75a4e79f4ff74e9ea2fad9e84f55022a

Sharing

Copy URL Twitter E-mail

General

Target

75a4e79f4ff74e9ea2fad9e84f55022a
Size

853KB
MD5

75a4e79f4ff74e9ea2fad9e84f55022a
SHA1

39aef74b1d5c041cd6ecd7bfe61b4704a487d9e5
SHA256

88fdad2baf7521e4cda113e52637e693190bab8cbe12f70383d1f9ff83f5e145
SHA512

6a2bafa6fb86f6762afe44caf7ee3d8889ad29273b3145ee7b818f1c2ae89a6568fd2a8a6fb972795544e189474331ec9d1f1c5c64116146ecd3167ab8f2f837
SSDEEP

12288:rw52CUqLOsn2DFYKBdqqJ2hFvo41sttxirJktUXXJi9mhZAHZJIjOjYc:rw52JqLObKhFJabmhZUZJIqjY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75a4e79f4ff74e9ea2fad9e84f55022a

Files

75a4e79f4ff74e9ea2fad9e84f55022a
.exe windows:5 windows x86 arch:x86

08240eae985048da7f2ce82632ec348d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent
TlsGetValue
TerminateProcess
SetHandleCount
SizeofResource
GetConsoleOutputCP
FreeLibrary
GetEnvironmentStrings
LoadResource
HeapDestroy
InterlockedExchange
FlushInstructionCache
SetFilePointer
InterlockedIncrement
GetCommandLineA
EnterCriticalSection
TlsAlloc
TlsFree
GetThreadLocale
GlobalAlloc
HeapReAlloc
GetModuleHandleA
GetModuleHandleW
WriteFile
GetLocaleInfoA
CloseHandle
LoadLibraryExW
LoadLibraryA
CreateFileA
SetStdHandle
GetProcAddress
MultiByteToWideChar
GetStartupInfoA
HeapSize
GetCommandLineW
GetStringTypeW
GetVersionExA
GetStdHandle
InterlockedCompareExchange
GetACP
VirtualAlloc
FindResourceW
lstrlenW
GetTickCount
IsDebuggerPresent
LeaveCriticalSection
FreeEnvironmentStringsW
RtlUnwind
VirtualFree
ExitProcess
lstrcmpiW
FreeEnvironmentStringsA
GetStringTypeA
HeapCreate
GlobalHandle
HeapAlloc
SetConsoleCP
ExitThread
VirtualProtect
TlsSetValue
GetCurrentProcessId
LCMapStringW
GetEnvironmentStringsW
GetFileType
LCMapStringA
GetModuleFileNameW
InterlockedDecrement
GlobalUnlock
GlobalFree
GetConsoleCP
WriteConsoleA
GetCPInfo
QueryPerformanceCounter
UnhandledExceptionFilter
MulDiv
GlobalLock
WideCharToMultiByte
HeapFree
DeleteCriticalSection
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
RaiseException
LockResource
GetProcessHeap
FindResourceExW
GetConsoleMode
lstrcmpW
GetModuleFileNameA
WriteConsoleW
FlushFileBuffers
GetOEMCP
SetLastError
GetLastError
Sleep
GetCurrentThreadId
GetCurrentProcess
InitializeCriticalSection

user32

PeekMessageW
MapDialogRect
IsIconic
GetWindow
GetClientRect
GetWindowTextW
GetWindowTextLengthW
SetFocus
SetWindowTextW
GetSystemMetrics
RegisterClassExW
UnregisterClassA
DestroyWindow
GetClassInfoExW
RegisterWindowMessageW
GetClassNameW
SetWindowContextHelpId
FillRect
SendMessageTimeoutW
ScreenToClient
MapWindowPoints
LoadCursorW
GetSysColor
PostQuitMessage
GetParent
ClientToScreen
GetFocus
SetWindowLongW
FindWindowExW
InvalidateRgn
CallWindowProcW
IsChild
GetDesktopWindow
ShowWindow
GetWindowRect
ReleaseCapture
RedrawWindow
DestroyAcceleratorTable
DefWindowProcW
EndPaint
SystemParametersInfoW
GetWindowLongW
ReleaseDC
CreateDialogIndirectParamW
SetCapture
CreateAcceleratorTableW
GetForegroundWindow
MoveWindow
IsWindowVisible
CreateWindowExW
FindWindowW
BeginPaint
GetDC
SendMessageW
CharNextW
GetShellWindow
DispatchMessageW
SetWindowPos
InvalidateRect
GetDlgItem
TranslateMessage
GetMessageW
IsWindow

gdi32

EndPage
SelectObject
GetObjectW
StartPage
CreateDCW
DeleteObject
BitBlt
GetDeviceCaps
EndDoc
CreateSolidBrush
GetStockObject
CreateHalftonePalette
StartDocW
CreateCompatibleDC
DeleteDC
CreateCompatibleBitmap

advapi32

RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyExW

ole32

StringFromGUID2
CoTaskMemRealloc
OleInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
CoInitialize
CoGetClassObject
CoTaskMemAlloc
OleLockRunning

oleaut32

SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
SysStringByteLen
LoadRegTypeLi
VariantInit
OleCreateFontIndirect
VariantClear
VarUI4FromStr
LoadTypeLi

comctl32

InitCommonControlsEx

version

GetFileVersionInfoSizeA

gdiplus

GdipReleaseDC
GdipGetImageGraphicsContext
GdipFree
GdipDisposeImage
GdipGetImagePixelFormat
GdipGetImageWidth
GdipCloneImage
GdipCreateFromHDC2
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdipDrawImageRect
GdipSetPageUnit
GdipImageRotateFlip
GdipBitmapSetResolution
GdipAlloc
GdiplusShutdown
GdipGetDC
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipBitmapUnlockBits
GdiplusStartup

dnsapi

DnsValidateName_UTF8
DnsReplaceRecordSetA

oleacc

ObjectFromLresult

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.joke
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.poke
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s1
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s2
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s4
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s6
Size: - Virtual size: 186KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s3
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08240eae985048da7f2ce82632ec348d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

version

gdiplus

dnsapi

oleacc

Sections

.text Size: 482KB - Virtual size: 481KB

.joke Size: 9KB - Virtual size: 8KB

.poke Size: 7KB - Virtual size: 6KB

.s1 Size: 62KB - Virtual size: 61KB

.s2 Size: 220KB - Virtual size: 220KB

.s4 Size: 512B - Virtual size: 2B

.s6 Size: - Virtual size: 186KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 828B

.s3 Size: 57KB - Virtual size: 57KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 482KB - Virtual size: 481KB

.joke
Size: 9KB - Virtual size: 8KB

.poke
Size: 7KB - Virtual size: 6KB

.s1
Size: 62KB - Virtual size: 61KB

.s2
Size: 220KB - Virtual size: 220KB

.s4
Size: 512B - Virtual size: 2B

.s6
Size: - Virtual size: 186KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 828B

.s3
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB