8022243caf867a78b493d401415a8f11

Sharing

Copy URL Twitter E-mail

General

Target

8022243caf867a78b493d401415a8f11
Size

290KB
MD5

8022243caf867a78b493d401415a8f11
SHA1

99880b8b2d7589ef9d26a89bae2392acd1235bdb
SHA256

9290330c80cf96ce552c639cb9158336af99e7e881df91ae369fd071c05d18a9
SHA512

c92a08d2b79ab0cd993f9a63c356465022018aca74f32c7a1612017744c355939d767805541275def1104b86b62ccd6df2e3fec48896f15e2ec22f1aedf105be
SSDEEP

3072:IqLnKtgORQsWc0+PfDEtSnNJFh+CsTq9I/STF2onkIh0g3Pw:RLi4MPfDHvX+Cs0I/SUokI34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8022243caf867a78b493d401415a8f11

Files

8022243caf867a78b493d401415a8f11
.exe windows:4 windows x86 arch:x86

25e90e4411d14c44cd4a1194a1387b99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LCMapStringW
LCMapStringA
MultiByteToWideChar
UnhandledExceptionFilter
FreeEnvironmentStringsA
TlsAlloc
GetCurrentThreadId
IsBadWritePtr
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
SetFilePointer
GetCPInfo
TerminateProcess
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers
ReadFile
LocalFree
LocalAlloc
LoadLibraryW
GetVersion
GetCommandLineW
GetComputerNameW
ExitProcess
GetModuleHandleW
GetProcAddress
SetComputerNameW
CreateDirectoryW
lstrcpyW
SetLastError
lstrlenW
GetCurrentProcess
CloseHandle
GetLastError
FormatMessageW
ExpandEnvironmentStringsW
GetFileAttributesW
Sleep
GetLogicalDrives
GetVolumeInformationW
GetDriveTypeW
FindFirstFileW
FindNextFileW
FindClose
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapCreate
HeapFree
HeapAlloc
ResumeThread
CreateThread
TlsSetValue
ExitThread
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
RtlUnwind
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapDestroy

user32

ShowWindow
InflateRect
DialogBoxIndirectParamW
GetNextDlgGroupItem
DefWindowProcW
SetWindowTextW
CreateWindowExW
SendMessageW
MapWindowPoints
CreateDialogParamW
SetWindowPos
IsWindowEnabled
GetNextDlgTabItem
LoadIconW
RegisterClassExW
GetWindowLongW
SetWindowLongW
GetMessageW
wsprintfW
DispatchMessageW
IsDialogMessageW
PostQuitMessage
TranslateMessage
EnableWindow
GetDlgItemTextW
IsDlgButtonChecked
SetFocus
CheckDlgButton
DialogBoxParamW
EndDialog
GetParent
GetWindowRect
MoveWindow
GetDlgItem
LoadCursorW
GetSysColorBrush
GetSysColor
ChildWindowFromPoint
InvalidateRect
SetCursor
MessageBoxW
PostMessageW
SetDlgItemTextW

gdi32

SetMapMode
StartDocW
StartPage
EndPage
EndDoc
GetStockObject
GetObjectW
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
GetDeviceCaps

comctl32

ord17

comdlg32

PrintDlgW

advapi32

RegOpenKeyW
RegConnectRegistryW
RegFlushKey
RegSaveKeyW
RegReplaceKeyW
FreeSid
GetLengthSid
AllocateAndInitializeSid
IsValidSid
GetSidIdentifierAuthority
InitiateSystemShutdownW
LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges
GetSidSubAuthorityCount
GetSidSubAuthority
RegQueryValueW
RegCreateKeyW
RegEnumValueW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegLoadKeyW
RegUnLoadKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetKeySecurity
RegCloseKey
RegGetKeySecurity
GetNamedSecurityInfoW
InitializeSecurityDescriptor
GetSecurityDescriptorControl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetAclInformation
GetAce
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
SetFileSecurityW
GetSecurityDescriptorGroup

shell32

CommandLineToArgvW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

25e90e4411d14c44cd4a1194a1387b99

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

comdlg32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 116KB - Virtual size: 120KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 116KB - Virtual size: 120KB

.rsrc
Size: 104KB - Virtual size: 104KB