870e4efa0acaf36818be471bb99b655f

Sharing

Copy URL

Twitter E-mail

General

Target

870e4efa0acaf36818be471bb99b655f
Size

296KB
MD5

870e4efa0acaf36818be471bb99b655f
SHA1

bc4c9df67fd29b50d3269863464ae2949e170e10
SHA256

aff88af91403c12c6304a5e0083b1f487e6b2ddbf25cd74448b21ab0ea0a97e6
SHA512

0210976d60a023c23b4d89f5e4d6d148f3c1ef10a40c3ccf1214613cf80d27a078ae6d3ad3bd860c60c04b3c7a25b09a0e8d8e6d9d4550a4a9f50ba62c263b26
SSDEEP

6144:za61r1CZE6fS5ENLt7YkMScwsFPTNYI0TjCu:LrCy6fcYTs9X6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
870e4efa0acaf36818be471bb99b655f

Files

870e4efa0acaf36818be471bb99b655f
.exe windows:4 windows x86 arch:x86

ad4227f7d9ca1d02b728c548f84769a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\phl.pdb

Imports

kernel32

GetStdHandle
GetProfileStringW
GetSystemTimeAdjustment
GetPrivateProfileStructW
FreeEnvironmentStringsW
SetConsoleCtrlHandler
InterlockedIncrement
IsBadWritePtr
SetEnvironmentVariableA
SetHandleCount
GetLocaleInfoA
EnumResourceLanguagesA
CreateProcessA
GetStringTypeA
TerminateProcess
WritePrivateProfileStructA
GetUserDefaultLangID
HeapReAlloc
GetSystemTime
QueryPerformanceCounter
SetLocalTime
GetModuleHandleA
GetModuleFileNameA
CloseHandle
GetModuleFileNameW
ExitProcess
TlsSetValue
LoadLibraryA
LCMapStringA
HeapAlloc
GetCurrentProcessId
WriteFile
GetSystemTimeAsFileTime
TlsFree
GetEnvironmentStrings
LeaveCriticalSection
SetConsoleScreenBufferSize
SetConsoleCP
FlushFileBuffers
CompareStringW
GetTimeZoneInformation
SetFilePointer
OpenMutexA
GetEnvironmentStringsW
OpenProcess
MultiByteToWideChar
GetCurrentThread
LCMapStringW
FlushViewOfFile
EnterCriticalSection
SetLastError
GetLastError
VirtualAlloc
FoldStringW
GetTickCount
GlobalFree
GetCurrentProcess
CompareStringA
GetStringTypeW
GetVersion
GetCommandLineW
VirtualQuery
ReadFile
HeapCreate
DeleteCriticalSection
GetFileType
GetCompressedFileSizeA
GetStartupInfoA
GetTempFileNameA
GetCPInfo
VirtualFree
lstrlen
InterlockedExchange
InitializeCriticalSection
WideCharToMultiByte
OutputDebugStringW
CreateNamedPipeA
RtlUnwind
TlsAlloc
GetProcAddress
InterlockedDecrement
GetConsoleOutputCP
UnhandledExceptionFilter
GetStartupInfoW
TlsGetValue
WriteProfileSectionW
GetCurrentThreadId
FreeEnvironmentStringsA
WaitCommEvent
GetFileAttributesExA
GetLocalTime
SetStdHandle
WaitNamedPipeA
GetCommandLineA
HeapFree
CreateMutexA
CreateThread
HeapDestroy

user32

SetSystemCursor
EnumClipboardFormats
DestroyCaret
EnumWindows
DdeGetLastError
ReleaseCapture
GetCursorInfo
GetClipboardFormatNameW
ScreenToClient
BroadcastSystemMessage
SetClassWord
EnableMenuItem
MapVirtualKeyA
GetTitleBarInfo
LoadStringA
CreateDesktopA
CountClipboardFormats
CreateIconFromResource
ShowScrollBar
GetQueueStatus
UnpackDDElParam
CallMsgFilterA
VkKeyScanExW
DefFrameProcA
SendIMEMessageExW
DdeQueryNextServer
RegisterClassA
RealGetWindowClass
GetCursorPos
RegisterClassExA
IntersectRect
GetClipboardData
GetClientRect
ShowWindow
GetKeyboardLayoutList
DdeQueryStringW
GetUserObjectSecurity
CreateAcceleratorTableW
CharNextExA
DrawTextExW
ShowOwnedPopups
UpdateWindow
IsClipboardFormatAvailable
GetWindow
GetPriorityClipboardFormat
ToAscii
GetMenuBarInfo
OffsetRect
AppendMenuA

comctl32

ImageList_Create
ImageList_GetFlags
CreateUpDownControl
ImageList_DragLeave
ImageList_Write
_TrackMouseEvent
GetEffectiveClientRect
ImageList_EndDrag
InitCommonControlsEx
DrawStatusText
DrawInsert
ImageList_LoadImageW
ImageList_SetFlags
ImageList_AddIcon
CreateToolbarEx
MakeDragList
ImageList_GetImageInfo

comdlg32

FindTextW

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad4227f7d9ca1d02b728c548f84769a1

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

comdlg32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 92KB - Virtual size: 114KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 92KB - Virtual size: 114KB

.rsrc
Size: 16KB - Virtual size: 12KB