88ca4b7572d1dd85165b47b80b2b03ef

Sharing

Copy URL Twitter E-mail

General

Target

88ca4b7572d1dd85165b47b80b2b03ef
Size

460KB
MD5

88ca4b7572d1dd85165b47b80b2b03ef
SHA1

782cd4821c8a97d5a2465423f817458f269d0a37
SHA256

03d8c66cf9ed1b4455f6def58b608749bdb5bbdb095083079834e7dc352e5b75
SHA512

22e10ae1ecc30505926903f3372dca7d9fd0a809bacef07e81e53a80dd3310e52491110f909e8a1807040a71e2cf1cbc4a4c39c13373318d02741ba2dd9c26f9
SSDEEP

3072:+3JgXmO6ycxJMqKs6OZ8JgLQ1gXki0H+kHlmwYbYrvGVkbfpzNGL4lj7o9OdfnM:WJgXhwPmUQWXkzcwOYbpxVLnM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88ca4b7572d1dd85165b47b80b2b03ef

Files

88ca4b7572d1dd85165b47b80b2b03ef
.exe windows:4 windows x86 arch:x86

0dc1acf5daea7dc70eefcd740fa330d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\bld\nview\v42\nView\bin\URelease\nvAppBar.pdb

Imports

user32

GetDoubleClickTime
GetClassNameW
TrackPopupMenuEx
UnionRect
SetRect
GetDC
EqualRect
IsIconic
IsZoomed
InflateRect
IntersectRect
IsRectEmpty
OffsetRect
IsWindowVisible
FrameRect
DrawIconEx
GetSysColor
SetRectEmpty
BeginPaint
EndPaint
GetClientRect
InvalidateRgn
SetWindowTextW
EnableWindow
GetWindowTextW
GetSysColorBrush
RegisterClassExW
GetMessageW
DispatchMessageW
TranslateMessage
PostQuitMessage
wvsprintfW
ReleaseCapture
MonitorFromPoint
SetCapture
SetCursor
PtInRect
GetWindow
DefWindowProcW
KillTimer
LoadStringW
LoadCursorW
UnregisterClassW
RegisterClassW
CreateWindowExW
DestroyWindow
GetCursorPos
ScreenToClient
GetSubMenu
CreatePopupMenu
DestroyMenu
LoadMenuW
DeleteMenu
ClientToScreen
TrackPopupMenu
GetSystemMetrics
SystemParametersInfoW
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
IsWindow
GetWindowDC
ReleaseDC
CopyRect
GetWindowPlacement
OpenIcon
ShowWindow
UpdateWindow
AllowSetForegroundWindow
LockSetForegroundWindow
GetForegroundWindow
GetTopWindow
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
SetForegroundWindow
BringWindowToTop
SetFocus
InvalidateRect
wsprintfW
SendMessageW
CopyIcon
GetClassLongW
LoadIconW
LoadImageW
DestroyIcon
MapVirtualKeyW
GetKeyNameTextW
FindWindowW
PostMessageW
SetTimer
GetWindowRect
MoveWindow
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplaySettingsW
SetWindowPos
GetWindowLongW
SetWindowLongW

shell32

ExtractIconW
ExtractIconExW
SHAppBarMessage

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

comctl32

InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_Create
ImageList_SetImageCount
ImageList_Remove
ImageList_Destroy
ImageList_GetIcon
ImageList_ReplaceIcon

msimg32

GradientFill

kernel32

GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
VirtualQuery
InterlockedExchange
InitializeCriticalSection
LoadLibraryA
RaiseException
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetCurrentProcess
TerminateProcess
ExitProcess
TlsGetValue
TlsSetValue
GetStringTypeW
GetCurrentThread
SetLastError
TlsAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
ExitThread
Sleep
lstrcpynW
lstrcmpiW
CreateSemaphoreW
OutputDebugStringW
MultiByteToWideChar
GetLastError
CreateThread
SetThreadPriority
TerminateThread
GetTickCount
lstrlenW
GetUserDefaultLangID
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
ReadFile
GlobalLock
GlobalUnlock
FreeResource
LocalAlloc
GlobalAlloc
CreateFileW
WriteFile
CloseHandle
GlobalFree
LocalFree
GetEnvironmentVariableW
lstrcatW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpyW
GetVersionExW
HeapFree
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapSize
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsFree
lstrcmpW
GetProcessHeap
GetModuleFileNameW
HeapAlloc

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

alugufm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0dc1acf5daea7dc70eefcd740fa330d0

Headers

File Characteristics

PDB Paths

Imports

user32

shell32

advapi32

comctl32

msimg32

kernel32

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 308KB - Virtual size: 308KB

alugufm Size: - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 308KB - Virtual size: 308KB

alugufm
Size: - Virtual size: 4KB