89beaedcaddfafa8efd74a9a12f53c4d

Sharing

Copy URL Twitter E-mail

General

Target

89beaedcaddfafa8efd74a9a12f53c4d
Size

148KB
MD5

89beaedcaddfafa8efd74a9a12f53c4d
SHA1

1937d8dcc46ee1808100c4127b923f204c765bff
SHA256

53c64e3e7bdf4ee6facb970158cad1887cbb4f740290081c60ee537a5d6d129a
SHA512

a30b6bed46c7d04b6991c31db3de5f830593d629d681925310dbb34c411f9314f53d99df341dc877f0c0739f900585e8cac25a8151a81ea429331c6a06ae7d0a
SSDEEP

3072:5oT/iVG95hVsROfh2uKJFKV80ZSz6XvUaPRKWVuDShEig+5pxmmDBk:irhzVsah2BANsWXvvVusJgoxm0Bk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89beaedcaddfafa8efd74a9a12f53c4d

Files

89beaedcaddfafa8efd74a9a12f53c4d
.exe windows:5 windows x86 arch:x86

aad2a9d11a99a9104e798d09997e59c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\RKuapherqnjy\blLrvveKmd\QynBMKgxCc.pdb

Imports

comctl32

ImageList_Draw
ImageList_AddMasked
DestroyPropertySheetPage
ImageList_Write
CreatePropertySheetPageA
ImageList_GetImageCount

msvcrt

printf
_controlfp
rand
__set_app_type
wcslen
isprint
system
mbstowcs
fflush
clock
remove
putc
__p__fmode
vsprintf
toupper
perror
gmtime
__p__commode
fgetc
strpbrk
qsort
_amsg_exit
setlocale
wcstoul
wcsncpy
strtoul
localtime
_initterm
_ismbblead
strspn
swprintf
getenv
memset
iswdigit
fseek
_XcptFilter
ungetc
bsearch
time
wcscoll
fprintf
puts
_exit
_cexit
strcoll
__setusermatherr
isupper
__getmainargs

kernel32

OpenSemaphoreW
LCMapStringA
ConvertDefaultLocale
TransactNamedPipe
GetCommandLineA
EnterCriticalSection
GetLastError
GetTempFileNameA
HeapReAlloc
GlobalAddAtomW
lstrlenA
SetFileAttributesA
CreateDirectoryA
GetThreadPriority
GetModuleHandleA
lstrcpyW
lstrcmpA
GlobalUnlock
SleepEx
GetSystemWindowsDirectoryA
GetSystemTimeAdjustment
HeapValidate
VirtualFree
UnmapViewOfFile
GlobalCompact
FindNextFileA
UnlockFile
GlobalGetAtomNameW
GetSystemDefaultUILanguage
GlobalHandle
TlsGetValue
GetFileAttributesExW
WaitForSingleObjectEx
GetCommState
FindResourceW
InitializeCriticalSection
IsBadReadPtr
GetVersionExW
SetWaitableTimer
GlobalLock
EnumResourceTypesA
GetFileInformationByHandle
WriteFile
HeapWalk
EnumResourceNamesW
FileTimeToSystemTime
GetTickCount
FindNextFileW
GetModuleFileNameA
FlushViewOfFile
LoadLibraryW
AddAtomW
GlobalDeleteAtom
GlobalAddAtomA
IsValidLanguageGroup

shlwapi

PathIsUNCW

user32

MoveWindow
DragObject
ValidateRect
PeekMessageA
EndDialog
SetLastErrorEx
LoadIconA
LoadImageW
MessageBoxW
DestroyMenu
SetActiveWindow
UpdateWindow
InSendMessage
SetDlgItemInt
ReplyMessage
GetClassLongA
IsWindow
DefWindowProcW
DialogBoxIndirectParamW
FindWindowA
ToUnicodeEx
SetMenuItemBitmaps
ChangeMenuW
GetMenuStringA
GetMenuItemID
SetDlgItemTextA
AttachThreadInput
UnionRect
MonitorFromRect
GetWindowTextLengthW
GetActiveWindow
CreateAcceleratorTableW
LoadBitmapA
GetScrollPos
RemoveMenu
CreateDialogParamW
GetKeyState
SetWindowTextA
InsertMenuA
GetNextDlgGroupItem
ScrollWindowEx
IsChild
DestroyWindow
DrawIconEx
AppendMenuA
ShowScrollBar
PostMessageA
GetDlgCtrlID
GetCursorPos
GetNextDlgTabItem
GetWindowDC
DestroyCaret
ScrollWindow
ChildWindowFromPointEx
IsCharAlphaNumericW
SetDlgItemTextW
GetMenuItemCount
GetParent
DefFrameProcA
GetSysColor
CharLowerW
CharPrevW
GetTopWindow
FillRect
CharUpperW
GetMenuCheckMarkDimensions
CallWindowProcA
MapDialogRect
CharToOemW
SendDlgItemMessageA
ClipCursor
DrawTextA
ShowCaret
DeferWindowPos
CreateDialogIndirectParamW
ShowCursor
SendNotifyMessageW
GetClassInfoExW
IsDialogMessageW
GetForegroundWindow
CharLowerA
RedrawWindow
RegisterWindowMessageW
WindowFromPoint
ArrangeIconicWindows
TrackPopupMenuEx
GetMonitorInfoW
CreateCursor
GetShellWindow
GetKeyboardLayoutList
CreateIconFromResource
GetDC
SetTimer
EnableScrollBar
GetIconInfo
SetScrollInfo
ModifyMenuW
SetScrollRange
CreateWindowExW
IsCharLowerA
GetSysColorBrush
PostThreadMessageA
SetWindowLongA
OpenInputDesktop
SetWindowTextW
CheckRadioButton
ClientToScreen
SendMessageTimeoutA
SetMenu
KillTimer
MessageBoxExA
DefDlgProcW
GetKeyNameTextW
DrawAnimatedRects
EnumChildWindows
DestroyCursor
GetClassInfoW

Exports

Exports

?OwnerInitDescriptor@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ntrs
Size: 1024B - Virtual size: 711B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mode
Size: - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aad2a9d11a99a9104e798d09997e59c5

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

kernel32

shlwapi

user32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 89B

.ntrs Size: 1024B - Virtual size: 711B

.ips3 Size: 1024B - Virtual size: 704B

.data Size: 3KB - Virtual size: 2KB

.mode Size: - Virtual size: 123KB

.rsrc Size: 112KB - Virtual size: 112KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 89B

.ntrs
Size: 1024B - Virtual size: 711B

.ips3
Size: 1024B - Virtual size: 704B

.data
Size: 3KB - Virtual size: 2KB

.mode
Size: - Virtual size: 123KB

.rsrc
Size: 112KB - Virtual size: 112KB

.reloc
Size: 2KB - Virtual size: 1KB