8c1868266c4371bfb2468d05d386af3d

Sharing

Copy URL

Twitter E-mail

General

Target

8c1868266c4371bfb2468d05d386af3d
Size

315KB
MD5

8c1868266c4371bfb2468d05d386af3d
SHA1

bf7bf16b657ee17ff011f1fad79c09702f161aa0
SHA256

c26f7f16f65abb571f7b6b47e06d36415c3b2350ddc20db0e1c4e2e21c7dbcac
SHA512

2512c4317cae6386ac36cc69d0cb44461e3e698c3e7f82331dcf69c5c90005f96865c36d9a5b309248bb0752a9a970177a27a6fb289317324fe6cebedc800839
SSDEEP

6144:Z0bQlFGbUjg5MnEhiKf6ycvandwlOCLZ9sz5G4KWlVo/MT6:GMXGbUCMERDcyn6xZU5G4ZlS/k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c1868266c4371bfb2468d05d386af3d

Files

8c1868266c4371bfb2468d05d386af3d
.exe windows:4 windows x86 arch:x86

6669a858455ae6a53842ac963ac65e59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconEx
SHAddToRecentDocs
ShellExecuteW
CheckEscapesW
SHEmptyRecycleBinA
RealShellExecuteA
SHFileOperationW
SheSetCurDrive
DragAcceptFiles
SHGetPathFromIDListW
SheGetDirA
InternalExtractIconListW
DragQueryFileW
SHGetSpecialFolderLocation
SHAppBarMessage
ShellExecuteEx
SHQueryRecycleBinW
SHQueryRecycleBinA

comdlg32

PrintDlgW
PageSetupDlgW
GetOpenFileNameA
PageSetupDlgA
ChooseFontW
ChooseColorW
ReplaceTextA
ChooseFontA

gdi32

PolyDraw
CreateEnhMetaFileW
EnumICMProfilesW
CreateDCA
StrokePath
GetMapMode
GetClipRgn
SetMetaFileBitsEx
GetWorldTransform
BitBlt
GetAspectRatioFilterEx

user32

DialogBoxIndirectParamA
OpenWindowStationW
LoadCursorFromFileW
DispatchMessageA
GetSysColorBrush
IsCharAlphaNumericW
IsWindowUnicode
DrawMenuBar
TrackMouseEvent
TrackPopupMenu
SetClassLongW
GetClassLongA

kernel32

CreateDirectoryA
GetLastError
RtlUnwind
GetCommandLineA
InterlockedExchange
GetModuleHandleA
EnumDateFormatsW
GetCurrentProcess
SetLastError
LoadLibraryA
OutputDebugStringA
GetProcAddress
TlsAlloc
FindResourceW
LCMapStringA
CloseHandle
SetLocaleInfoA
UnhandledExceptionFilter
HeapValidate
ExitProcess
HeapDestroy
WideCharToMultiByte
HeapCreate
GetEnvironmentStrings
GetModuleFileNameA
WriteFile
LCMapStringW
GetVersion
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
CreateDirectoryExA
FlushFileBuffers
FreeEnvironmentStringsW
SetStdHandle
DeleteCriticalSection
HeapReAlloc
VirtualQuery
EnumTimeFormatsA
EnumSystemLocalesA
TlsFree
DebugBreak
TerminateProcess
InitializeCriticalSection
GetStringTypeA
HeapAlloc
GetSystemDefaultLCID
GetCPInfo
GetEnvironmentStringsW
GetWindowsDirectoryA
GetOEMCP
InterlockedDecrement
GetCurrentProcessId
MultiByteToWideChar
GetFileType
lstrcpyW
QueryPerformanceCounter
IsBadWritePtr
GetStartupInfoA
InterlockedIncrement
GetStringTypeW
GetACP
GetCurrentThreadId
GetStdHandle
GetSystemTimeAsFileTime
SetHandleCount
TlsSetValue
VirtualFree
SetConsoleCtrlHandler
IsBadReadPtr
GetCurrentThread
SetComputerNameW
GetTickCount
SetFilePointer
VirtualAlloc
FreeEnvironmentStringsA
HeapFree

advapi32

RegDeleteValueA
RevertToSelf
CryptReleaseContext
RegSaveKeyW
GetUserNameA
CryptImportKey
CryptSetProviderExW

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6669a858455ae6a53842ac963ac65e59

Headers

File Characteristics

Imports

shell32

comdlg32

gdi32

user32

kernel32

advapi32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 5KB - Virtual size: 4KB