74b7eac39e2dcb54ee1952b5eb2beacb

Sharing

Copy URL Twitter E-mail

General

Target

74b7eac39e2dcb54ee1952b5eb2beacb
Size

508KB
MD5

74b7eac39e2dcb54ee1952b5eb2beacb
SHA1

ce239b5e5fb0140dc83be3a936a7f55abda14154
SHA256

8b4742fcb28ec7a60e4af9d244b40cc2050219c6e5c070e4711b448a4bc9b9a6
SHA512

5fc382ada1dc67ca979f459e460fb4b3bff84c3a5b187e2cad38056a34a4b954fdeaf4cea48f13c676fca9d3ef0fd89e4ef2aa39f28dda31e052e5fe39fb94aa
SSDEEP

12288:odEnDMMnMMMMMfHUJM4N15ty85GSrWylGd1qiLS9RmQDvHzAzSx:odcDMMnMMMMMfHUJMq1O88UlGXqkKs4E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74b7eac39e2dcb54ee1952b5eb2beacb

Files

74b7eac39e2dcb54ee1952b5eb2beacb
.exe windows:4 windows x86 arch:x86

7514e6747de5c0c0a0973ae4ecb531af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rtutils

TraceDumpExA

gdi32

SetPixel
GetPaletteEntries
GetDeviceCaps
SetTextColor
SetBkColor
CreateCompatibleBitmap
DeleteObject
GetObjectW
DeleteDC
CreateCompatibleDC
StretchBlt
GetPixel
SetStretchBltMode
BitBlt
SelectObject
CreateDIBSection
CreateSolidBrush

kernel32

VirtualAlloc
GetSystemInfo
GetModuleHandleW
WriteFile
MultiByteToWideChar
GlobalHandle
GetSystemTime
GetCurrentThreadId
GetVersionExW
GlobalLock
GlobalSize
CreateThread
CreateEventW
InterlockedIncrement
GetTickCount
lstrlenW
GetFileSize
GetProcessHeap
RtlUnwind
WaitForMultipleObjectsEx
InterlockedDecrement
GetModuleFileNameW
GlobalAlloc
GetSystemTimeAsFileTime
GetModuleHandleExW
HeapDestroy
QueryPerformanceCounter
GetCurrentProcessId
InterlockedExchange
DeleteCriticalSection
InterlockedCompareExchange
EnterCriticalSection
GetVersion
HeapAlloc
lstrlenA
CompareStringW
GlobalUnlock
GetProcAddress
LeaveCriticalSection
GetTimeZoneInformation
UnhandledExceptionFilter
GlobalFree
lstrcmpiW
GetLocalTime
VirtualProtect
InitializeCriticalSection
CloseHandle
SetEvent
HeapReAlloc
SetFilePointer
FreeLibrary
HeapFree
WaitForSingleObjectEx
TerminateProcess
GetCurrentProcess
SystemTimeToFileTime
VirtualQuery
LoadLibraryW
CreateFileW
FreeLibraryAndExitThread
ReadFile
SetUnhandledExceptionFilter
GetLastError
Sleep
GlobalReAlloc
GetUserDefaultLCID
DisableThreadLibraryCalls

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey

ddraw

DirectDrawCreate

user32

ReleaseDC
LoadStringW
SetWindowLongW
PeekMessageW
PostMessageW
RegisterClassExW
MapWindowPoints
DefWindowProcW
CopyRect
CreateWindowExW
EqualRect
TranslateMessage
ReleaseCapture
IsCharAlphaW
MsgWaitForMultipleObjects
DestroyWindow
LoadImageW
GetDC
FillRect
GetSystemMetrics
IntersectRect
RegisterClassW
SetRect
CharUpperW
SystemParametersInfoW
DispatchMessageW
SetRectEmpty
IsCharAlphaNumericW
GetWindowLongW
KillTimer
SetTimer

ole32

CoGetInterfaceAndReleaseStream
CLSIDFromString
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
StringFromCLSID
CoMarshalInterThreadInterfaceInStream
OleRun
StringFromGUID2

ntdll

RtlAdjustPrivilege
NtQuerySystemEnvironmentValue
RtlAddAccessAllowedObjectAce
NtQuerySemaphore

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7514e6747de5c0c0a0973ae4ecb531af

Headers

File Characteristics

Imports

rtutils

gdi32

kernel32

advapi32

ddraw

user32

ole32

ntdll

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 19KB - Virtual size: 1.9MB

.rsrc Size: 28KB - Virtual size: 28KB

.rdata Size: 440KB - Virtual size: 439KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 19KB - Virtual size: 1.9MB

.rsrc
Size: 28KB - Virtual size: 28KB

.rdata
Size: 440KB - Virtual size: 439KB

.idata
Size: 4KB - Virtual size: 3KB