8ed130aa822ab70525af1159e421068b

Sharing

Copy URL Twitter E-mail

General

Target

8ed130aa822ab70525af1159e421068b
Size

31KB
MD5

8ed130aa822ab70525af1159e421068b
SHA1

f0ae72a452920566114dae688cbc7cf1d945a70c
SHA256

c26ed6395a7639a9e1b6bcd09d9269583a54a2e97af33b8134db60ea5abcf46e
SHA512

244ea3163d91738da0336c1a98ed77a4a2e23ed0053a98288e973c9686e8ffc2a52dc2949ebc86ad83c2b9e2fa3cbd8be084f1de658916133d60a6aae58ef6b3
SSDEEP

768:bO4a/PC6NlDh/O6XrWxzuUwH/Six7w3p3p5UGOck0g8s:b9aiqNh/Oy6xzuUwH/KZwx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ed130aa822ab70525af1159e421068b

Files

8ed130aa822ab70525af1159e421068b
.exe windows:1 windows x86 arch:x86

49d90cb8b063cf1f5b35a3b728cfb783

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteFile
lstrlenA
GetTickCount
GetModuleFileNameA
GetFileSize
Sleep
GlobalLock
GetFileAttributesA
lstrcpynA
WritePrivateProfileStringA
OpenProcess
GetCommandLineA
SetFilePointer
CreateProcessA
InitializeCriticalSection
CreateEventA
GlobalFree
FindFirstChangeNotificationA
GetPrivateProfileStructA
GetPrivateProfileIntA
lstrcpyA
FindFirstFileA
WaitForSingleObject
FindNextFileA
EnterCriticalSection
SetEvent
GlobalUnlock
FindNextChangeNotification
WritePrivateProfileStructA
GetModuleHandleA
ReadFile
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
FindClose
CreateFileA
ExitProcess
GlobalAlloc
WaitForMultipleObjects
CreateThread
FindCloseChangeNotification

user32

CreateDialogParamA
SetMenuDefaultItem
ClientToScreen
CheckMenuRadioItem
SendMessageA
SendDlgItemMessageA
CheckDlgButton
CallWindowProcA
OffsetRect
MessageBoxA
MessageBeep
PostQuitMessage
CharLowerBuffA
TrackPopupMenu
CheckMenuItem
SetCursor
CheckRadioButton
SetTimer
CopyRect
SetWindowTextA
CreateWindowExA
LoadMenuA
LoadIconA
LoadCursorA
KillTimer
IsZoomed
IsWindowVisible
SystemParametersInfoA
ShowWindow
IsDlgButtonChecked
IntersectRect
GetWindowThreadProcessId
GetWindowRgn
GetWindowRect
GetWindowLongA
GetSubMenu
GetParent
GetMessageA
GetFocus
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
WindowFromPoint
GetDlgCtrlID
GetWindowDC
GetDesktopWindow
GetCursorPos
GetClientRect
GetWindowTextA
GetClassLongA
GetClassInfoA
GetAsyncKeyState
IsWindow
FindWindowA
EnumThreadWindows
EndDialog
LoadBitmapA
EnableWindow
DispatchMessageA
WinHelpA
MapWindowPoints
DialogBoxParamA
DestroyWindow
wsprintfA
PostMessageA
DestroyMenu
RegisterClassA
ReleaseCapture
ReleaseDC
WaitForInputIdle
TranslateMessage
SetActiveWindow
SetCapture
DefWindowProcA
SetDlgItemInt
SetDlgItemTextA
SetForegroundWindow
SetWindowPos
SetWindowLongA

killdll

SetHooks
SetBrowsers
RemoveHooks

gdi32

SetTextColor
SetROP2
SetBkColor
SelectObject
Rectangle
GetStockObject
FrameRgn
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePen

winmm

PlaySoundA

shell32

Shell_NotifyIconA

Sections

CODE
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DUPATOR!
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

49d90cb8b063cf1f5b35a3b728cfb783

Headers

File Characteristics

Imports

kernel32

user32

killdll

gdi32

winmm

shell32

Sections

CODE Size: 12KB - Virtual size: 16KB

DATA Size: 1024B - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 12KB

DUPATOR! Size: 1KB - Virtual size: 4KB

CODE
Size: 12KB - Virtual size: 16KB

DATA
Size: 1024B - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 12KB

DUPATOR!
Size: 1KB - Virtual size: 4KB