75223dcf04ed991c3c6285b3a8fcfeb9

Sharing

Copy URL

Twitter E-mail

General

Target

75223dcf04ed991c3c6285b3a8fcfeb9
Size

143KB
MD5

75223dcf04ed991c3c6285b3a8fcfeb9
SHA1

3e829e04b2b5e0dec8deb30b03de94771894a09d
SHA256

3be80cfa604086072f7763041a1324bce517f90d67d401c81a8297ed60699f99
SHA512

79263f738fb2e2b0d293d8a6ea53f381afaade88688b21144239bb0be6730c632089b11d8b87c6a813bff5cf53e67537b7723bc9df7d30848315903a81e5a1c0
SSDEEP

3072:XJqmWJGq7dW9p6ra8cWaBCFW4fFFrdEMPXgbnVfAW3hpSt:smmdUv8cWaBCFW4tZ+kXgbnGKpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

75223dcf04ed991c3c6285b3a8fcfeb9

resource
75223dcf04ed991c3c6285b3a8fcfeb9

Files

75223dcf04ed991c3c6285b3a8fcfeb9
.exe windows:5 windows x86 arch:x86

84b192ee50afca36350fa9bbdf969032

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
GetCaretPos
MsgWaitForMultipleObjects
LoadCursorA
CreateIconIndirect
SetClassLongA
PtInRect
GetDoubleClickTime
GetMenuStringW
SetDlgItemTextA
GetKeyboardType
UnregisterClassA
GetCapture
CharLowerBuffW
GetScrollRange
GetClipboardFormatNameA
GetWindowLongA
CharUpperW
TrackPopupMenu
ToAscii
ScrollWindowEx
PostQuitMessage
SetRectEmpty
EnableMenuItem
AdjustWindowRectEx
GetMenuItemInfoA
ShowCaret
GetParent
OpenClipboard
MapWindowPoints
IsWindowEnabled
EnumClipboardFormats
GetKeyboardLayout
GetSystemMetrics
DeleteMenu

kernel32

GetProfileStringA
GlobalUnlock
LoadLibraryW
GetModuleFileNameA
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
GlobalSize
CloseHandle
WaitForMultipleObjects
lstrcpynA
CreateFileMappingA
GetTimeZoneInformation
VirtualQuery
SleepEx
UnmapViewOfFile
GetCommandLineA
GetComputerNameExA
CreateProcessA
LocalFree
MoveFileA
CreateFileMappingA
TerminateProcess
GetSystemTime
LocalAlloc
MapViewOfFileEx
LockResource
ResetEvent
lstrlenW
lstrlenA
GetModuleHandleA
ReadFile
SetThreadAffinityMask
GetThreadLocale

gdi32

GetStockObject
StartPage
GetEnhMetaFileBits
SetTextCharacterExtra
CreateBitmap
SetBkMode
GetBrushOrgEx
EnumFontsA
GetTextExtentPoint32A
CombineRgn
GetBkColor
Polygon
EndDoc
GetSystemPaletteEntries
SetAbortProc
GetTextMetricsA
GetDCOrgEx
CreateRectRgnIndirect
GetNearestColor
GetTextExtentPointA
SetViewportExtEx
CreateICA
GetTextColor

kbdhsscp

_LInf
_Denorm
_Dtest
_Getctype
_Getcvt
_Wcrtomb
_FEps
_Eps
_LSnan
_Hugeval

wininet

InternetReadFile
InternetErrorDlg
InternetAttemptConnect
InternetCrackUrlA
InternetWriteFile

ole32

DoDragDrop
OleUninitialize
StringFromCLSID
CoDisconnectObject
CoGetClassObject

advapi32

RegQueryInfoKeyA
SetSecurityDescriptorDacl

oleaut32

SafeArrayGetLBound
SafeArrayPutElement
SafeArrayAccessData
CreateErrorInfo
SafeArrayUnaccessData

comctl32

ImageList_Remove
ImageList_SetBkColor

imm32

ImmGetVirtualKey
ImmSetCompositionWindow

shell32

DragFinish

Sections

.text
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84b192ee50afca36350fa9bbdf969032

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

kbdhsscp

wininet

ole32

advapi32

oleaut32

comctl32

imm32

shell32

Sections

.text Size: 135KB - Virtual size: 136KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 135KB - Virtual size: 136KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB