accc4d8ab1c7c753fd8f8aeac38e7599

Sharing

Copy URL Twitter E-mail

General

Target

accc4d8ab1c7c753fd8f8aeac38e7599
Size

185KB
MD5

accc4d8ab1c7c753fd8f8aeac38e7599
SHA1

5ae03ee86f73ce22fe948e7296f5f306bbc9798a
SHA256

ad92294522eb43e1caeb1d41c931a4e61b061df69a69509872293363cc97d9d6
SHA512

e3c4a695a84f01d0d8f25f0a99bbc121532acd4d264aaacc6c98b4c0dfba42da8c11ed7ce98e19d309e40b041f464879a074eafc56c97f31aac1ec04a3ff27c9
SSDEEP

3072:YQVNNMXMKKpPiB+B1bpKRKYdwUh/lkKeFg2gaLNwd24ySKp5:YW7MX9KxiYbG/lhoKySe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
accc4d8ab1c7c753fd8f8aeac38e7599

Files

accc4d8ab1c7c753fd8f8aeac38e7599
.exe windows:4 windows x86 arch:x86

a16418acb82806cba512ea2e9d191569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

RegDeleteValueA
RegOpenKeyExA
CryptEncrypt
CryptReleaseContext
CryptCreateHash
CryptGetHashParam
CryptHashData
CryptAcquireContextA
RegEnumValueA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey
CryptImportKey
RegSetValueExA
CryptDestroyKey
CryptDestroyHash
RegDeleteKeyA

kernel32

GetShortPathNameW
UnmapViewOfFile
LocalFree
GlobalSize
Sleep
CreateFileA
DisableThreadLibraryCalls
GetProcessAffinityMask
GlobalFree
LocalAlloc
EnumResourceTypesW
GetTickCount
CreateFileW
GlobalAlloc
WriteFile
GetFileSize
WideCharToMultiByte
GetFileAttributesA
MapViewOfFile
ReadFile
CreateFileMappingA
SetFilePointer
CloseHandle

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneImage

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

CoTaskMemAlloc
OleLockRunning
CoGetClassObject
CoInitializeSecurity
CreateStreamOnHGlobal
CoInitialize
StringFromGUID2
CoSetProxyBlanket
CreateItemMoniker
CoTaskMemRealloc
CreateBindCtx
StgCreateDocfile
CLSIDFromProgID
StgIsStorageFile
GetRunningObjectTable
OleUninitialize
CoCreateInstance
CoUninitialize
StgOpenStorage
CoTaskMemFree
BindMoniker
OleInitialize
CLSIDFromString

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

user32

GetWindowRect
KillTimer
CharNextA
ReleaseCapture
DrawTextA
LoadCursorA
SetRect
GetParent
PostThreadMessageA
GetWindowLongA
SetParent
SetCapture
SetFocus
ShowWindow
EnumDisplayDevicesA
RedrawWindow
RegisterClassExA
MsgWaitForMultipleObjects
SendNotifyMessageA
SendMessageTimeoutA
DestroyAcceleratorTable
CreateDialogParamA
EndPaint
GetDC
GetSysColor
GetFocus
UnregisterClassA
IsChild
DispatchMessageA
GetClassInfoExA
RegisterWindowMessageA
SetTimer
IsWindow
wsprintfA
GetWindowTextLengthA
GetClassNameA
PostMessageA
wvsprintfA
GetWindow
DefWindowProcA
FillRect
CallWindowProcA
MoveWindow
CreateWindowExA
ReleaseDC
GetClientRect
InvalidateRect
FindWindowA
GetDlgItem
GetDesktopWindow
BeginPaint
GetActiveWindow
InvalidateRgn
SendMessageA
SetWindowTextA
GetWindowTextA
SetWindowLongA
GetQueueStatus
CreateAcceleratorTableA
PeekMessageA
CopyRect
EqualRect
DestroyWindow
SetWindowPos

gdi32

CreateCompatibleDC
DeleteObject
CreateSolidBrush
RealizePalette
GetDIBits
CreateCompatibleBitmap
BitBlt
CreateFontA
SelectObject
CreateDIBSection
SelectPalette
ExtEscape
SetStretchBltMode
CreateDIBitmap
StretchDIBits
GetObjectA
DeleteDC
GetStockObject
GetDeviceCaps
SetBkMode

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a16418acb82806cba512ea2e9d191569

Headers

File Characteristics

Imports

version

shell32

advapi32

kernel32

gdiplus

winmm

setupapi

ole32

wininet

user32

gdi32

shlwapi

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 120KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 120KB