8c8ee02eb14b558a7e401d11e9177ce0

Sharing

Copy URL Twitter E-mail

General

Target

8c8ee02eb14b558a7e401d11e9177ce0
Size

305KB
MD5

8c8ee02eb14b558a7e401d11e9177ce0
SHA1

2864988b4c9913ba90c3e2653d74477f4df4fecb
SHA256

006827a55cabcce0cdd51240bfaf67cf3c17eaecc8adfd6e78eb23c99d0f6f5b
SHA512

ecfe4788ec39b70ab12627cfbdd9b42fd255175625017711fe47add7d009516123efebde1083b346c5086dbf54ed68a96612f76bc3d328c0e9d1f42b93fe5923
SSDEEP

6144:l7em6Ff70K3ThjvwB+711xMmx8aREuM54njCpMgQZuw5suRgFVMZ:5761wE9jvKI8aST54n662uRWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PORTAB~1.EXE
unpack001/your_exe.exe

Files

8c8ee02eb14b558a7e401d11e9177ce0
.cab
PORTAB~1.EXE
.exe windows:4 windows x86 arch:x86

069eedbe2e762f833da306256d6154c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
sndPlaySoundA

kernel32

HeapFree
GetStartupInfoA
GetCommandLineA
RaiseException
CreateThread
ExitThread
HeapReAlloc
HeapSize
GetACP
SetStdHandle
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
TerminateProcess
ExitProcess
GetFileType
RtlUnwind
GetTickCount
GetCurrentDirectoryA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
WritePrivateProfileStringA
GlobalAlloc
lstrcmpA
GetProfileStringA
SetCurrentDirectoryA
GetExitCodeProcess
CreateProcessA
GetCurrentThread
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
MulDiv
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynA
FormatMessageA
LocalFree
FindNextFileA
FindFirstFileA
GetLastError
SetLastError
FindClose
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
InterlockedDecrement
GlobalLock
GlobalUnlock
GlobalFree
SizeofResource
CreateFileA
CloseHandle
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
Sleep
GetModuleFileNameA
CreateDirectoryA
MoveFileA
FindResourceA
LoadResource
LockResource
WaitForSingleObject
ReleaseMutex
CreateMutexA
FreeEnvironmentStringsW

user32

SetRect
CopyAcceleratorTableA
GetNextDlgGroupItem
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
SetParent
PostThreadMessageA
GetDesktopWindow
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMessageA
ValidateRect
CharUpperA
GetCursorPos
IsZoomed
SetRectEmpty
wvsprintfA
ShowWindow
SetWindowTextA
IsDlgButtonChecked
CheckDlgButton
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
IsWindowVisible
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
PostQuitMessage
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
EndDialog
SetActiveWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
DrawFrameControl
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
LoadIconA
MessageBeep
LoadCursorA
CopyIcon
PtInRect
GetSysColorBrush
MapDialogRect
SetWindowContextHelpId
ReleaseCapture
SetCapture
IsDialogMessageA
GetClassNameA
GetDlgItem
MoveWindow
IsWindow
GetTopWindow
ScreenToClient
GetWindow
LoadBitmapA
FrameRect
IsWindowUnicode
LoadImageA
GetDC
ReleaseDC
GetSysColor
FillRect
DrawStateA
OffsetRect
GetClientRect
CopyRect
InflateRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
KillTimer
PeekMessageA
DispatchMessageA
TranslateMessage
CreatePopupMenu
CreateWindowExA
CharNextA
AppendMenuA
SetTimer
GetDlgCtrlID
EnableWindow
SendMessageA
IsChild

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextColor
GetBkColor
LPtoDP
ExcludeClipRect
CreateDIBitmap
GetTextExtentPointA
CreateRectRgn
IntersectClipRect
LineTo
MoveToEx
CreateCompatibleBitmap
GetStockObject
Escape
DeleteObject
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetTextMetricsA
CreateRectRgnIndirect
PatBlt
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy

oledlg

ord8

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CreateILockBytesOnHGlobal
OleUninitialize

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear

wininet

InternetWriteFile
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionExA
InternetSetFilePointer
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 492KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
your_exe.exe
.exe windows:4 windows x86 arch:x86

2450a378ca8a99aff19942fde1b2ddb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

advapi32

ChangeServiceConfigA
OpenServiceA
RegQueryValueExA
StartServiceA
QueryServiceStatus
RegCloseKey
CloseServiceHandle
RegSetValueExA
RegOpenKeyW
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyA
RegEnumKeyA
OpenSCManagerA

tapi32

lineGetDevCapsW
lineInitializeExW
lineShutdown
lineNegotiateAPIVersion
lineClose
lineOpen
lineGetID

kernel32

GetStringTypeA
lstrcmpA
FormatMessageA
GetShortPathNameW
Sleep
HeapAlloc
WriteFile
CloseHandle
GetTempPathW
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA
lstrcpyA
lstrlenW
GlobalAlloc
GetSystemInfo
GetLastError
GlobalFree
GetVersionExA
GetStringTypeW
CreateFileA
DeleteFileW
VirtualProtect
VirtualFree
LCMapStringW
GetCPInfo
WideCharToMultiByte
FreeLibrary
GetProcAddress
lstrcmpiW
HeapReAlloc
CreateDirectoryW
LoadLibraryW
VirtualQuery
lstrlenA
GetTempFileNameW
HeapFree
lstrcmpiA
VirtualAlloc
LCMapStringA
GetLocaleInfoA
GetProcessHeap

setupapi

SetupCloseInfFile
SetupGetSourceFileLocationA
SetupGetSourceInfoA
SetupDiGetDeviceInstanceIdW
SetupDiSetClassInstallParamsA
SetupPromptForDiskA
SetupOpenMasterInf
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiGetClassDevsW
SetupDiOpenDevRegKey

ntdll

RtlLargeIntegerShiftRight
LdrGetDllHandle
NtAllocateVirtualMemory

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

069eedbe2e762f833da306256d6154c8

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 492KB - Virtual size: 490KB

2450a378ca8a99aff19942fde1b2ddb6

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

tapi32

kernel32

setupapi

ntdll

ole32

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 14KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 20B

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 492KB - Virtual size: 490KB

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 20B

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB