8db93439d69b2928f6f80e2b76196b3f

Sharing

Copy URL

Twitter E-mail

General

Target

8db93439d69b2928f6f80e2b76196b3f
Size

284KB
MD5

8db93439d69b2928f6f80e2b76196b3f
SHA1

6ef1e5ef77556852338b04236851703e6e4042cb
SHA256

64917bd6d8d99741ba9adc95f1dd5e6a253790aefcc19cb8073bc430b9ff9a49
SHA512

ef6fc4fe0900c943e6600725452085ee1e7127669e09273dd8310ae4d40b4fcfb2df10d43d7ffa65c628481dd90b29c483da049ebc9aaca51ec2e8a82f5705aa
SSDEEP

6144:LIcUBucWQY+I3x7c93ovjqgU1ExTZ4zytb5L:LIcUBucdY+sxISh1l4zkd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8db93439d69b2928f6f80e2b76196b3f

Files

8db93439d69b2928f6f80e2b76196b3f
.exe windows:4 windows x86 arch:x86

44a3ea2f229e01c32eec53eb29e8e0ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

FlushInstructionCache
InterlockedIncrement
GetCurrentThreadId
GetCurrentProcess
GetDiskFreeSpaceA
FindClose
LocalFileTimeToFileTime
QueryPerformanceFrequency
DosDateTimeToFileTime
GetFileAttributesA
InterlockedDecrement
lstrcmpA
FreeLibrary
LoadLibraryA
HeapAlloc
CreateFileA
GetFileSize
FindFirstFileA
SetFilePointer
GetModuleFileNameA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
lstrcatA
ReadFile
CreateMutexA
ReleaseMutex
GetTickCount
WriteFile
MoveFileA
GetTempFileNameA
GetTempPathA
LockResource
CreateThread
GetSystemInfo
HeapCreate
GetShortPathNameA
MapViewOfFile
CreateFileMappingA
GetModuleHandleA
GetUserDefaultLangID
OpenEventA
CreateDirectoryA
lstrcpynA
SetFileAttributesA
GetSystemDirectoryA
GetStartupInfoA
ExitProcess
GetCommandLineA
DebugBreak
HeapReAlloc
HeapFree
GetWindowsDirectoryA
GetDriveTypeA
GlobalSize
GlobalLock
GlobalAlloc
FreeResource
LocalFree
FormatMessageA
GlobalFree
GlobalUnlock
IsBadReadPtr
VirtualQuery
VirtualProtect
SearchPathA
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
RtlUnwind
GetStringTypeA
GetStringTypeW
WaitForSingleObject
EnterCriticalSection
lstrlenW
CreateEventA
LoadResource
GetCurrentProcessId
Sleep
lstrlenA
lstrcpyA
CloseHandle
GetVersionExA
CompareStringW
WideCharToMultiByte
CompareStringA
MultiByteToWideChar
GetLastError
SetLastError
LeaveCriticalSection
AddAtomA
SetFileTime
SetEvent
RemoveDirectoryA
lstrcmpiA
DeleteFileA
GetAtomNameA
GetFileTime
CreateProcessA
SizeofResource
FindResourceA
UnmapViewOfFile

user32

GetWindow
SystemParametersInfoA
GetClientRect
GetParent
MapWindowPoints
SetWindowLongA
BeginPaint
IsWindow
EndPaint
PostThreadMessageA
GetDesktopWindow
ScreenToClient
ShowWindow
LoadImageA
SendMessageA
SendDlgItemMessageA
LoadStringA
TranslateMessage
LoadCursorA
SetDlgItemTextA
GetWindowLongA
MessageBoxA
GetMessageA
SetWindowTextA
FillRect
WaitForInputIdle
InvalidateRect
UpdateWindow
GetWindowRect
PtInRect
EndDialog
DestroyCursor
GetSysColor
GetActiveWindow
DialogBoxParamA
GetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
wsprintfA
CharNextA
KillTimer
SetTimer
IsDlgButtonChecked
CheckDlgButton
IsDialogMessageA
SetForegroundWindow
GetPropA
EnableMenuItem
SetPropA
RemovePropA
CreateDialogIndirectParamA
SetWindowRgn
DestroyWindow
GetDlgItem
EnableWindow
ClientToScreen
SetCursor
SetWindowPos
DrawTextA
GetWindowDC
GetWindowTextA
PostMessageA
ReleaseDC
GetDialogBaseUnits
GetClassNameA
SetFocus
CallWindowProcA
DefWindowProcA
MoveWindow
CharLowerBuffA
GetAsyncKeyState
RegisterClassA
CreateWindowExA

gdi32

GetObjectA
RestoreDC
TextOutA
SetBkMode
SelectObject
GetDeviceCaps
CreateRectRgn
SaveDC
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
SetBkColor
BitBlt
SetTextColor
CreateFontIndirectA
GetStockObject
CreateSolidBrush
PatBlt

comdlg32

GetSaveFileNameA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

CoInitialize
CoFreeUnusedLibraries
StgOpenStorage
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
GetRunningObjectTable
CoGetInterfaceAndReleaseStream
CoUninitialize
StringFromCLSID
CoTaskMemFree
StringFromGUID2
CoCreateGuid

oleaut32

RegisterTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
LoadTypeLi
SafeArrayCreate
SafeArrayPutElement
SafeArrayCopy
VariantChangeType
LoadRegTypeLi
SafeArrayGetElement
VariantCopy
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VariantClear

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44a3ea2f229e01c32eec53eb29e8e0ed

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 64KB - Virtual size: 63KB