aa8660eaf09832e57674985aac5ec34d

Sharing

Copy URL Twitter E-mail

General

Target

aa8660eaf09832e57674985aac5ec34d
Size

677KB
MD5

aa8660eaf09832e57674985aac5ec34d
SHA1

a806064a8d4cc6101badbdb2f223830208b514bd
SHA256

32713c88ddb3462c505324a16b8ac4b86e0610107f529a9da2ffffddb30ea3ec
SHA512

259fa7b8d809589e8cd3ca6778af05cc995400a5c7de8de163c95b682717c91a4c2667ab7470ec738e316751f887f6037ef33402ff6286e0abc0123ffc323129
SSDEEP

6144:4VaRSlGgxHnTYCUBp2xa090wobzgaGs5aVz4fobynpxj89eZMpiBPUS6B0l:8xHnTYC0FnbzgaGs5tpxviaPUS6B0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa8660eaf09832e57674985aac5ec34d

Files

aa8660eaf09832e57674985aac5ec34d
.exe windows:4 windows x86 arch:x86

de7bbbbfc37294317916e35d826fdd33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderPathA

kernel32

lstrlenA
WriteFile
SetFilePointer
ReadFile
CreateFileA
WideCharToMultiByte
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
OpenFile
LoadLibraryA
GetSystemDirectoryA
MulDiv
GetDiskFreeSpaceA
FreeLibrary
GetFullPathNameA
GetFileSize
GetCurrentProcessId
GetVersionExA
GetWindowsDirectoryA
CreateThread
CreateEventA
WaitForSingleObject
ResetEvent
FreeResource
InterlockedIncrement
InterlockedDecrement
LoadLibraryW
CreateEventW
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
SetEvent
GetModuleHandleW
CreateSemaphoreW
lstrcpyW
lstrcpynW
lstrcmpW
lstrcmpiW
lstrlenW
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
GetCurrentThread
WaitForMultipleObjects
GetLocalTime
GetCurrentDirectoryA
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FlushFileBuffers
SetStdHandle
SetConsoleCtrlHandler
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetCPInfo
FatalAppExitA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetTickCount
GetDiskFreeSpaceExA
MultiByteToWideChar
DeleteFileA
CreateMutexA
GetLastError
CloseHandle
Sleep
WritePrivateProfileStringA
WinExec
GetPrivateProfileStringA
lstrcmpA
lstrcpyA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
SetPriorityClass
GetModuleFileNameA
CreateDirectoryA
OutputDebugStringA
GetPrivateProfileIntA
GetSystemDefaultLangID
GetACP
lstrcpynA
lstrcatA
GetVersionExW
SetCurrentDirectoryA

user32

PostThreadMessageW
wsprintfW
wvsprintfW
MsgWaitForMultipleObjects
PeekMessageW
MessageBoxExA
AdjustWindowRectEx
CallWindowProcA
LoadStringA
GetWindowTextA
GetSysColor
CheckRadioButton
RegisterWindowMessageA
BringWindowToTop
SetWindowPos
SetWindowPlacement
LockWindowUpdate
SetRect
GetSystemMetrics
SetWindowLongA
GetWindowLongA
GetWindowPlacement
SetMenu
GetMenu
ShowWindow
SetWindowTextA
GetDesktopWindow
RemoveMenu
RegisterWindowMessageW
GetSubMenu
PostMessageA
CreateWindowExA
ReleaseDC
GetDC
RegisterClassA
LoadIconA
LoadCursorA
LoadAcceleratorsA
MessageBoxW
LoadStringW
IsDlgButtonChecked
GetDlgItemTextA
IsCharAlphaA
IsCharAlphaNumericA
GetDlgItemInt
SetDlgItemInt
SetFocus
MessageBeep
EnableWindow
GetDlgItem
SetDlgItemTextA
EndDialog
SetDlgItemTextW
MessageBoxA
GetMenuItemID
CreatePopupMenu
AppendMenuA
GetQueueStatus
DispatchMessageW
GetMenuItemCount
GetMenuStringW
InsertMenuW
InvalidateRect
UpdateWindow
KillTimer
PostQuitMessage
BeginPaint
FillRect
LoadImageA
DrawIconEx
DestroyIcon
EndPaint
GetCursorPos
WaitMessage
TranslateAcceleratorA
DispatchMessageA
TranslateMessage
PeekMessageA
AppendMenuW
SetTimer
SetCursorPos
SetCursor
LoadCursorFromFileA
GetWindowRect
LoadMenuA
TrackPopupMenu
DestroyMenu
GetAsyncKeyState
DialogBoxParamA
SetActiveWindow
SetForegroundWindow
EnableMenuItem
CheckMenuItem
wsprintfA
DefWindowProcA
DestroyWindow
SendMessageA
GetClientRect
MoveWindow
CheckDlgButton

gdi32

SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
GetTextMetricsA
SelectObject
GetStockObject
DeleteDC
DeleteObject
ExtTextOutA
PatBlt
CreateSolidBrush
CreateFontA
SetStretchBltMode
StretchDIBits
CreateDIBSection
StretchBlt
CreateCompatibleDC

comdlg32

GetOpenFileNameA

ole32

CoTaskMemAlloc
IIDFromString
GetRunningObjectTable
CreateItemMoniker
CreateBindCtx
MkParseDisplayName
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitialize
CreateStreamOnHGlobal

winmm

PlaySoundA
timeGetTime
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerClose
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetControlDetailsA
mixerSetControlDetails
timeSetEvent
sndPlaySoundA

msacm32

acmMetrics
acmFormatChooseA

olepro32

ord250
ord251

oleaut32

SysAllocString
SysFreeString

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegNotifyChangeKeyValue
RegOpenKeyA
RegCreateKeyA
RegQueryValueExA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathFileExistsA

comctl32

CreateToolbarEx
ImageList_Create
ImageList_AddMasked

setupapi

SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA
SetupDiChangeState
SetupDiSetClassInstallParamsA
SetupDiEnumDeviceInfo

gdiplus

GdipSaveImageToStream
GdipDisposeImage
GdipLoadImageFromFile
GdipGetImageEncodersSize
GdiplusShutdown
GdipFree
GdipAlloc
GdipCloneImage
GdiplusStartup
GdipGetImageEncoders

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pzewtpe
Size: - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de7bbbbfc37294317916e35d826fdd33

Headers

File Characteristics

Imports

shell32

kernel32

user32

gdi32

comdlg32

ole32

winmm

msacm32

olepro32

oleaut32

advapi32

shlwapi

comctl32

setupapi

gdiplus

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 268KB - Virtual size: 296KB

pzewtpe Size: - Virtual size: 76KB

.text Size: 161KB - Virtual size: 164KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 268KB - Virtual size: 296KB

pzewtpe
Size: - Virtual size: 76KB

.text
Size: 161KB - Virtual size: 164KB