8070a95bc4cb2f4b8ade2586fd68edc4

Sharing

Copy URL Twitter E-mail

General

Target

8070a95bc4cb2f4b8ade2586fd68edc4
Size

174KB
MD5

8070a95bc4cb2f4b8ade2586fd68edc4
SHA1

4d88e454f3002689687d8c7f4aa3e50f06a0cee9
SHA256

8118ec70e7ff48e266d1854c72e90bf55014d5c594409232acbb44e184172480
SHA512

28bf8b9e9a09b05d9142b37c0c89d5aa42483bd4063c943c9c748ba580574e6f0c652b10e91991b8dd799fa77a6bb378fdae25aef54180864f78c245c03e3569
SSDEEP

3072:y8Kj5wYJlo9g7MZ36mA42IHTMs/gkfxGHUOV0ulwYTdOKngxB/C:y8KroXRAkgs4kYVVllTdNgxBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8070a95bc4cb2f4b8ade2586fd68edc4

Files

8070a95bc4cb2f4b8ade2586fd68edc4
.exe windows:4 windows x86 arch:x86

446f0706b6cdf0ded914fe03dd152ccf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
SetWindowLongA
wsprintfA
IsChild
GetWindowLongA
GetDlgItem
SendMessageTimeoutA
GetDesktopWindow
EqualRect
IsWindow
DestroyWindow
InvalidateRect
ReleaseDC
GetWindowTextLengthA
ReleaseCapture
CharNextA
GetFocus
MsgWaitForMultipleObjects
SetParent
DefWindowProcA
PostMessageA
SetFocus
CreateDialogParamA
PeekMessageA
UnregisterClassA
RegisterClassExA
KillTimer
GetClassNameA
GetSysColor
GetQueueStatus
ShowWindow
GetClientRect
DrawTextA
EnumDisplayDevicesA
SendMessageA
SetWindowTextA
wvsprintfA
RedrawWindow
GetParent
LoadCursorA
BeginPaint
FillRect
GetWindowTextA
SetCapture
CopyRect
EndPaint
MoveWindow
SendNotifyMessageA
SetRect
PostThreadMessageA
CallWindowProcA
FindWindowA
GetDC
CreateWindowExA
GetWindowRect
GetClassInfoExA
GetWindow
InvalidateRgn
GetActiveWindow
RegisterWindowMessageA
DispatchMessageA
CreateAcceleratorTableA
DestroyAcceleratorTable
SetWindowPos

advapi32

CryptEncrypt
CryptAcquireContextA
CryptHashData
CryptImportKey
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
CryptReleaseContext
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
CryptGetHashParam
RegCreateKeyExA
CryptCreateHash
CryptDestroyHash
CryptDestroyKey
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA

winmm

timeGetTime
timeSetEvent

ole32

GetRunningObjectTable
CoSetProxyBlanket
StgIsStorageFile
CoGetClassObject
CreateBindCtx
BindMoniker
StgOpenStorage
CoTaskMemAlloc
CoInitialize
OleInitialize
StgCreateDocfile
StringFromGUID2
CoInitializeSecurity
CLSIDFromProgID
OleUninitialize
OleLockRunning
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CreateItemMoniker
CoUninitialize
CLSIDFromString

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

shlwapi

PathFileExistsW
PathCombineW

gdi32

GetStockObject
GetDeviceCaps
ExtEscape
CreateDIBSection
SetStretchBltMode
BitBlt
DeleteObject
RealizePalette
CreateCompatibleBitmap
SelectPalette
CreateCompatibleDC
CreateDIBitmap
SelectObject
StretchDIBits
CreateSolidBrush
CreateFontA
GetDIBits
DeleteDC
GetObjectA
SetBkMode

kernel32

GetShortPathNameW
WideCharToMultiByte
LocalAlloc
DisableThreadLibraryCalls
UnmapViewOfFile
GlobalFree
GetProcessAffinityMask
GlobalSize
GlobalAlloc
Sleep
MapViewOfFile
EnumResourceTypesW
GetTickCount
SetFilePointer
CreateFileW
WriteFile
CreateFileMappingA
GetFileAttributesA
CreateFileA
LocalFree
ReadFile
GetFileSize
CloseHandle

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

gdiplus

GdipFree
GdipAlloc
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipCloneImage

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

446f0706b6cdf0ded914fe03dd152ccf

Headers

File Characteristics

Imports

user32

advapi32

winmm

ole32

wininet

shlwapi

gdi32

kernel32

version

setupapi

gdiplus

shell32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 248KB