89fb3f27737f184111aec75b06541556

Sharing

Copy URL

Twitter E-mail

General

Target

89fb3f27737f184111aec75b06541556
Size

444KB
MD5

89fb3f27737f184111aec75b06541556
SHA1

8f8345bb588eed9bfd2ec2168c6573a3d6fa2019
SHA256

52d2ceefc78989215dc294701092ae269d5d2b5fce06503d2056daff103078df
SHA512

e4e0194f0191d35f9b8c0ae343a18a8c638b26f1b5bfa2bb35065c7c8887de00a4e3f77ffaf977d76f687bfa9b2c869edf9c6df39fae916fb878b9271bd74efe
SSDEEP

6144:6vO75mtSpu4hBniHQ2O7svtG/nOd/F6tM2UPu:6vQ5mtSNDnuQ2O7s1UOvAMPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89fb3f27737f184111aec75b06541556

Files

89fb3f27737f184111aec75b06541556
.exe windows:4 windows x86 arch:x86

419307b339143eae3163c5ad2eb57387

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\ranstand\againstFact.pdb

Imports

user32

FindWindowExA
SendMessageA
GetParent
GetMenu
ShowWindow
GetClientRect
GetWindowRect
ClientToScreen
EnableWindow
SetWindowPos
DefMDIChildProcA
SetActiveWindow
ScreenToClient
GetWindowInfo
AdjustWindowRectEx
PostMessageA
GetPropA
CallWindowProcA
SetPropA
SetWindowLongA
GetClassNameA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjectsEx
PostQuitMessage
GetKeyState
LoadIconA
LoadCursorA
RegisterClassExA
SystemParametersInfoA
AdjustWindowRect
CreateWindowExA
IsWindowVisible
GetWindowPlacement
SetWindowPlacement
UpdateWindow
GetForegroundWindow
SetForegroundWindow
SetFocus
GetFocus
DefFrameProcA
FillRect
SetScrollInfo
GetScrollInfo
DrawFocusRect
LoadStringA
LoadBitmapA
DrawEdge
InsertMenuItemA
GetMenuItemID
GetSubMenu
SetMenuItemInfoA
GetMenuItemCount
GetMenuItemInfoA
RemoveMenu
DestroyMenu
DeleteMenu
DrawMenuBar
TrackMouseEvent
ChildWindowFromPointEx
WindowFromPoint
ChildWindowFromPoint
GetAncestor
TranslateAcceleratorA
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
MapVirtualKeyA
PtInRect
UnregisterClassA
DrawTextA
GetQueueStatus
GetActiveWindow
GetSystemMetrics
FindWindowA
EnumThreadWindows
AttachThreadInput
IsIconic
GetTopWindow
GetWindowLongA
GetWindow
GetWindowThreadProcessId
AllowSetForegroundWindow
IsWindow
GetSysColorBrush
BringWindowToTop
IsWindowEnabled
RemovePropA
EnumChildWindows
IsZoomed
MoveWindow
GetWindowTextA
SetCursor
MessageBeep
ReleaseDC
MessageBoxA
GetWindowTextLengthA
GetSysColor
CreateMenu
SetMenu
UpdateLayeredWindow
InvalidateRect
GetDC
KillTimer
GetMessageA
SetTimer
DestroyWindow
EnumDisplayMonitors
GetMonitorInfoA
GetUpdateRect
TileWindows
CascadeWindows
GetCursorPos
SetWindowTextA
CreatePopupMenu
RegisterWindowMessageA
DefWindowProcA
ReleaseCapture
SetCapture
EndPaint
DrawFrameControl
BeginPaint
MonitorFromPoint

ole32

OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

UrlGetLocationA
UrlGetPartA
UrlIsA

advapi32

CryptDestroyHash
CryptHashData
CryptGetHashParam
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
CryptGenRandom
CryptAcquireContextA
CryptReleaseContext
CryptCreateHash

uxtheme

GetThemeSysFont

comdlg32

PageSetupDlgA
PrintDlgA

kernel32

GetCPInfo
GetOEMCP
GetACP
FatalAppExitA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
GetVersionExA
IsProcessorFeaturePresent
VirtualProtect
WaitForSingleObject
FindCloseChangeNotification
FindFirstChangeNotificationA
GetCurrentProcessId
GetModuleHandleA
SetEvent
GetCommandLineA
CreateProcessA
GetStdHandle
EnterCriticalSection
SetErrorMode
LoadLibraryA
GetProcAddress
FreeLibrary
OpenProcess
GetExitCodeProcess
CloseHandle
CreateEventA
ResumeThread
LocalFree
HeapAlloc
GetVersion
Sleep
SetLastError
ReleaseMutex
GetLastError
CreateMutexA
GetCurrentThreadId
GetModuleFileNameA
OutputDebugStringA
GetSystemDirectoryA
GetLocaleInfoA
GetSystemTimeAsFileTime
FindNextChangeNotification
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
MulDiv
lstrlenA
LoadResource
LockResource
FreeResource
FindResourceA
SizeofResource
GetTickCount
ReadFile
GetMailslotInfo
CreateFileA
WriteFile
CreateMailslotA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetSystemInfo
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
VirtualQuery
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetFileAttributesA
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeFormatA

Sections

.text
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

419307b339143eae3163c5ad2eb57387

Headers

File Characteristics

PDB Paths

Imports

user32

ole32

shlwapi

advapi32

uxtheme

comdlg32

kernel32

Sections

.text Size: 228KB - Virtual size: 225KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 156KB - Virtual size: 189KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 228KB - Virtual size: 225KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 156KB - Virtual size: 189KB

.rsrc
Size: 4KB - Virtual size: 1KB