8b3273a1ca7b81cbe3c80581d8ab1396

Sharing

Copy URL Twitter E-mail

General

Target

8b3273a1ca7b81cbe3c80581d8ab1396
Size

660KB
MD5

8b3273a1ca7b81cbe3c80581d8ab1396
SHA1

15a802ee3fa897cd7a193d4330ab1f06300b3e7d
SHA256

c7d7b99c94749db1d47b7c47224854ca9d3636e7ca56840fc92433b5fa4ece08
SHA512

a8ed63409520a8aa2a36ab40392b7419dcddf89a163549a98a5ade0ad37aeff58f3ef276e5805fb6a212837ce52152903fe013d649030d211e74de5cffcf0c0a
SSDEEP

12288:qooP3riqwF7tSTIHNNtnoWQRdB5PBc8nE:hovribtKIHdCBVB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b3273a1ca7b81cbe3c80581d8ab1396

Files

8b3273a1ca7b81cbe3c80581d8ab1396
.exe windows:4 windows x86 arch:x86

6357444486fdf79db798c5288a1aeba2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\edf

Imports

comctl32

InitCommonControlsEx
ImageList_GetDragImage
ImageList_Remove
ImageList_ReplaceIcon
ImageList_LoadImage
ImageList_LoadImageW
ImageList_DragLeave
ImageList_DrawIndirect
ImageList_Read
CreatePropertySheetPageA
ImageList_EndDrag
DrawInsert
ImageList_DragShowNolock
CreateStatusWindow
ImageList_SetFlags
ImageList_GetImageRect
ImageList_SetIconSize
ImageList_Destroy
CreateUpDownControl
CreatePropertySheetPageW
ImageList_GetImageInfo

kernel32

FindFirstFileExW
InterlockedDecrement
MoveFileW
lstrcmpi
GetLongPathNameA
RtlMoveMemory
EnterCriticalSection
LocalUnlock
SetUnhandledExceptionFilter
QueryPerformanceCounter
VirtualAlloc
SetCurrentDirectoryW
GetAtomNameW
SetFilePointer
Sleep
GetSystemTimeAsFileTime
SuspendThread
LeaveCriticalSection
GetLocaleInfoW
EnumSystemLocalesA
TlsSetValue
ReadConsoleOutputCharacterA
CompareStringA
EnumSystemLocalesW
WriteConsoleA
lstrcpy
GetProcAddress
SetStdHandle
TerminateProcess
VirtualAllocEx
GetEnvironmentStrings
WriteConsoleOutputAttribute
MoveFileExA
WriteConsoleOutputA
MultiByteToWideChar
GetPrivateProfileIntA
GetDateFormatA
GetCurrentProcess
GetCommandLineA
CloseHandle
InterlockedIncrement
GetShortPathNameA
WaitForMultipleObjectsEx
ReadConsoleW
SetHandleCount
GetModuleFileNameA
GetConsoleOutputCP
GetVersionExA
SetConsoleCtrlHandler
LoadLibraryExA
CompareStringW
OpenMutexA
GetCalendarInfoW
GetTimeZoneInformation
CreateDirectoryW
GlobalGetAtomNameW
SetLastError
SetWaitableTimer
EnumDateFormatsExA
WriteConsoleInputA
WaitForDebugEvent
HeapCreate
FillConsoleOutputCharacterA
CreateMutexA
HeapFree
FreeEnvironmentStringsW
WriteConsoleW
WriteFile
WideCharToMultiByte
GetExitCodeProcess
HeapSize
GetTickCount
GetCurrentThread
ConvertDefaultLocale
IsValidLocale
LoadModule
GetACP
GetLocaleInfoA
GetTimeFormatA
GetPrivateProfileStringW
DeleteFileA
GetStringTypeW
LCMapStringA
CreateFileA
GetStringTypeA
GetProcessHeap
FreeEnvironmentStringsA
GetNumberFormatA
GetLogicalDrives
SetSystemTime
GetVersion
LoadLibraryA
CreateProcessW
GetNamedPipeHandleStateA
GetModuleHandleW
GetLastError
SetEvent
EnumResourceNamesW
lstrcpynW
InterlockedExchange
GetModuleHandleA
LCMapStringW
SetEndOfFile
GetOEMCP
IsDebuggerPresent
GlobalCompact
lstrcmpiW
GetStdHandle
GetStartupInfoW
OpenFileMappingA
GetCommandLineW
SetPriorityClass
GlobalHandle
AddAtomW
VirtualFree
GetCurrentThreadId
InitializeCriticalSection
VirtualQuery
DeleteCriticalSection
HeapDestroy
FlushFileBuffers
UnhandledExceptionFilter
HeapAlloc
ExitProcess
GetModuleFileNameW
GetConsoleCP
PulseEvent
ReadFile
IsValidCodePage
EnumResourceTypesW
TlsGetValue
SetEnvironmentVariableA
GetUserDefaultLCID
HeapReAlloc
RtlFillMemory
GetConsoleMode
GetCurrentProcessId
FindFirstFileExA
LoadLibraryW
RtlUnwind
WaitNamedPipeW
GetUserDefaultLangID
OpenWaitableTimerW
GetCPInfo
TransmitCommChar
GetStartupInfoA
GetEnvironmentStringsW
TlsFree
TlsAlloc
SetFileTime
GetFileType
ReleaseSemaphore
GetSystemTimeAdjustment
TransactNamedPipe
EnumCalendarInfoExA
FreeLibrary

user32

VkKeyScanW
ChangeDisplaySettingsW
ShowOwnedPopups
GetClipboardFormatNameA
DdeCreateStringHandleW
DefWindowProcW
BringWindowToTop
IsCharLowerA
CreateWindowExA
PostThreadMessageA
DefDlgProcA
GetDesktopWindow
ShowWindow
CharUpperA
RegisterClassExA
MessageBoxW
GetCapture
DdeClientTransaction
AppendMenuW
MapWindowPoints
DestroyWindow
ToUnicodeEx
DdeReconnect
ToAsciiEx
GetKeyboardState
RegisterClassA
OemToCharBuffW
LoadBitmapW

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6357444486fdf79db798c5288a1aeba2

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 244KB - Virtual size: 242KB

.data Size: 120KB - Virtual size: 139KB

.rsrc Size: 100KB - Virtual size: 97KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 244KB - Virtual size: 242KB

.data
Size: 120KB - Virtual size: 139KB

.rsrc
Size: 100KB - Virtual size: 97KB