8fcf3f577b3210d531f9557a51e332fa

Sharing

Copy URL Twitter E-mail

General

Target

8fcf3f577b3210d531f9557a51e332fa
Size

244KB
MD5

8fcf3f577b3210d531f9557a51e332fa
SHA1

18d8abb3e059f90846112d5b6ccf3951bf1dab74
SHA256

c15907f805b56aea0af33be5cfcabc5d328272a7e90aada94911ee07cc3474e3
SHA512

e1b180f92a6c603a217b44ba23e309fc4206000b2cc73e83c98d8124a3338b7bac1ccb2929e76920c89e0d1c8aec658880f0150791499b7008211734fad9c1fb
SSDEEP

6144:yfExgbFf6V1DK6qm4ZnNT5be2L/TBJ/2t:ys6aqtRThL/TrY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fcf3f577b3210d531f9557a51e332fa

Files

8fcf3f577b3210d531f9557a51e332fa
.exe windows:4 windows x86 arch:x86

45092bd2b02ad94228a3542c2db6224e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA
PathFindExtensionA

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

kernel32

GlobalAlloc
GlobalFree
GetModuleHandleA
GlobalDeleteAtom
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalAddAtomA
FlushFileBuffers
GetThreadLocale
GlobalGetAtomNameA
CreateSemaphoreA
ReleaseSemaphore
lstrcmpW
GlobalFindAtomA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
VirtualAlloc
GlobalLock
HeapReAlloc
GetFileType
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetConsoleCP
GetConsoleMode
GetACP
SetStdHandle
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
GetModuleFileNameA
CloseHandle
CreateFileA
GetVersion
InterlockedExchange
MultiByteToWideChar
CompareStringA
WideCharToMultiByte
lstrlenA
GlobalUnlock
FormatMessageA
MulDiv
WaitForSingleObject
GetCurrentThreadId
RaiseException
GetCurrentProcessId
LocalAlloc
SetFilePointer
WriteFile
ReadFile
FreeResource
SetLastError
LocalFree
GetCurrentProcess
TerminateProcess
LoadResource
LockResource
SizeofResource
FindResourceA
FreeLibrary
GetVersionExA
LoadLibraryA
GetProcAddress
Sleep

user32

GetSysColorBrush
ReleaseDC
GetDC
LoadCursorA
ClientToScreen
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
BeginPaint
EndPaint
UnregisterClassA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
DestroyMenu
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
SendMessageA
GetKeyState
PeekMessageA
ValidateRect
SetForegroundWindow
ShowWindow
SetWindowTextA
GetMenu
GetForegroundWindow
GetWindow
IsWindowVisible
GetParent
GetClassNameA
GetWindowThreadProcessId
PostMessageA
EnableWindow
RegisterWindowMessageA
GetWindowTextA
GetCursorPos
IsDialogMessageA
LoadIconA
SendDlgItemMessageA
ModifyMenuA

gdi32

DeleteObject
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SaveDC
RestoreDC
SetMapMode
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

oleaut32

VariantInit
VariantClear
VariantChangeType

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45092bd2b02ad94228a3542c2db6224e

Headers

File Characteristics

Imports

shlwapi

advapi32

kernel32

user32

gdi32

winspool.drv

oleaut32

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 12KB - Virtual size: 123KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 12KB - Virtual size: 123KB

.rsrc
Size: 4KB - Virtual size: 1KB