88f3365a3e15fdd14f6ae5fb179aa80256b9f6f779dc0bdba0760d4df45c1a7d

Sharing

Copy URL Twitter E-mail

General

Target

88f3365a3e15fdd14f6ae5fb179aa80256b9f6f779dc0bdba0760d4df45c1a7d
Size

273KB
MD5

ba3365e59af1f175008157eda4f67926
SHA1

b370a65c061b0256fc73d11c448f358be438303f
SHA256

88f3365a3e15fdd14f6ae5fb179aa80256b9f6f779dc0bdba0760d4df45c1a7d
SHA512

0492df5aa4af1a45c83ebef3ae856fec7f4846ed896b57ad4ca8873e3b439525d44c4c2540c45a11b822dea590215eb378e291b3b7949cdad8c5e6857893932a
SSDEEP

3072:UI1Z+2/bio2Dur26Y5/n2BJqKoqvGNhl+HFJcAAfa9C6YrrpX6fqA7Jfn:UaZjcClY5/20qu5WcJHVnJ6X7Jf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88f3365a3e15fdd14f6ae5fb179aa80256b9f6f779dc0bdba0760d4df45c1a7d

Files

88f3365a3e15fdd14f6ae5fb179aa80256b9f6f779dc0bdba0760d4df45c1a7d
.exe windows:5 windows x86 arch:x86

119b0937e58b90666d17ae3fe6f32014

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetCurrentThreadId
InterlockedIncrement
GetModuleHandleW
InitializeCriticalSection
LocalAlloc
InterlockedDecrement
GetACP
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineW
VirtualAlloc
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryA
WriteFile
GetStartupInfoA
GetModuleHandleA
Sleep
DeviceIoControl
SetEvent
HeapReAlloc
lstrcpyW
EnterCriticalSection
SetFilePointer
GetTickCount
LeaveCriticalSection
GetCurrentProcessId

advapi32

RegSetValueExW
RegQueryValueExW
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyW
RegDeleteValueW
AddAccessAllowedAce
GetLengthSid
RegOpenKeyExA
GetTokenInformation
AllocateAndInitializeSid
OpenProcessToken
RegOpenKeyExW
RegOpenKeyW
AdjustTokenPrivileges
CloseServiceHandle
OpenThreadToken
RegEnumKeyExW
SetSecurityDescriptorDacl
RegCreateKeyExW
InitializeSecurityDescriptor
InitializeAcl
RegCloseKey
RegDeleteKeyW

gdi32

DeleteObject
PatBlt
GetTextMetricsW
DeleteDC
CreateFontIndirectW
TextOutW
StretchBlt
GetTextExtentPoint32W
LineTo
CreateSolidBrush
CreateCompatibleBitmap
SetTextColor
SetBkColor
ExtTextOutW
SelectObject
SetBkMode
CreateBitmap

user32

FillRect
ReleaseDC
GetDlgItemTextW
MessageBoxW
FindWindowW
DispatchMessageA
CreateDialogParamW
SetDlgItemTextW
SetWindowLongW
PostMessageW
IsWindow
SetForegroundWindow
GetDlgItem
SendMessageW
GetFocus
DispatchMessageW
WinHelpW
CopyRect
TranslateMessage
IsDialogMessageW
GetCursorPos
PeekMessageW
DrawTextW
RegisterClassW
BeginPaint
UpdateLayeredWindow
LoadCursorW
GetKeyState
CheckDlgButton
SetWindowTextW
RegisterClassExW
GetSystemMetrics
InvalidateRect

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gu_idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

gu_rsrcs
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119b0937e58b90666d17ae3fe6f32014

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 116KB - Virtual size: 116KB

.rsrc Size: 128KB - Virtual size: 128KB

.text Size: 1024B - Virtual size: 4KB

gu_idata Size: 2KB - Virtual size: 4KB

gu_rsrcs Size: 5KB - Virtual size: 5KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 128KB - Virtual size: 128KB

.text
Size: 1024B - Virtual size: 4KB

gu_idata
Size: 2KB - Virtual size: 4KB

gu_rsrcs
Size: 5KB - Virtual size: 5KB