8fa9faa6e256722225c7da5d34bb3ae3

Sharing

Copy URL Twitter E-mail

General

Target

8fa9faa6e256722225c7da5d34bb3ae3
Size

295KB
MD5

8fa9faa6e256722225c7da5d34bb3ae3
SHA1

ae81115c8039f6a45ff0bc5554e42c6fee3ff40f
SHA256

77fce12b5ec10454eb70e3e2928f526aa361a381d440e14bd3d2cdb2eb194bb9
SHA512

c3cdc46b256acd26e980ade7d21c999b774d58eb8c86327650337da2653ec5968e59a5fe7403d52ad723fbee4d2f10335943a04b79e3fac86065dc32712d633d
SSDEEP

6144:p5QEj84zdIv533ChVnwj1wzP0LUeFJGNV/v5z1Df3PC:p5JjbzdCJ3ChgwT0oNNVJJDfq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fa9faa6e256722225c7da5d34bb3ae3

Files

8fa9faa6e256722225c7da5d34bb3ae3
.exe windows:4 windows x86 arch:x86

67c4ae04efc37e10f5dbb3ca1d92fc5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextAlign
UpdateColors
ExtCreateRegion
CreateDiscardableBitmap
SetWindowOrgEx
StrokePath
EnumFontFamiliesExA
OffsetRgn
SetViewportExtEx
SetDIBits
GetOutlineTextMetricsW
Pie
ExtTextOutW
GetNearestColor
EnumFontFamiliesW
GetNearestPaletteIndex
ExtSelectClipRgn
CreateRectRgnIndirect

advapi32

RegOpenKeyExW
RegEnumKeyW
LookupPrivilegeValueW
SetNamedSecurityInfoW
LookupPrivilegeNameA
RegNotifyChangeKeyValue
RegSetValueExA
RegQueryValueA
CryptGenRandom
SetNamedSecurityInfoA
RegConnectRegistryA
PrivilegeCheck
OpenThreadToken
EqualSid
OpenServiceW
DestroyPrivateObjectSecurity
GetSecurityDescriptorOwner
EnumDependentServicesA
MakeSelfRelativeSD
QueryServiceConfigA
InitializeSid
ObjectCloseAuditAlarmA
CryptReleaseContext
CryptDestroyHash
LockServiceDatabase
GetSidIdentifierAuthority
RegOpenKeyExA
RegEnumValueW
AccessCheckAndAuditAlarmW
SetSecurityDescriptorDacl

kernel32

GetDateFormatA
SwitchToFiber
GetEnvironmentStringsW
GetUserDefaultLangID
LoadLibraryExA
GetPrivateProfileStringA
FormatMessageW
GetCommandLineW
MoveFileExA
CreateNamedPipeW
lstrcmpiA
CreateDirectoryW
GetLocaleInfoW
SetLastError
ReadDirectoryChangesW
GlobalDeleteAtom
SetStdHandle
CreateFileW
LCMapStringA
GetCompressedFileSizeW
SetMailslotInfo
GetConsoleCursorInfo
SetEndOfFile
GetSystemDefaultLangID
LocalFileTimeToFileTime
RemoveDirectoryW
SetConsoleOutputCP
SetupComm
_lread
CreateWaitableTimerA
SystemTimeToFileTime
GetTapeStatus
GetShortPathNameW
WritePrivateProfileStructA
SetThreadPriorityBoost
GlobalAddAtomW
lstrcatW
GetSystemInfo
EnumCalendarInfoA
PrepareTape
SetFileTime
EnumResourceNamesW
GetFileAttributesExA
GetHandleInformation
GetFileAttributesA
GlobalFindAtomA
GetCurrentProcess
GetBinaryTypeW
PurgeComm
CopyFileExW
_lclose
FreeLibrary
OutputDebugStringA
FillConsoleOutputCharacterA
PeekConsoleInputW
LocalSize
_llseek
ExitProcess
SetVolumeLabelA
GetPrivateProfileStringW
CreatePipe
FlushFileBuffers
GlobalFree
GetUserDefaultLCID
GlobalGetAtomNameW
ReadFile
WritePrivateProfileSectionA
IsProcessorFeaturePresent
EnumCalendarInfoW
GlobalFlags
GetStringTypeExW
GetDiskFreeSpaceW
FlushConsoleInputBuffer
GetNumberFormatW
DebugBreak
LoadLibraryExW
GetTapeParameters
EnumTimeFormatsW
EnumResourceLanguagesW
TryEnterCriticalSection
IsBadWritePtr
FindResourceExA
FindFirstFileA
ReadConsoleA
UnmapViewOfFile
IsBadStringPtrA
GetThreadContext
GetFullPathNameA
GetShortPathNameA
PeekNamedPipe
ScrollConsoleScreenBufferA
CancelIo
DuplicateHandle
FreeLibraryAndExitThread
GetLogicalDriveStringsA
FindResourceExW
GetProcessTimes
ReadFileScatter
SetCurrentDirectoryA
GetModuleHandleA
GetTempFileNameA
VirtualAlloc
SearchPathW
GetStartupInfoA

shell32

SHLoadInProc
SHFileOperationA
FindExecutableW
Shell_NotifyIconW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

oleaut32

SafeArrayPutElement
SetErrorInfo
SafeArrayGetElement

ole32

CoMarshalInterThreadInterfaceInStream
CreateBindCtx
OleConvertIStorageToOLESTREAM
OleCreateMenuDescriptor
OleSave
CoDisconnectObject

user32

RemovePropW
wvsprintfW
VkKeyScanW
LoadStringA
CharLowerBuffW
SendNotifyMessageW
MsgWaitForMultipleObjectsEx
SetWindowPlacement
MapWindowPoints
PostThreadMessageW
DrawTextW
GetKeyNameTextW
GetClipboardData
IsCharUpperW
GetClassLongW
CopyIcon
InvalidateRgn
BroadcastSystemMessageA
GetDlgItemTextW
GetWindowInfo
GetMessageW
CharToOemBuffA
GrayStringA
GetClipboardFormatNameA
ClipCursor
MonitorFromWindow
CharUpperA
SetScrollRange
HideCaret
CheckMenuItem
CreateWindowExW
SetCaretBlinkTime
EnumThreadWindows
ChangeClipboardChain
DrawEdge
GetTabbedTextExtentW
SetMenuInfo
LoadStringW
CreateWindowStationW
RegisterHotKey
CloseWindow
SetWindowsHookExA
CallNextHookEx
SwitchToThisWindow
ChangeDisplaySettingsW
GetClassNameW
MessageBoxA
LoadBitmapA
GetClipCursor
GetScrollPos
DrawTextExW
NotifyWinEvent
CharUpperW
LoadKeyboardLayoutW
ShowWindowAsync
GetClipboardOwner
IsWindowEnabled
DrawFrameControl
PostMessageW
CloseWindowStation

version

VerQueryValueA

comctl32

ImageList_SetDragCursorImage
ImageList_Remove

msvcrt

_chdrive
calloc
frexp
_strlwr
_wstrdate
_mbscmp
_endthread
ceil
atoi
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
vprintf
_wcsdup
_mbstrlen
_pipe
_spawnlp
iswctype
realloc
vfwprintf
_mbsupr
localtime
_ultoa
_endthreadex
_wcsnset

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67c4ae04efc37e10f5dbb3ca1d92fc5a

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

shell32

oleaut32

ole32

user32

version

comctl32

msvcrt

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 96KB - Virtual size: 96KB

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 96KB - Virtual size: 96KB