868ae581f75a9d2250afdaa45b9e6689

Sharing

Copy URL

Twitter E-mail

General

Target

868ae581f75a9d2250afdaa45b9e6689
Size

332KB
MD5

868ae581f75a9d2250afdaa45b9e6689
SHA1

cfe20690a7898595716463b2a53c5634ed08c5aa
SHA256

791be5d6042da7fcd4555c62fc7cf07e50a9ae7abb4d185c87097b8ad42e4135
SHA512

088719bcd1f7b7be37e1df3432315c324932bf20f03d788079706041ffc9f43c732681db6b6e416817483f0a537cd039d6d33d532881a3e36f662c9e351f29f8
SSDEEP

6144:xHUhchKADgQdC2/APhpVU1xIDu/9t5TMn+jFwDYKeYdZBy2y:x0hchK8C2YPmN/9t5TMU2DF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
868ae581f75a9d2250afdaa45b9e6689

Files

868ae581f75a9d2250afdaa45b9e6689
.exe windows:4 windows x86 arch:x86

6af68f9232bfb2908da5b010666fe665

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetBkColor

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHGetPathFromIDListW
SHAppBarMessage
ShellExecuteW

advapi32

CreateServiceA
OpenServiceW
AccessCheck
LookupPrivilegeValueW
EqualSid
CryptDestroyHash
InitializeAcl
GetNamedSecurityInfoW
ChangeServiceConfig2W
RegNotifyChangeKeyValue
RegSetValueExA
RegQueryValueExA
SetSecurityDescriptorOwner
QueryServiceConfigW
OpenSCManagerW

oleaut32

VariantClear

ole32

OleCreateFromFile
OleCreateLinkFromData
StgOpenStorage
CoLockObjectExternal
CreateClassMoniker
CoRevokeClassObject

gdi32

MoveToEx
BitBlt
PlayMetaFileRecord
Rectangle
CreateDIBSection
PlayEnhMetaFileRecord
GetCurrentPositionEx
GetTextMetricsW
SaveDC
CreateBitmap
DeleteObject
EnumFontFamiliesA
GetCurrentObject
GetBitmapBits

comdlg32

GetFileTitleA

user32

GetNextDlgGroupItem
DdeFreeDataHandle
SetMenuDefaultItem
IsCharAlphaW
SetDlgItemTextW
FrameRect
SetMenuItemBitmaps
ExitWindowsEx
CheckMenuItem
GetMessageW
GetScrollPos
LoadMenuW
IsDialogMessageW
LoadBitmapW
GetKeyState
SetPropW
GetCapture
GetCaretPos
GetSystemMetrics
GetMenuState
GetFocus
SetDlgItemInt
CheckMenuRadioItem
CopyRect
GetMenuItemCount
GetClassInfoA
GetMenu
MessageBoxIndirectW
MapDialogRect
SetWindowWord
ClipCursor
DestroyCaret
SystemParametersInfoA
CreateIcon
LoadKeyboardLayoutA
EnumWindows
PtInRect
SystemParametersInfoW
IsDialogMessageA
CharNextW
DefWindowProcW
ShowWindow
LoadImageA
CreateDialogIndirectParamW
CreateAcceleratorTableW
SetMenuItemInfoA
GrayStringA
GetPropW
SetClassLongA
EndPaint
LockWindowUpdate
GetCursorPos
GetMessageA
GetClassLongW
GetDlgItemInt
DestroyIcon
SetClassLongW
UpdateWindow
LoadBitmapA
GetClassInfoW
SendMessageTimeoutW
CreateDialogIndirectParamA
DdeConnectList
OemToCharA
IsRectEmpty
RemovePropW
IsCharAlphaNumericW

kernel32

GetOEMCP
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetACP
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
WriteFile
RtlUnwind
HeapFree
HeapDestroy
TlsGetValue
SetLastError
TlsAlloc
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
GetStringTypeW
SetProcessWorkingSetSize
GetPrivateProfileIntA
GetEnvironmentVariableW
TlsSetValue
IsBadCodePtr
_lopen
CreateMutexW
IsDBCSLeadByteEx
GetFullPathNameW
GetConsoleOutputCP
LocalAlloc
CreateIoCompletionPort
DuplicateHandle
GetPrivateProfileSectionA
LCMapStringA
GetCurrentProcessId
DeleteTimerQueueTimer
SetThreadLocale
IsDBCSLeadByte
SetPriorityClass
lstrcpyW
VerSetConditionMask
GetDiskFreeSpaceA
FindResourceA
OpenFileMappingA
GetProcessTimes
GetUserDefaultLCID
ExitThread
_lclose
GetCurrentDirectoryW
LoadLibraryA
OpenFileMappingW
GlobalReAlloc
GetStdHandle
GetSystemDefaultLCID
QueueUserWorkItem
CreateDirectoryW
SetHandleCount
CreateProcessW
GetDiskFreeSpaceW
OpenFile
InitializeCriticalSection
lstrlenA
VirtualAlloc
GetFileAttributesExW
GetEnvironmentStringsW
GetLongPathNameW
GetLastError
CreateSemaphoreA
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetFullPathNameA
DeleteFileW
LCMapStringW
IsBadReadPtr
HeapCreate
GetQueuedCompletionStatus
GetTickCount
GetCPInfo
GetComputerNameW
OpenEventW
GetConsoleMode
SetEvent
GetDriveTypeA
CreateSemaphoreW
GetConsoleCP
GetProcAddress
GlobalAddAtomA
GetFileTime
SetFileTime
FreeResource
GetExitCodeProcess
DeviceIoControl
OpenMutexA
lstrcpyA
GetCommandLineA
lstrcpynA
QueryPerformanceFrequency
GetShortPathNameW
EnumResourceNamesW
MoveFileExW
CreateThread
GetCurrentThreadId
GetUserDefaultUILanguage
HeapAlloc
InterlockedIncrement
FindNextFileA
SystemTimeToFileTime
CreateDirectoryA
GetEnvironmentVariableA
FileTimeToLocalFileTime
CreateProcessA
GetTempFileNameA
GetUserGeoID
SetEnvironmentVariableW
SetThreadPriority
GetSystemDefaultUILanguage
SystemTimeToTzSpecificLocalTime
VirtualFree
SetErrorMode
GetVersionExA

shlwapi

UrlUnescapeW
StrToIntExW
StrRChrW

Sections

.text
Size: 272KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6af68f9232bfb2908da5b010666fe665

Headers

File Characteristics

Imports

comctl32

version

shell32

advapi32

oleaut32

ole32

gdi32

comdlg32

user32

kernel32

shlwapi

Sections

.text Size: 272KB - Virtual size: 268KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 704B

.text
Size: 272KB - Virtual size: 268KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 704B