78ba43731645a5969b7dee62700a3216

Sharing

Copy URL Twitter E-mail

General

Target

78ba43731645a5969b7dee62700a3216
Size

312KB
MD5

78ba43731645a5969b7dee62700a3216
SHA1

6848efdf0fae77680ecd0649e54a3f9040c93cbb
SHA256

c25a29e7a597112b60f05e77d1a53f614a8141a839c7de71b8171ee8fd0ac844
SHA512

1eaf2d7273c11cd307202b5f949056997c6da87fbf5890dc6644c5422c7c6dc9dc6d8097d359f3e17aa37ccd01b4539794f08bb18e2b961a4e7c0fef74458910
SSDEEP

6144:1iCxJCKaaAXsXb5hZXqVGH+SzAbOhLakP/7UR:1iCJCKaaAab5hZaAH+PbaLakPTUR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78ba43731645a5969b7dee62700a3216

Files

78ba43731645a5969b7dee62700a3216
.exe windows:4 windows x86 arch:x86

5897051e82a4860cf599a6139ba26a95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ustey

Imports

user32

GetTabbedTextExtentA
SetCaretPos
EditWndProc
CopyIcon
LoadKeyboardLayoutW
RegisterDeviceNotificationW
GetClipCursor
OpenClipboard
TrackPopupMenuEx
DrawStateW
GetPropW
IsCharUpperW
SetWindowRgn
GetWindow
GetInputState
RegisterClassA
EnumDesktopsA
InvertRect
DdeConnectList
GetWindowTextA
MessageBoxA
DestroyMenu
GetOpenClipboardWindow
PostQuitMessage
GetClipboardOwner
RegisterClassExA
CreateWindowExW
CreateDialogIndirectParamW
CreateIconIndirect
SwitchToThisWindow
DeleteMenu
SetClipboardViewer
GetDesktopWindow
InternalGetWindowText
DestroyWindow
CreateDesktopW
SetWindowPos
AttachThreadInput
BroadcastSystemMessage
RemovePropW
EndDialog
SetWindowLongW
MapWindowPoints
SetWindowLongA
LoadImageA
SetWindowTextW
SubtractRect
DragObject
EnumWindows
ExitWindowsEx
SetClipboardData
LoadMenuIndirectW
EnableScrollBar
CallMsgFilterW
DefMDIChildProcA
SetClassLongW
CharNextA
IsRectEmpty
ExcludeUpdateRgn
DefWindowProcW
MapDialogRect
MessageBoxW
EnumThreadWindows
VkKeyScanA
CharUpperW
DrawTextExW
ValidateRgn
SetMenuItemBitmaps
GetProcessDefaultLayout
CountClipboardFormats
GrayStringA
GetMenuItemInfoW
DdeGetLastError
ShowWindow
GetClipboardData
DdeConnect
GetWindowModuleFileNameW
EnumPropsA
wvsprintfW
LoadBitmapW
SetDlgItemInt
DdeQueryStringW
wsprintfA
ReplyMessage
RegisterClipboardFormatA
DrawEdge
WaitForInputIdle
GetSysColorBrush
CharToOemW
CreatePopupMenu
SetRect
DialogBoxIndirectParamW
DrawFocusRect
CloseWindowStation
MessageBoxIndirectA
GetCursorPos
CharPrevExA
CreateMenu
CreateIcon
SendDlgItemMessageW

kernel32

GetTimeZoneInformation
InterlockedIncrement
SetFilePointer
LoadLibraryA
lstrcmp
VirtualQuery
FoldStringA
HeapCreate
GetLocalTime
LockFile
SetStdHandle
GetStringTypeW
GetTimeFormatA
GetDriveTypeW
ReadConsoleA
EnterCriticalSection
HeapAlloc
LCMapStringW
GetStartupInfoW
lstrcpynA
GetCurrentThread
CreateMutexA
GetThreadLocale
LCMapStringA
GetFileSize
UnhandledExceptionFilter
CloseHandle
SetSystemTime
GetStdHandle
QueryPerformanceCounter
TlsSetValue
ReadConsoleOutputW
CreateFileMappingW
GetCommandLineW
lstrcmpi
AddAtomW
HeapLock
SetLastError
CompareStringA
GetSystemTime
GetSystemDefaultLangID
RtlUnwind
LeaveCriticalSection
SuspendThread
WriteConsoleOutputCharacterA
LoadLibraryExW
GetDriveTypeA
lstrcmpiA
HeapDestroy
GetCurrentProcess
FreeEnvironmentStringsA
IsBadWritePtr
TlsFree
TerminateProcess
GetModuleHandleA
InterlockedExchange
GetProfileSectionA
GetCurrentProcessId
TlsAlloc
GetStartupInfoA
HeapReAlloc
SetEnvironmentVariableA
EnumDateFormatsW
GetModuleFileNameW
MoveFileExA
GetEnvironmentStrings
MultiByteToWideChar
SetConsoleCursorInfo
WriteFile
GetCPInfo
FlushInstructionCache
DeleteCriticalSection
OpenMutexA
HeapFree
SetComputerNameW
SetHandleCount
GetFileType
EnumTimeFormatsA
FreeEnvironmentStringsW
GetProcAddress
ReadFile
TlsGetValue
GetLastError
WritePrivateProfileStructW
ReadFileEx
GetCommandLineA
VirtualAlloc
GetLogicalDrives
FlushFileBuffers
DeleteFileW
GetSystemTimeAsFileTime
WideCharToMultiByte
GetConsoleTitleW
GetStringTypeA
SetConsoleTextAttribute
VirtualUnlock
GetTickCount
VirtualFree
CompareStringW
GetModuleFileNameA
GetEnvironmentStringsW
ExitProcess
GetVersion
GetCurrentThreadId
InitializeCriticalSection
InterlockedDecrement

comdlg32

GetOpenFileNameA
ReplaceTextW
ChooseColorW
GetSaveFileNameA

comctl32

ImageList_Read
InitMUILanguage
ImageList_SetFilter
ImageList_GetIcon
ImageList_GetFlags
ImageList_SetIconSize
ImageList_Replace
CreatePropertySheetPageW
CreateMappedBitmap
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_DrawIndirect
DestroyPropertySheetPage
ImageList_SetImageCount
ImageList_Write
ImageList_DragShowNolock
ImageList_Create
ImageList_BeginDrag
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetBkColor
ImageList_EndDrag

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5897051e82a4860cf599a6139ba26a95

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comdlg32

comctl32

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 96KB - Virtual size: 98KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 96KB - Virtual size: 98KB

.rsrc
Size: 20KB - Virtual size: 18KB