ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d

Sharing

Copy URL

Twitter E-mail

General

Target

ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d
Size

792KB
MD5

5e29048bae5f331abe9d12f72b8fac42
SHA1

5f826ef166544bdd5556864158e766d1a3341c62
SHA256

ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d
SHA512

d23cdf289a2d775af1396ba7a0465b168ba59ecd265d551824e613f04b8265bdc23dd95c5c3a3c6606ebcdcce1c2f14f3c763ebcdae5868125d74a894a141b54
SSDEEP

12288:hHsWSv4xPciZNTRZt7xulIz5xOLSbpgll92B3++YnB9RJMY8vr:hgvQ1D2INxOY+TB9ReY8v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d

Files

ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d
.exe windows:6 windows x64 arch:x64

1217f83c8908cf0363bc8b5176cf585a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\project\GDPRDlg1.0\x64\Release\GDPRDlg.pdb

Imports

kernel32

LocalFree
SetFileAttributesW
WideCharToMultiByte
GetVersionExW
FindResourceExW
GetCurrentProcess
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetConsoleCP
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
InitOnceExecuteOnce
DeleteCriticalSection
GetFileType
ReadConsoleW
GetCurrentThreadId
SetFilePointerEx
SetFilePointer
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
GetStartupInfoW
TerminateProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetUserGeoID
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
LCMapStringEx
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
SetLastError
GetCPInfo
OutputDebugStringW
QueryPerformanceCounter
ReadFile
CreateFileW
GlobalLock
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetProcAddress
WritePrivateProfileStructW
GetPrivateProfileStructW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetConsoleMode
GetGeoInfoW
FreeLibrary
LoadLibraryW
GetModuleFileNameW
GetPrivateProfileStringW
CloseHandle
GetLastError
CreateMutexW
GetCommandLineW
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
SetEnvironmentVariableA
WriteFile
GetStdHandle
GetTimeZoneInformation
Sleep
HeapSize
GetModuleHandleExW
ExitProcess
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
CreateDirectoryW
IsProcessorFeaturePresent
IsDebuggerPresent
HeapReAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GlobalFree
SetUnhandledExceptionFilter
GlobalUnlock

user32

DestroyWindow
LoadStringW
PostMessageW
GetDC
ReleaseDC
InvalidateRect
DrawTextW
SendMessageW
GetClientRect
SetWindowRgn
CreateWindowExW
SetWindowPos
EnableWindow
ShowWindow
BeginPaint
EndPaint
SetCursor
GetCursorPos
ScreenToClient
PtInRect
SetWindowLongPtrW
GetWindowLongPtrW
DefWindowProcW
PostQuitMessage
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
RegisterClassExW
FillRect
SetFocus
ReleaseCapture
SetCapture
LoadCursorW

gdi32

GetTextExtentPoint32W
SetBkColor
CreateSolidBrush
CreateRectRgn
GetObjectW
CreateFontW
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
GetStockObject
GetDeviceCaps
SelectObject
SetTextColor
SetBkMode
BitBlt
DeleteDC

advapi32

SetEntriesInAclW
RegOpenKeyExW
RegEnumKeyW
SetNamedSecurityInfoW
RegQueryValueExW
GetNamedSecurityInfoW
RegCloseKey

shell32

SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

wininet

InternetOpenUrlW
InternetReadFile
InternetOpenW
InternetCloseHandle

gdiplus

GdipCreateBitmapFromFile
GdipCloneImage
GdipGetImageWidth
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipFree
GdipGetImageHeight
GdipDrawImageRectRect
GdipSetInterpolationMode
GdipFillRectangleI
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreateFromHDC

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 404KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1217f83c8908cf0363bc8b5176cf585a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

gdiplus

shlwapi

comctl32

msimg32

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 16KB - Virtual size: 25KB

.pdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 119KB - Virtual size: 118KB

.reloc Size: 404KB - Virtual size: 1.1MB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 16KB - Virtual size: 25KB

.pdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 119KB - Virtual size: 118KB

.reloc
Size: 404KB - Virtual size: 1.1MB