ad6fa6dc076c8397a25e40850c32c129

Sharing

Copy URL Twitter E-mail

General

Target

ad6fa6dc076c8397a25e40850c32c129
Size

53KB
MD5

ad6fa6dc076c8397a25e40850c32c129
SHA1

b4b47e8ad8f5953400219579efb3ad2c507b1000
SHA256

2fb96eb7a2f22769c7840303901fa96929e8b6f361fa1897c0a239512df1de9f
SHA512

6c586f08a27326b23caedd63117f0f3b0602f7fccdaaa63974a5c92c6dbcc9e1dd2edb4c8bbbf8a28d9702be003d9a26201ba0f598a3dd75c0e5be786b3b1f55
SSDEEP

1536:ioPUrsuY67Qf3RUc4nNdjb2Q0NC6Qgjtv71u:4suYLf3z4nNN2RMypu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad6fa6dc076c8397a25e40850c32c129

Files

ad6fa6dc076c8397a25e40850c32c129
.exe windows:5 windows x86 arch:x86

492ab6b9cc7ab7abd7de71a73d64a7fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\bJHkvQV\swCTuygdc\dtpuzWwbsjzkhC\omxddrkhha.pdb

Imports

msvcrt

_controlfp
atol
__set_app_type
iswxdigit
fgets
srand
strspn
strtoul
isspace
wcsncpy
vswprintf
calloc
__p__fmode
swscanf
setlocale
__p__commode
memset
_amsg_exit
strtol
bsearch
strncmp
putchar
wcscpy
vsprintf
fprintf
_initterm
mbtowc
_ismbblead
_XcptFilter
wcsncmp
getc
_exit
system
_cexit
sprintf
islower
wcspbrk
__setusermatherr
wcstombs
strchr
wcstod
__getmainargs
fputs
fputc
free
mktime
qsort
strrchr

shlwapi

StrToIntW

kernel32

LocalReAlloc
FileTimeToLocalFileTime
GetStartupInfoW
GetShortPathNameA
GlobalDeleteAtom
HeapUnlock
CreateThread
SetSystemTimeAdjustment
GetModuleHandleA
GetTempPathA
GetFileAttributesA
IsBadCodePtr
GetSystemDefaultLangID
GetFileAttributesExW
GetTempFileNameA
ResetEvent
GetSystemTimeAsFileTime
LockFile
DeleteAtom
GetSystemWindowsDirectoryA
SizeofResource
ReleaseMutex
SetFileTime
FormatMessageA
HeapReAlloc
FindNextChangeNotification
lstrcpyW
GetCurrentThreadId
SetCurrentDirectoryA
CreateEventA
AddAtomA
QueryDosDeviceW
GetLocalTime
GetVersionExA
GetModuleFileNameW
TryEnterCriticalSection
GetProcessHeap
GlobalSize
WaitForMultipleObjects
GetCommConfig
GetOEMCP
GetACP
GlobalAddAtomW
CreateFileW
CreateWaitableTimerW
HeapFree
LocalFree
GetFileType
FreeLibrary
LocalSize
VerSetConditionMask
GetLongPathNameW
SetHandleCount
lstrlenW
CreateSemaphoreA
ExitThread
HeapAlloc
GetCurrentDirectoryW
TlsFree

user32

RegisterWindowMessageW
SendMessageW
TranslateMessage
GetParent
DrawTextW
GetMenuItemID
RegisterClassExW
DrawTextExW
OpenInputDesktop
LookupIconIdFromDirectory
SetScrollPos
MonitorFromPoint
CloseDesktop
SetCursor
GetFocus
EqualRect
GetClassNameW
FrameRect
CharPrevW
GetScrollInfo
LoadImageW
CascadeWindows
ArrangeIconicWindows
GetWindowRect
DialogBoxParamA
InternalGetWindowText
FindWindowExW
SetMenuDefaultItem
ChildWindowFromPoint
IsRectEmpty
RegisterClassW
CreateIconIndirect
EnumThreadWindows
PostThreadMessageW
ScrollWindow
IsCharAlphaNumericW
DrawAnimatedRects
DrawFrameControl
MapVirtualKeyA
DefFrameProcA
IsChild
DestroyIcon
GetIconInfo
VkKeyScanW
CharNextW
GetSystemMenu
DeleteMenu
OpenDesktopW
UnionRect
GetMenuState
GetMenuItemCount
LoadStringA
TrackPopupMenu
GetKeyboardLayoutNameW
GetWindowTextLengthW
SendMessageA
IsDlgButtonChecked
ChangeMenuW
CopyRect
CharUpperBuffW
GetSysColorBrush
GetSubMenu
GetMenuCheckMarkDimensions
GetKeyboardLayoutList
SetDlgItemTextA
IsWindow
GetDCEx
TileWindows
EnumChildWindows
keybd_event
MoveWindow
SetTimer
AdjustWindowRectEx
EnableScrollBar
GetClassInfoExA
TranslateAcceleratorA
CharPrevA
SetPropW
SetWindowTextA
GetCaretBlinkTime
GetWindowPlacement
GetDlgItemInt
SetWindowPos
MessageBoxExW
LoadBitmapW
CharNextExA
SetSysColors
GetMenuStringA
SetWindowLongA
UpdateWindow
DefDlgProcW
GetUserObjectInformationA
wvsprintfW
RegisterHotKey
LoadBitmapA
GetMessageExtraInfo
GetKeyboardType
GetClassLongA
RemovePropW
GetClassInfoW
ShowWindow
SendMessageTimeoutW
GetActiveWindow
GrayStringW
GetSystemMetrics
TabbedTextOutW
HideCaret
SetMenuItemBitmaps
GetKeyNameTextW
GetDlgItemTextA
DestroyMenu
SetWindowTextW
GetGUIThreadInfo
OffsetRect
GetDC
ShowOwnedPopups
ClipCursor
MessageBoxExA
PeekMessageA
BeginPaint
IsDialogMessageW
GetWindowModuleFileNameW

comctl32

ImageList_AddMasked
CreatePropertySheetPageW
ImageList_GetIconSize
ImageList_Remove
ImageList_LoadImageW
CreatePropertySheetPageA

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

492ab6b9cc7ab7abd7de71a73d64a7fb

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

kernel32

user32

comctl32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 1KB