b58962b33590586e0dd6deee927b8404

Sharing

Copy URL

Twitter E-mail

General

Target

b58962b33590586e0dd6deee927b8404
Size

255KB
MD5

b58962b33590586e0dd6deee927b8404
SHA1

4ff26d01d6758cd1f990fe3ee42f92409dcaec44
SHA256

49b2e66d478de035eab0d0b85566d7871d18ebdb90e56cf2e17e729da8753d6a
SHA512

9dd1dd7c762e5f524af18f5412cf790a1636578b489b37f6f7de5921ab015dfa69128d7822938b383b5cbb5687d98711e628ff1d8ae815156ff5cbe303539a0f
SSDEEP

6144:AomAvE5/X3+M4PWyiU65ELVx/DrUbYSjp/dhCAUXL:AomAs5/NHLE5JDrwYO/3CA6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b58962b33590586e0dd6deee927b8404

Files

b58962b33590586e0dd6deee927b8404
.exe windows:5 windows x86 arch:x86

ddaac1565de1033cff93c4a91f9ea586

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\EOaWuzjlfcohqq\tkqohzo\nTtqygQk\eScFbpXjtp\bHpSdAn.pdb

Imports

user32

LoadAcceleratorsW
CharUpperBuffA
EndDialog
FindWindowExA
SetSysColors
EnumChildWindows
TranslateMessage
GetClientRect
SetWindowTextW
SetWindowLongA
EnumWindows
SetWindowPlacement
FrameRect
GetMessageW
IsCharLowerA
SendMessageTimeoutA
CascadeWindows
OemToCharA
ShowScrollBar
GetTopWindow
SetForegroundWindow
OpenDesktopW
OemToCharBuffA
OffsetRect
InvertRect
CheckRadioButton
DrawAnimatedRects
DestroyAcceleratorTable
IsDlgButtonChecked
InvalidateRect
IsRectEmpty
MonitorFromPoint
InflateRect
GetWindowDC
RegisterClassW
SetWindowTextA
DestroyCursor
VkKeyScanW
IsWindow
PostQuitMessage
GetDlgItemTextW
BeginPaint
DrawStateW
ChangeMenuW
InSendMessageEx
RegisterWindowMessageA
ChildWindowFromPoint
CheckMenuItem
mouse_event
SendMessageTimeoutW
SetClassLongW
GetScrollPos
ReplyMessage
RedrawWindow
GetLastActivePopup
CharNextExA
ScrollWindow
CreateWindowExA
PeekMessageA
IsIconic
CharPrevA
GetMessagePos
GetForegroundWindow
WaitMessage
ShowCursor
GetUserObjectInformationW
InSendMessage
GetKeyState
GetNextDlgTabItem
SetDlgItemInt
GetKeyboardType
GetDCEx
KillTimer
keybd_event
SetUserObjectInformationW
DrawFrameControl
RegisterClassExW
LockWindowUpdate
IsMenu
CreateDialogParamA
CallWindowProcW
GetDlgItemTextA
PostMessageW
GetKeyboardLayoutList
IsCharAlphaA
LoadStringW
GetKeyNameTextW
ChildWindowFromPointEx
LoadBitmapW
InsertMenuW
PostThreadMessageW
ShowWindow
RemovePropW
DrawTextExW
RemoveMenu
SystemParametersInfoA
CreatePopupMenu
ScrollWindowEx
DrawStateA
wvsprintfA
ShowWindowAsync
DrawTextW
GetDlgItemInt
BeginDeferWindowPos
GetDialogBaseUnits
RegisterWindowMessageW
SetDlgItemTextW
GetAsyncKeyState
EnableWindow
SetLastErrorEx
GetWindowTextA
GetClassInfoExA
UnionRect
SetWindowLongW
VkKeyScanA
DragObject
IsCharAlphaNumericW
FindWindowW
GetWindow
PostThreadMessageA
CopyImage

comctl32

PropertySheetW
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_Remove
DestroyPropertySheetPage

msvcrt

toupper
towupper
strncmp
rand
wcscoll
exit
strrchr
_controlfp
iswdigit
strcpy
__set_app_type
__p__fmode
__p__commode
getc
_amsg_exit
wcsncpy
vsprintf
mbstowcs
wcstod
_initterm
floor
mktime
ftell
isprint
clearerr
wcscspn
_ismbblead
_XcptFilter
_exit
_cexit
isupper
getenv
ungetc
isalpha
strtok
wcsncmp
islower
strchr
isalnum
localtime
__setusermatherr
system
memset
isxdigit
bsearch
iswctype
__getmainargs
fprintf

kernel32

FormatMessageA
SetSystemTimeAdjustment
GetModuleHandleA
SetTimerQueueTimer
SetWaitableTimer
TlsSetValue
GetComputerNameExA
SuspendThread
GetComputerNameExW
GetCommandLineW
ClearCommError
CreateNamedPipeA
FindNextFileA
GetCommProperties
WaitCommEvent
lstrlenA
GetFullPathNameA
DisconnectNamedPipe
CreateFileA
CreateFileMappingW
LocalReAlloc
LCMapStringW
IsBadCodePtr
RemoveDirectoryW
VirtualProtect
VirtualFree
GetSystemTimeAdjustment
ResetEvent
SetupComm
SetCurrentDirectoryW
lstrcatA
LoadLibraryExA
GetModuleHandleW
GetStringTypeExW
HeapCreate
MoveFileW
FindClose
MoveFileA
CompareStringA
VirtualQuery
GetShortPathNameA
DeleteFileW
SetThreadLocale
GetNumberFormatA
GetOEMCP
FindNextFileW
SizeofResource
GetFileType
GetCurrentThread
IsBadWritePtr
CompareStringW
GetFileAttributesA
GetModuleFileNameA
GlobalAddAtomW
GetCommState
SetFileApisToOEM
WaitForMultipleObjectsEx

Exports

Exports

?ForceTriangulateA@@YGKDDPAX:O

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reat
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uac
Size: 1KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.riat
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddaac1565de1033cff93c4a91f9ea586

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.reat Size: 512B - Virtual size: 121B

.uac Size: 1KB - Virtual size: 184KB

.riat Size: 6KB - Virtual size: 5KB

.byte Size: 1024B - Virtual size: 560B

.vdata Size: 512B - Virtual size: 192B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 219KB - Virtual size: 218KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.reat
Size: 512B - Virtual size: 121B

.uac
Size: 1KB - Virtual size: 184KB

.riat
Size: 6KB - Virtual size: 5KB

.byte
Size: 1024B - Virtual size: 560B

.vdata
Size: 512B - Virtual size: 192B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 219KB - Virtual size: 218KB

.reloc
Size: 2KB - Virtual size: 1KB