89b3b044884d1536a6fb10dba776eae8

Sharing

Copy URL Twitter E-mail

General

Target

89b3b044884d1536a6fb10dba776eae8
Size

600KB
MD5

89b3b044884d1536a6fb10dba776eae8
SHA1

8654552c07900f8e0172fdfddb31155c7f0efab7
SHA256

90dd46b5acffd66a949f41770d497f80fd6dc6da6225e1a7065fc76c0cb3bac0
SHA512

edecd721ed1a6434b6bfc1df9e4adc15c86f5757945bf781157d39333b1a08bf4393f7eca1df91f8f94fbb8dce7c7c7529db6b9f34678c2da773ed60482a2967
SSDEEP

12288:RLxUufqsBM8qDSmdBpBXoI/pIvQhfOSa:R5fbWHR/pH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89b3b044884d1536a6fb10dba776eae8

Files

89b3b044884d1536a6fb10dba776eae8
.exe windows:4 windows x86 arch:x86

2ec80f6de1fb4f89f892c43450a86a98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GetConsoleMode
GetProfileStringW
GetTimeZoneInformation
HeapSize
LoadModule
SetThreadContext
SetVolumeLabelA
WriteFile
SetComputerNameA
GetStringTypeExA
GetCurrentDirectoryW
SetLocaleInfoA
WriteConsoleInputA
GetDateFormatW
GetConsoleOutputCP
FreeEnvironmentStringsA
WriteConsoleA
GetModuleHandleW
LoadLibraryA
MultiByteToWideChar
FreeLibrary
TlsFree
CreateWaitableTimerW
GetEnvironmentStringsW
LCMapStringA
GetStartupInfoA
DuplicateHandle
UnhandledExceptionFilter
DeleteCriticalSection
HeapAlloc
VirtualQuery
GetStringTypeA
GlobalReAlloc
OpenMutexA
GetCPInfo
GetCurrentThread
SetLastError
GetVersionExW
RtlUnwind
SetConsoleCursorInfo
SetConsoleTitleA
FillConsoleOutputCharacterW
WaitForDebugEvent
ContinueDebugEvent
GetSystemDefaultLangID
lstrcmpi
CompareStringW
GetCurrencyFormatA
LocalShrink
InitializeCriticalSection
GetThreadPriority
SetConsoleCtrlHandler
QueryPerformanceCounter
CloseHandle
SetUnhandledExceptionFilter
SetStdHandle
InterlockedDecrement
GetTimeFormatA
TlsSetValue
MoveFileExA
GetUserDefaultLCID
VirtualFree
EnumResourceTypesA
SetSystemTime
FreeEnvironmentStringsW
LCMapStringW
HeapFree
GetModuleHandleA
LeaveCriticalSection
GetCommandLineA
IsValidLocale
GetFileAttributesExA
GetConsoleCP
GetDateFormatA
GetTickCount
InterlockedIncrement
CreateMutexA
RaiseException
FindFirstFileW
FindResourceA
SetLocaleInfoW
GetCurrentThreadId
CompareStringA
WideCharToMultiByte
TerminateProcess
FlushInstructionCache
GetComputerNameA
GetPrivateProfileIntA
GetACP
EnumSystemLocalesA
GetProcessHeap
OpenFileMappingA
VirtualAlloc
SetHandleCount
DebugActiveProcess
EnterCriticalSection
FindResourceExA
WriteFileEx
GetStringTypeW
SetFilePointer
WritePrivateProfileSectionA
WriteConsoleW
GetLastError
GetLocaleInfoA
GetSystemTimeAsFileTime
GetProcAddress
EnumDateFormatsExA
IsValidCodePage
HeapDestroy
WriteConsoleOutputCharacterA
HeapCreate
GetOEMCP
GetFileType
TlsGetValue
GetLocaleInfoW
GetComputerNameW
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetEnvironmentVariableA
GetNamedPipeInfo
GetCurrentProcessId
WriteConsoleInputW
GetCurrentProcess
GetModuleFileNameA
MapViewOfFile
FlushFileBuffers
CreateProcessA
LockFileEx
IsDebuggerPresent
TlsAlloc
GetEnvironmentStrings
ExitProcess
CreateFileA
GetProcessAffinityMask
FreeResource
Sleep
HeapReAlloc
InterlockedExchange
TransactNamedPipe
WaitForSingleObjectEx
GlobalGetAtomNameA
ReadFile

comctl32

ImageList_SetIconSize
ImageList_GetIcon
DrawStatusText
ImageList_DragMove
ImageList_GetImageInfo
ImageList_Duplicate
DrawStatusTextA
InitMUILanguage
DrawStatusTextW
DrawInsert
ImageList_Write
ImageList_GetFlags
ImageList_SetFlags
ImageList_DragShowNolock
ImageList_Copy
ImageList_DragLeave
ImageList_Merge
ImageList_Destroy
ImageList_DrawEx
ImageList_LoadImageW
CreateToolbar
CreateUpDownControl
ImageList_SetImageCount
InitCommonControlsEx
ImageList_GetImageRect

user32

UnloadKeyboardLayout
PostThreadMessageA
DlgDirListComboBoxA
WinHelpA
EnumDisplaySettingsExA
GetCursorInfo
PostQuitMessage
SetDlgItemInt
RegisterClassExA
DestroyWindow
MonitorFromPoint
AdjustWindowRect
IsWindowUnicode
GetMenuInfo
IsCharAlphaW
GetMenuStringA
EnableMenuItem
EnumPropsExA
EqualRect
GetSubMenu
DdeCmpStringHandles
CheckRadioButton
GetScrollInfo
RedrawWindow
HideCaret
CharNextA
GetDCEx
MessageBoxW
SendMessageA
RegisterClassA
PaintDesktop
GetUserObjectInformationW
DdeCreateStringHandleW
DdeCreateDataHandle
PackDDElParam
EndPaint
EnableWindow
OpenInputDesktop
ShowWindow
IsIconic
CreateCursor
DefWindowProcW
CreateWindowExW
SetMenuItemInfoW

advapi32

RegCreateKeyA
CryptDecrypt
RegOpenKeyExW
RegQueryValueW
RegEnumValueA

wininet

InternetFortezzaCommand
InternetSetFilePointer
CreateUrlCacheContainerW
InternetErrorDlg

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ec80f6de1fb4f89f892c43450a86a98

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

wininet

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 120KB - Virtual size: 144KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 120KB - Virtual size: 144KB

.rsrc
Size: 24KB - Virtual size: 22KB