984e9a9156b0f5b3e8c5b9c5668ee051

Sharing

Copy URL Twitter E-mail

General

Target

984e9a9156b0f5b3e8c5b9c5668ee051
Size

552KB
MD5

984e9a9156b0f5b3e8c5b9c5668ee051
SHA1

585c2792e1cfa89f0fc13c4a45990d87ab1873be
SHA256

7249f288d718c692bf52ec782cfa818d46349a02e6b5fb5a22c36e73689f0c0d
SHA512

9b2abcaddb7e852b23a1eb3e3b1ea872a7bfffdc595264b1a76e248f3c2bd08dcb7f7ba7fc476319e896ba03e37971d2c983c7e6d92a667470319f519319f86a
SSDEEP

12288:il4gG3qv3FhRVZv3j86QppjedrbDX1+t3Bi+oFM:44gG3qv3FhRVZ/oDBbBijF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
984e9a9156b0f5b3e8c5b9c5668ee051

Files

984e9a9156b0f5b3e8c5b9c5668ee051
.exe windows:4 windows x86 arch:x86

0a0e00e1934fabe74866206af7c38802

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
CreateStatusWindow
ImageList_GetImageRect
DrawInsert
InitCommonControlsEx
ImageList_Write
DestroyPropertySheetPage
ImageList_DragEnter
ImageList_EndDrag
ImageList_Replace
CreatePropertySheetPageA
ImageList_SetFilter
ImageList_Copy
ImageList_LoadImageA
DrawStatusTextA
ImageList_DragLeave

comdlg32

LoadAlterBitmap
GetFileTitleW
FindTextA
GetFileTitleA

advapi32

RegCreateKeyW
CryptSetProvParam
RegSetValueA
CryptDeriveKey
CreateServiceW
CryptEnumProvidersA
RegDeleteKeyW
RegQueryValueA
LookupPrivilegeValueW
CryptAcquireContextA
CryptSetProviderW
StartServiceW

user32

RegisterDeviceNotificationA
CharUpperBuffW
RegisterClassA
PaintDesktop
LoadImageA
SetTimer
DdeAddData
GetDialogBaseUnits
SetMessageExtraInfo
EnumPropsExA
GetScrollBarInfo
DestroyMenu
IsDlgButtonChecked
DdeGetLastError
DestroyAcceleratorTable
GetDesktopWindow
SetWindowContextHelpId
IsDialogMessageW
ChangeDisplaySettingsExA
GetMessageW
GetMessagePos
SetThreadDesktop
InsertMenuA
MapVirtualKeyExW
SetCaretBlinkTime
SetWindowsHookA
RegisterClassExW
GetDlgItemTextA
OemToCharBuffA
OemToCharA
EnumPropsExW
GetKeyboardState
DialogBoxParamW
ToAscii
wsprintfA
ScrollWindow
DdeQueryConvInfo
EnableMenuItem
SetParent
SystemParametersInfoW
DdeAccessData
GetClipboardSequenceNumber
DefMDIChildProcW
DialogBoxParamA
ExcludeUpdateRgn
DrawMenuBar
GetWindowTextW
UnregisterHotKey
CreateIconFromResourceEx
EndDeferWindowPos
EnableWindow
DdeReconnect
InvalidateRgn
GetClipboardViewer
DlgDirListW
EndDialog
RegisterClassExA
GetWindowRgn
GetMonitorInfoA
SendIMEMessageExW
ReleaseCapture
DrawFrameControl
CharPrevA
EnumDisplayMonitors

shell32

FreeIconList
SHInvokePrinterCommandA

kernel32

AllocConsole
SetConsoleCursorPosition
VirtualAlloc
GetProcessHeaps
GetDriveTypeW
LoadModule
GetVolumeInformationW
GetTimeZoneInformation
EnumResourceLanguagesW
GetTempFileNameA
QueryPerformanceCounter
lstrcpyW
TransmitCommChar
FlushFileBuffers
HeapCreate
CreateMutexA
ReadFile
CompareStringA
DeleteCriticalSection
SetLastError
GetEnvironmentStringsW
GetEnvironmentStrings
TlsGetValue
LCMapStringW
SetEnvironmentVariableW
GetTickCount
EnumResourceTypesW
HeapReAlloc
GetDiskFreeSpaceExW
GetSystemTimeAsFileTime
GetLastError
HeapDestroy
VirtualFree
CreateFileA
IsBadWritePtr
GetStartupInfoW
VirtualQuery
GetCurrentProcess
GetVersion
RtlUnwind
HeapFree
GetShortPathNameW
GetSystemTime
FillConsoleOutputAttribute
InterlockedIncrement
GetCurrentProcessId
GetThreadTimes
CompareStringW
GetCommandLineW
SetEnvironmentVariableA
TlsAlloc
HeapAlloc
CloseHandle
TerminateProcess
GetModuleFileNameW
WideCharToMultiByte
SetStdHandle
GetEnvironmentVariableA
LCMapStringA
GetStdHandle
GetWindowsDirectoryA
GetProcAddress
CreateSemaphoreA
GetLocalTime
GetStringTypeW
GetCurrentThreadId
InterlockedDecrement
LeaveCriticalSection
SetHandleCount
GetModuleHandleA
SetConsoleCursorInfo
FreeEnvironmentStringsA
WriteConsoleOutputCharacterA
WriteFile
UnhandledExceptionFilter
GetStringTypeA
EnterCriticalSection
SetFilePointer
InitializeCriticalSection
FreeEnvironmentStringsW
GetCurrentThread
TlsSetValue
GetStartupInfoA
GetCommandLineA
InterlockedExchange
OpenMutexA
ExitProcess
SetSystemTime
GetCPInfo
GetModuleFileNameA
MultiByteToWideChar
LoadLibraryA
GetFileType
TlsFree

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a0e00e1934fabe74866206af7c38802

Headers

File Characteristics

Imports

comctl32

comdlg32

advapi32

user32

shell32

kernel32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 16KB - Virtual size: 15KB