ab42f4661e0214cba681e9725579d868

Sharing

Copy URL Twitter E-mail

General

Target

ab42f4661e0214cba681e9725579d868
Size

556KB
MD5

ab42f4661e0214cba681e9725579d868
SHA1

b507db8850d68695e81e44030d24f9cd218d13ff
SHA256

a144d22ab72cf4be3cb503ba7c94e2163deb30a155d1696978b2b972100771d9
SHA512

6c4761eff3e63c38c96352ce7aa98ee12d6ed1cca9f440aa168b150e6628d2370b0ac613d4a060527c862d156ad5822bc56c59e339ca46dc4d5230545380e5e8
SSDEEP

3072:ojHt0HvQJpoZG1Uo66Qagr6E+uSdQMJ9e+0RUdctEH8xoSPTUkL+oVWCbSVjTkp9:ojHbu4ek+KJ9e+r9HYQkimmjT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab42f4661e0214cba681e9725579d868

Files

ab42f4661e0214cba681e9725579d868
.exe windows:4 windows x86 arch:x86

d1b399cd0579e8b618b154f167801936

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetACP
TerminateProcess
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
GetSystemTime
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeZoneInformation
HeapFree
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
SetErrorMode
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
CloseHandle
GetCurrentThread
LocalFree
SetLastError
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
MulDiv
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LockResource
FindResourceA
LoadResource
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
GlobalReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpyA
lstrlenA
lstrcpynA
lstrcmpA
GetModuleFileNameA
GetWindowsDirectoryA
Sleep
GetModuleHandleA
GetProcAddress
InterlockedDecrement
VirtualFree
InterlockedIncrement

user32

GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetDC
ReleaseDC
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
PostMessageA
UpdateWindow
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
DestroyMenu
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
KillTimer
WindowFromPoint
SetScrollInfo
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
IsWindowEnabled
CreatePopupMenu
AppendMenuA
LoadCursorA
IsIconic
GetSystemMetrics
DrawIcon
wsprintfA
SetCapture
GetCursorPos
PtInRect
ReleaseCapture
SetCursor
GetParent
LoadIconA
SetRect
GetDlgItem
MoveWindow
RedrawWindow
GetWindow
GetClassNameA
GetSysColorBrush
LoadStringA
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
FindWindowA
GetSubMenu
GetSysColor
IsWindow
IsWindowVisible
InvalidateRect
GetClientRect
GetWindowRect
SendMessageA
EnableWindow
SendDlgItemMessageA
UnregisterClassA

gdi32

PtVisible
RectVisible
TextOutA
Escape
LPtoDP
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
OffsetViewportOrgEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
FillRgn
RestoreDC
SaveDC
DeleteDC
ExtTextOutA
DeleteObject
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush
GetStockObject
GetObjectA
CreateFontIndirectA
CreateRectRgnIndirect
CreateRectRgn
CombineRgn
SetRectRgn
SetViewportExtEx

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1b399cd0579e8b618b154f167801936

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 372KB - Virtual size: 386KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 372KB - Virtual size: 386KB

.rsrc
Size: 20KB - Virtual size: 17KB