAddress
TlsSetValue
GetModuleFileNameW
HeapReAlloc
EnterCriticalSection
GetLocaleInfoA
GetDateFormatA
LCMapStringA
LCMapStringW
CloseHandle
CreateFileA
RtlUnwind
SetEnvironmentVariableA
GetConsoleTitleA
GetUserDefaultLCID
CreateMutexA
GetCPInfo
GetOEMCP
GetCurrentThreadId
OpenMutexA
GetLocaleInfoW
HeapDestroy
Sleep
VirtualQuery
GetCommandLineA
MultiByteToWideChar
HeapCreate
OpenEventA
DeleteCriticalSection
GetSystemTime
VirtualAlloc
InterlockedDecrement
InitializeCriticalSection
TlsGetValue
GetACP
UnhandledExceptionFilter
GetFileType
SetLastError
WriteConsoleA
WaitNamedPipeW
GetStdHandle
InterlockedIncrement
GetStringTypeW
GetVersionExA
GetStartupInfoA
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
IsValidLocale
CreateSemaphoreA
CreateWaitableTimerW
lstrcpyn
IsDebuggerPresent
FreeEnvironmentStringsW
GetTimeFormatA
QueryPerformanceCounter
GetConsoleCP
WriteConsoleW
TlsAlloc
GetTickCount
CompareStringW
GetCurrentProcessId
GetLastError
FlushFileBuffers
GetCurrentThread
EnumSystemLocalesA
GetModuleHandleA
TerminateProcess
IsValidCodePage

comctl32

ImageList_GetBkColor
ImageList_Copy
_TrackMouseEvent
CreateStatusWindowA
ImageList_GetIconSize
CreateToolbar
InitCommonControlsEx
DrawInsert
DestroyPropertySheetPage
CreatePropertySheetPage
MakeDragList
ImageList_Remove
ImageList_Duplicate
ImageList_SetDragCursorImage
ImageList_SetIconSize
CreateToolbarEx
CreateStatusWindowW
CreateStatusWindow
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_GetImageRect
DrawStatusTextW
ImageList_DragEnter
ImageList_SetBkColor
ImageList_Add
DrawStatusTextA

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb952a87a435d0e4d253c7fb7a7bc4cb

Headers

File Characteristics

Imports

gdi32

shell32

wininet

advapi32

user32

kernel32

comctl32

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 261KB - Virtual size: 261KB

.data Size: 107KB - Virtual size: 126KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 261KB - Virtual size: 261KB

.data
Size: 107KB - Virtual size: 126KB

.rsrc
Size: 13KB - Virtual size: 12KB