752703bf086ef09b99623ea8c09b81fb

Sharing

Copy URL Twitter E-mail

General

Target

752703bf086ef09b99623ea8c09b81fb
Size

648KB
MD5

752703bf086ef09b99623ea8c09b81fb
SHA1

9b14846fd14084fdf98375a3b11977fcc9e4e803
SHA256

f9ed0f20fe741b6852c8d431f66348b6cc356626a02f8481b211b72ecbd304bd
SHA512

a95b5429db95f28e9d894b473190025d3edef59cf6414f69207d8b736acd00e3585c444105ee7966735f5bcc21ea2740fca2ee75acd60807728a35af7a09c229
SSDEEP

12288:xz/YouDjiiLhOuAj1DqHZZTUeZitwNJKp8G8e9sqqXOx+o+DX:xz/YouDuwyW5ZxZi0ijp9sM1CX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
752703bf086ef09b99623ea8c09b81fb

Files

752703bf086ef09b99623ea8c09b81fb
.exe windows:4 windows x86 arch:x86

7335917b8f12a07fe342f4aa7ae94c79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefDlgProcW
GetPriorityClipboardFormat
LoadAcceleratorsW
SystemParametersInfoA
CreateDesktopW
FlashWindowEx
EnumThreadWindows
GetAsyncKeyState
CopyImage
ShowWindow
SetScrollInfo
RegisterClassExA
LoadCursorA
DestroyWindow
MsgWaitForMultipleObjectsEx
CreateWindowExW
RegisterClassA
GetTopWindow
DlgDirListA
WINNLSGetEnableStatus
DrawTextExA
EnumDisplaySettingsW
MessageBoxW
MonitorFromWindow
IsCharUpperW
IsDialogMessage
DispatchMessageA
DefWindowProcA

comdlg32

PageSetupDlgA
GetFileTitleW

comctl32

ImageList_LoadImage
InitCommonControlsEx
ImageList_DragShowNolock
DrawInsert
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_DrawIndirect

kernel32

GetStringTypeA
GetMailslotInfo
HeapReAlloc
GetStdHandle
ResumeThread
HeapDestroy
WriteFile
CompareStringA
GetTickCount
GetTimeFormatA
GetCurrentThread
OpenEventW
WideCharToMultiByte
WriteConsoleW
GetLocaleInfoW
GetLastError
GetOEMCP
CreateDirectoryW
TlsSetValue
GetTimeZoneInformation
ReleaseMutex
GetProcAddress
LeaveCriticalSection
GetUserDefaultLCID
GetCommandLineW
VirtualQuery
TerminateProcess
GetEnvironmentVariableA
EnumDateFormatsExA
CloseHandle
SetLocaleInfoW
GetFileType
SetUnhandledExceptionFilter
GetCommandLineA
WriteConsoleA
InitializeCriticalSection
FileTimeToSystemTime
FlushFileBuffers
HeapFree
QueryPerformanceCounter
LCMapStringW
InterlockedExchange
GetLocaleInfoA
IsDebuggerPresent
GetLogicalDriveStringsW
EnumSystemLocalesA
HeapValidate
SetStdHandle
MapViewOfFileEx
GetPrivateProfileStructW
GetCurrentProcess
GetModuleHandleA
SetConsoleCtrlHandler
MapViewOfFile
InterlockedIncrement
HeapSize
lstrcatA
OpenMutexA
lstrcpyW
ExitProcess
IsValidCodePage
GetEnvironmentStringsW
UnhandledExceptionFilter
GetPrivateProfileSectionNamesA
GetLogicalDriveStringsA
EnumTimeFormatsW
FreeEnvironmentStringsW
GetNamedPipeHandleStateA
SetEnvironmentVariableW
ExpandEnvironmentStringsW
SetLastError
GetStringTypeW
FreeLibrary
LoadLibraryA
VirtualFree
GetConsoleOutputCP
FreeEnvironmentStringsA
SetEnvironmentVariableA
GetVersionExA
GetModuleFileNameA
GetEnvironmentStrings
RtlZeroMemory
IsValidLocale
GetACP
SetHandleCount
GetCPInfo
HeapAlloc
GetConsoleMode
EnumCalendarInfoA
RtlUnwind
CreateFileA
TlsAlloc
CreatePipe
GetNamedPipeInfo
GetLogicalDrives
DeleteCriticalSection
VirtualAlloc
FindNextChangeNotification
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentThreadId
WriteProfileStringW
SetFilePointer
GetDateFormatA
InterlockedCompareExchange
LCMapStringA
FindFirstFileExA
ReadFile
VirtualProtectEx
InterlockedDecrement
GetStartupInfoA
CreateMutexA
TlsFree
GetProcessHeap
TlsGetValue
WaitForMultipleObjectsEx
Sleep
GetConsoleCP
GetStartupInfoW
EnterCriticalSection
MultiByteToWideChar
ReleaseSemaphore
GetModuleFileNameW
WaitForDebugEvent
CompareStringW
GetLongPathNameW
HeapCreate
RtlMoveMemory
UnlockFileEx

wininet

InternetReadFileExW
GetUrlCacheGroupAttributeW
FtpSetCurrentDirectoryA
InternetHangUp
InternetSetFilePointer
ShowX509EncodedCertificate
SetUrlCacheConfigInfoW
FindNextUrlCacheGroup

shell32

RealShellExecuteW

gdi32

CreateCompatibleBitmap
CreateDCA
ExcludeClipRect
GetObjectW
RectVisible
SetStretchBltMode
DeleteDC
GetDeviceCaps

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7335917b8f12a07fe342f4aa7ae94c79

Headers

File Characteristics

Imports

user32

comdlg32

comctl32

kernel32

wininet

shell32

gdi32

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 116KB - Virtual size: 137KB

.rsrc Size: 60KB - Virtual size: 58KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 116KB - Virtual size: 137KB

.rsrc
Size: 60KB - Virtual size: 58KB