762ee64c54897e4552e0a05e2d68b4b5

Sharing

Copy URL Twitter E-mail

General

Target

762ee64c54897e4552e0a05e2d68b4b5
Size

556KB
MD5

762ee64c54897e4552e0a05e2d68b4b5
SHA1

ec3665239a3f5315188040678f5e6de412bebf37
SHA256

6f1c5ef7100e1dd7e5e4664414ebdd6ef8a9816923bbdd78f1f39aff4f1efd63
SHA512

80cbe8760046d3779fe7265ecd625cfdffc7bb91302f2e08816b65d2a52dc071910e36c991d4d14840ff5c43092ed870a155760c5525fe7018de330131dca203
SSDEEP

12288:G4Y4vjJU4tNj4a784GYy4SRMv4zX4ZLzgIe:FNHl79qMWiLzgIe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
762ee64c54897e4552e0a05e2d68b4b5

Files

762ee64c54897e4552e0a05e2d68b4b5
.exe windows:5 windows x86 arch:x86

866ec4621804664306c10b5b5e06d61e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmMetrics

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__setusermatherr
memset

comctl32

ImageList_DrawEx
InitCommonControlsEx
ImageList_GetImageCount
_TrackMouseEvent
ImageList_Destroy
ImageList_GetIconSize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetStartupInfoA
GetModuleHandleA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCommandLineA
LoadLibraryA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
IsValidCodePage
WritePrivateProfileStringW
WriteFile
WriteConsoleW
WriteConsoleA
WinExec
WideCharToMultiByte
WaitForSingleObject
ExitProcess
WaitForMultipleObjects
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnlockFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateThread
TerminateProcess
SystemTimeToFileTime
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetThreadLocale
SetStdHandle
SetLastError
SetHandleCount
SetFileTime
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
QueryDosDeviceW
OutputDebugStringA

user32

UnionRect
UnregisterClassW
TranslateMessage
UpdateWindow
TranslateAcceleratorW
TrackPopupMenu
ToUnicodeEx
TabbedTextOutW
UnpackDDElParam
ValidateRect
WaitMessage
TranslateMDISysAccel
WindowFromPoint
WinHelpW
wsprintfW
UnhookWindowsHookEx

gdi32

RectVisible
RestoreDC
Rectangle
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
PtVisible
PtInRegion
Polyline
Polygon
PolyBezierTo
PatBlt
OffsetWindowOrgEx
OffsetViewportOrgEx
MoveToEx
LineTo
IntersectClipRect
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetViewportExtEx
GetTextMetricsW
GetTextExtentPoint32W
GetTextExtentPoint32A
GetTextColor
GetTextAlign
GetStockObject
SelectClipRgn
GetPixel
GetObjectW
GetMapMode
GetDIBits
GetDeviceCaps
GetCurrentPositionEx
GetCurrentObject
GetClipRgn
GetClipBox
GetCharWidthW
GetBkColor
GetBitmapBits
FillPath
ExtTextOutW
ExtSelectClipRgn
ExtCreateRegion
ExcludeClipRect
Escape
EndPath
Ellipse
DPtoLP
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePolygonRgn
CreatePen
CreatePatternBrush
CreateFontW
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
CloseFigure
BitBlt
BeginPath
StretchDIBits
SelectObject
SetBkColor
EnumFontFamiliesExW
SetBkMode
SetMapMode
SetPixel
SetRectRgn
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
GetRgnBox
StrokePath
StrokeAndFillPath
SetWindowOrgEx

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

comdlg32

GetFileTitleW

advapi32

RegEnumKeyExW
EqualSid
FreeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExW
AllocateAndInitializeSid
RegOpenKeyW
RegQueryValueExW
RegQueryValueW
RegSetValueExW

shell32

DragFinish
CommandLineToArgvW
ExtractIconW
ShellExecuteW
SHGetFileInfoW
DragQueryFileW

ole32

CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateILockBytesOnHGlobal
CLSIDFromString
OleInitialize
CoLockObjectExternal
OleRun
OleUninitialize
RegisterDragDrop
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoGetClassObject
CoInitialize
CoFreeUnusedLibraries
CoDisconnectObject
OleIsCurrentClipboard
CoCreateInstance
CreateStreamOnHGlobal
OleFlushClipboard

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathFileExistsW
PathRemoveFileSpecW

Sections

.text
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifx
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

866ec4621804664306c10b5b5e06d61e

Headers

File Characteristics

Imports

msacm32

msvcrt

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 424KB - Virtual size: 423KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 12.1MB

.data1 Size: 4KB - Virtual size: 648B

.ifx Size: 8KB - Virtual size: 4KB

.rsrc Size: 104KB - Virtual size: 101KB

.text
Size: 424KB - Virtual size: 423KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 12.1MB

.data1
Size: 4KB - Virtual size: 648B

.ifx
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 104KB - Virtual size: 101KB