87745c7d8903e6c077a986a4df911536

Sharing

Copy URL

Twitter E-mail

General

Target

87745c7d8903e6c077a986a4df911536
Size

999KB
MD5

87745c7d8903e6c077a986a4df911536
SHA1

683dc47600d8c02695070d3c88cebd1a46b20da8
SHA256

eeb6a0f346926d3f6d535ec7cbdf77063af027a12b15654199516ad74890ad66
SHA512

0abd239f1a7c745a77b8768f5ac83a72f021e5cc6baa625a7a6a6601ca2361ac4b6814b98106ce5a6911a7035a8e94dcec1e586abcb8b52c6b0abf5fa49224dd
SSDEEP

12288:PEKGLXIJkwrmrrIZpYAHnkn80N2Ymmt0LDXoNj/HEp64lQaVH8vaZ/M:PEKKYJkwrsrIZmDnRwoR/HEp6uu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87745c7d8903e6c077a986a4df911536

Files

87745c7d8903e6c077a986a4df911536
.exe windows:4 windows x86 arch:x86

f0da0faf15dcfa0e3c263855412fc86c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetNamedSecurityInfoW
RegSetValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCreateKeyExA
GetUserNameA

kernel32

GetShortPathNameA
GetDiskFreeSpaceA
GetWindowsDirectoryW
SetFileAttributesW
SetFileAttributesA
IsBadReadPtr
SetLastError
lstrcpyW
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
GetComputerNameA
GetTempPathW
GetTempPathA
GetDriveTypeA
GetDriveTypeW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetStartupInfoA
lstrcpynW
GetModuleHandleW
GetModuleHandleA
GetFileAttributesW
LocalAlloc
LocalFree
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
CreateFileW
CreateFileA
CreateEventW
lstrlenW
GetVersionExA
CreateEventA
CreateThread
GlobalSize
WideCharToMultiByte
GetWindowsDirectoryA
GetFileAttributesA
LoadLibraryA
GetACP
MultiByteToWideChar
ResetEvent
DeviceIoControl
SetEvent
GetSystemInfo
GlobalMemoryStatus
QueryPerformanceCounter
GetLocalTime
GetTickCount
GetCurrentProcessId
FreeLibrary
SetErrorMode
FindClose
GetLastError
GetSystemTime
CloseHandle
CopyFileExW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileSize
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
LeaveCriticalSection
SetThreadPriority
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetThreadLocale
GetProcAddress
GetCurrentThreadId

wmvcore

WMCreateEditor
WMCreateReaderPriv

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
OleLoadFromStream
GetHGlobalFromStream
OleSaveToStream
StringFromGUID2

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
VariantClear
SafeArrayUnaccessData
SysAllocStringByteLen
GetErrorInfo
VariantCopy
SysAllocStringLen
SystemTimeToVariantTime
SysFreeString
SysAllocString
VariantInit
SafeArrayAccessData

shell32

SHGetFolderPathW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHGetFileInfoA

winmm

mmioOpenW
mmioOpenA
mmioRead
mmioAscend
mmioSeek
mmioDescend
mmioClose

wininet

RetrieveUrlCacheEntryFileW
RetrieveUrlCacheEntryFileA

avifil32

AVIStreamLength
AVIStreamInfoW
AVIStreamInfoA
AVIFileInfoW
AVIFileInfoA
AVIFileExit
AVIFileRelease
AVIFileInit
AVIStreamRelease
AVIStreamSampleToTime
AVIStreamReadFormat
AVIFileGetStream
AVIFileOpenA
AVIFileOpenW

msvcrt

_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
vswprintf
wcsspn
wcscspn
memcpy
strcpy
strcat
strlen
memset
memcmp
wcsncat
_wtol
iswalpha
_beginthreadex
memmove
towlower
_wcslwr
towupper
_wcsupr
_ui64tow
wcsncmp
_wcsnicmp
wcscmp
wcsrchr
_wcsicmp
strstr
wcscat
wcschr
wcsncpy
wcsstr
_wsplitpath
_wmakepath
wcslen
??2@YAPAXI@Z
wcscpy
??3@YAXPAX@Z
wcspbrk
_vsnwprintf
wcscoll
_wcsicoll
wcstol
_ltow

user32

wvsprintfW
SetWindowLongW
SetWindowLongA
FindWindowExW
SendMessageA
RegisterWindowMessageW
UnregisterClassW
UnregisterClassA
RegisterClassW
RegisterClassA
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
FindWindowExA
PostQuitMessage
GetCursor
SetCursor
RegisterWindowMessageA
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DispatchMessageA
DispatchMessageW
GetMessageA
GetMessageW
GetWindowLongA
GetWindowLongW
LoadCursorA
LoadCursorW
LoadStringA
LoadStringW

Sections

.text
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0da0faf15dcfa0e3c263855412fc86c

Headers

File Characteristics

Imports

advapi32

kernel32

wmvcore

ole32

oleaut32

shell32

winmm

wininet

avifil32

msvcrt

user32

Sections

.text Size: 204KB - Virtual size: 201KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 24KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 204KB - Virtual size: 201KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 24KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 1KB