8c8f378a26e727736582157c6839fb73

Sharing

Copy URL Twitter E-mail

General

Target

8c8f378a26e727736582157c6839fb73
Size

478KB
MD5

8c8f378a26e727736582157c6839fb73
SHA1

825ada67e6071a0dcaf94a51973a949ebb733250
SHA256

06193d3e61186f7c3e89ea713b2a14bd04521c51a77fd4be7f4a543971a100fc
SHA512

c466e0838452efd2763586e3e4ae2ba791e59e5f29a65fc61e6403026610db0c193372055f3ed213ede9ac742312f24d5d1232e2fec53edb40d15c19270dad3c
SSDEEP

12288:VodDfnkVf7MjXBpsIZs99Hi1cGD/YKqzw/:VQ78AXByIOnHAD/YDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c8f378a26e727736582157c6839fb73

Files

8c8f378a26e727736582157c6839fb73
.exe windows:4 windows x86 arch:x86

7456a9da1c850e778748a98f2196b29e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\qteqxv.pdb

Imports

user32

GetOpenClipboardWindow
GetFocus
MapVirtualKeyW
MessageBoxA
DdeQueryNextServer
GetUserObjectInformationW
SendNotifyMessageA
WinHelpW
MessageBoxIndirectA
IsDialogMessageA
DdeConnect
RegisterClassExA
DlgDirListW
ShowWindow
SendNotifyMessageW
GetDlgItemTextW
InflateRect
GetClassInfoExW
SetWindowsHookW
MsgWaitForMultipleObjects
RegisterClassA
CreateWindowExW
CharPrevW
IsDialogMessageW
LoadBitmapA

comctl32

InitCommonControlsEx

kernel32

LoadLibraryA
SetStdHandle
QueryPerformanceCounter
HeapCreate
IsValidLocale
MultiByteToWideChar
TlsSetValue
LCMapStringW
GetProcAddress
GetDateFormatA
IsValidCodePage
LeaveCriticalSection
GetFileType
GetCommandLineA
GetTempFileNameA
CloseHandle
VirtualQuery
EnterCriticalSection
EnumSystemCodePagesW
ReadFile
HeapSize
CompareStringA
SetLastError
GetFileTime
OpenMutexA
VirtualAlloc
GlobalReAlloc
HeapFree
FreeEnvironmentStringsW
TerminateProcess
LoadModule
WriteFile
GetStdHandle
GetCurrentThread
SetHandleCount
WideCharToMultiByte
SetThreadContext
GetModuleHandleA
TlsAlloc
EnumSystemLocalesA
SetCurrentDirectoryW
GetPrivateProfileStringW
EnumResourceLanguagesW
SetEnvironmentVariableA
InterlockedCompareExchange
RtlFillMemory
lstrcmp
GetNumberFormatW
HeapAlloc
CreateMutexA
FreeEnvironmentStringsA
HeapDestroy
OpenEventA
RtlUnwind
GetUserDefaultLCID
InitializeCriticalSection
VirtualFree
UnlockFileEx
ReleaseSemaphore
GetVersionExA
OpenFileMappingW
SetThreadLocale
FlushFileBuffers
TlsFree
GetModuleFileNameA
ExitProcess
InterlockedExchange
TlsGetValue
UnhandledExceptionFilter
GetCurrentThreadId
MapViewOfFile
SetFilePointer
GetLastError
GetLongPathNameW
HeapReAlloc
GetCurrentProcess
LocalAlloc
GlobalCompact
GetCPInfo
GetStartupInfoA
VirtualProtect
GetEnvironmentStringsW
GetTimeZoneInformation
IsBadWritePtr
GetCompressedFileSizeA
CompareStringW
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetTickCount
GetACP
GetStringTypeW
GetLocaleInfoA
DeleteCriticalSection
GetSystemDirectoryA
GetLocaleInfoW
GetOEMCP
LCMapStringA
GetSystemInfo
GetStringTypeA
GetCurrentProcessId
GetTimeFormatA

gdi32

SetPolyFillMode
PlgBlt
ScaleViewportExtEx
GetTextExtentExPointA
DeleteObject
SetMapMode
EndPath
EnumObjects
FrameRgn
StretchDIBits
AnimatePalette
CopyMetaFileW
SetBitmapDimensionEx
SelectObject
GetEnhMetaFileW

comdlg32

ReplaceTextA
GetOpenFileNameA
PrintDlgW
ChooseColorW

Sections

.text
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7456a9da1c850e778748a98f2196b29e

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

gdi32

comdlg32

Sections

.text Size: 306KB - Virtual size: 306KB

.rdata Size: 54KB - Virtual size: 78KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 306KB - Virtual size: 306KB

.rdata
Size: 54KB - Virtual size: 78KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 16KB - Virtual size: 15KB