8662ae64a698d6380a75f450f590722b

Sharing

Copy URL Twitter E-mail

General

Target

8662ae64a698d6380a75f450f590722b
Size

532KB
MD5

8662ae64a698d6380a75f450f590722b
SHA1

91f2227477e9326b26e52d5b9154b9519fe64521
SHA256

cb524409f59d8be5902576de0b1b96c0cb88630baf0657a49fa0e1097af38b04
SHA512

79120dad23ad49f113ffccf9688542bc25b752e822b12730d109b3bc6e9b6661fde305e36dc5abe887fbb1fec73da8f36b8662f61cefa256cfc916013637a757
SSDEEP

12288:r/ZuLwmMaGwonVGbg1+A5uNULHARqZIjNzlrwC7:rRUXTonVUgAmuKARqWjX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8662ae64a698d6380a75f450f590722b

Files

8662ae64a698d6380a75f450f590722b
.exe windows:4 windows x86 arch:x86

8086af862bb3315b563a71bc2cf43eee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\sihgiqjo\steyflbm\udketq\kfb

Imports

comdlg32

GetOpenFileNameA
PrintDlgA

gdi32

GetViewportOrgEx
DeviceCapabilitiesExW
CreateDiscardableBitmap
GetPolyFillMode
CombineTransform
RemoveFontResourceW
GetCharWidthA
GetTextCharsetInfo
GetROP2
SetGraphicsMode
SelectClipPath
GetGraphicsMode
PatBlt
GetMapMode
SetBitmapDimensionEx
CreateFontIndirectA
SetPixel
CreateEllipticRgnIndirect
GetDCOrgEx

user32

CopyAcceleratorTableA
GetClassInfoExA
UpdateWindow
FindWindowExA
PostMessageW
ChangeMenuA
DefMDIChildProcW
UnloadKeyboardLayout
IsCharUpperW
CreateCursor
CloseDesktop
IsZoomed
OpenDesktopA
OemToCharBuffW
RealGetWindowClass
ChangeDisplaySettingsA
InsertMenuItemW
GetDCEx
GetClassInfoA
RegisterClassExA
GetUserObjectInformationA
WindowFromPoint
EnumDisplaySettingsW
BeginPaint
AttachThreadInput
RegisterClassA
PaintDesktop

kernel32

EnumSystemLocalesA
GetOEMCP
HeapSize
GetDateFormatA
GetSystemTime
DeleteCriticalSection
GetSystemInfo
HeapFree
TlsAlloc
WriteFile
CompareStringA
CreateMutexA
VirtualFree
TlsFree
GetStringTypeW
LoadLibraryA
ExitProcess
TerminateProcess
GetModuleFileNameW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetTimeZoneInformation
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetCurrentThread
GetFileType
SetEnvironmentVariableA
RtlUnwind
SetLastError
OpenMutexA
SetFilePointer
CompareFileTime
IsValidLocale
IsBadWritePtr
SetHandleCount
GetCurrentProcess
GetVersionExA
LocalUnlock
InterlockedExchange
GetModuleHandleA
DebugBreak
MultiByteToWideChar
GetStartupInfoA
HeapDestroy
GetStringTypeA
FoldStringW
FreeEnvironmentStringsW
VirtualAlloc
WideCharToMultiByte
HeapCreate
ReleaseMutex
GetStartupInfoW
GetLocaleInfoA
TlsGetValue
GetCommandLineA
HeapReAlloc
SetConsoleMode
WriteConsoleOutputW
GetACP
HeapAlloc
CreateSemaphoreW
LCMapStringW
GetCommandLineW
CloseHandle
GetThreadTimes
CompareStringW
GetCPInfo
LCMapStringA
GetLastError
GlobalGetAtomNameW
FreeEnvironmentStringsA
TlsSetValue
InitializeCriticalSection
GetModuleFileNameA
GetEnvironmentStrings
GetStdHandle
ReadFile
GetSystemTimeAsFileTime
GetTimeFormatA
GetTickCount
FlushFileBuffers
SetStdHandle
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoW
FindAtomW
GetThreadLocale
GetWindowsDirectoryW
CreateProcessA
IsValidCodePage
VirtualQuery
GetProcAddress
VirtualProtect
GetUserDefaultLCID

comctl32

CreatePropertySheetPageA
InitCommonControlsEx
ImageList_EndDrag
DrawInsert
ImageList_SetDragCursorImage
DestroyPropertySheetPage

wininet

LoadUrlCacheContent
GopherCreateLocatorW
InternetQueryFortezzaStatus
InternetOpenUrlW
FtpPutFileW
InternetAutodialHangup
InternetShowSecurityInfoByURL
InternetGetConnectedStateExA

shell32

SHGetFileInfoA
ExtractIconExA
SheSetCurDrive
SHQueryRecycleBinA
SHGetMalloc

Sections

.text
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8086af862bb3315b563a71bc2cf43eee

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

user32

kernel32

comctl32

wininet

shell32

Sections

.text Size: 306KB - Virtual size: 306KB

.rdata Size: 70KB - Virtual size: 99KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 306KB - Virtual size: 306KB

.rdata
Size: 70KB - Virtual size: 99KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 52KB - Virtual size: 51KB