b72b3980d8193303b832606f2a3ed0a4

Sharing

Copy URL

Twitter E-mail

General

Target

b72b3980d8193303b832606f2a3ed0a4
Size

219KB
MD5

b72b3980d8193303b832606f2a3ed0a4
SHA1

c783709a3bb01b1375babab652279e07c546f3a2
SHA256

9d1f7e9300e41826dd29e9aaec66a6c8077b5c02bbb1d3e96531bed636bd8208
SHA512

1148dc6b0f1a143eb423310983f12237a9eced5eec557c20b4ab66b8291c3da735d35a4c53b6e8e24140a31c620f873df00640f5d6998350c7620ffdb28c50d0
SSDEEP

6144:TjelMaRKBHsOQs+idcsWjTQqFkpxlqFBARrIGgGxb:TClMv9xz+sWjTQqF4xlqfARuG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b72b3980d8193303b832606f2a3ed0a4

Files

b72b3980d8193303b832606f2a3ed0a4
.exe windows:5 windows x86 arch:x86

637ad59a05fb65179fc1cc93d1177ce8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\assKBafzomc\YLbjvAthuCL\fKkufmc.pdb

Imports

msvcrt

_controlfp
sscanf
putc
wcscpy
__set_app_type
wcstol
time
__p__fmode
iswctype
isalpha
atoi
__p__commode
toupper
bsearch
_amsg_exit
strcspn
wcsrchr
iswprint
_initterm
_acmdln
fwrite
wcscoll
swscanf
fputc
strtol
wcschr
srand
strspn
exit
localtime
_ismbblead
_XcptFilter
getenv
_exit
getc
clock
vsprintf
_cexit
swprintf
__setusermatherr
atol
strrchr
__getmainargs
towupper
strncmp
perror

kernel32

FindFirstFileA
DeleteAtom
lstrcmpiW
GlobalAddAtomW
SetLocalTime
LoadResource
lstrcpyA
WaitForMultipleObjectsEx
DuplicateHandle
GetTimeFormatW
GetLocaleInfoW
LoadLibraryA
QueryPerformanceCounter
FindResourceExW
GetNumberFormatA
HeapAlloc
GetFullPathNameW
FindNextChangeNotification
GetProcessHeap
GetOEMCP
RemoveDirectoryW
GlobalHandle
RemoveDirectoryA
GetDateFormatW
SearchPathA
ClearCommError
IsBadReadPtr
GetCurrentThreadId
GetCommProperties
GlobalFindAtomW
TryEnterCriticalSection
FindResourceExA
LockResource
FindResourceA
GetWindowsDirectoryW
GetCurrentThread
CreateRemoteThread
SetEvent
GlobalAddAtomA
FreeResource
TlsSetValue
GetTempFileNameA
CopyFileA
GetTimeZoneInformation
VirtualQuery
CreateEventW
FlushFileBuffers
SetCommState
SearchPathW
GetCommandLineW
GetCommConfig
HeapCreate
HeapFree
SetThreadAffinityMask
GetUserDefaultUILanguage
lstrlenW
GetTempPathA

user32

MoveWindow
TabbedTextOutW
FrameRect
PeekMessageA
CharLowerW
DestroyWindow
TileWindows
SwapMouseButton
GetMessageW
CallWindowProcA
TranslateMessage
VkKeyScanW
CreateCursor
ReplyMessage
GetIconInfo
TrackPopupMenuEx
CreateDialogIndirectParamW
GetSystemMenu
GetWindowLongW
CharUpperW
IsWindow
GetKeyboardType
DrawFocusRect
GetPropW
HiliteMenuItem
CheckDlgButton
GetAsyncKeyState
GetScrollRange
DefDlgProcA
ShowWindowAsync
GetMenuItemInfoW
SetRect
SetWindowPos
CharToOemBuffA
IntersectRect
GetMessagePos
IsCharAlphaW
DefFrameProcW
KillTimer
ShowCursor
InSendMessageEx
MessageBoxExA
AdjustWindowRectEx
PostQuitMessage
CharUpperBuffA
DestroyIcon
ToUnicodeEx
UnionRect
AppendMenuW
GetKeyboardLayoutNameW
CharNextExA
SystemParametersInfoW
GetWindowLongA
SetWindowRgn
DrawTextA
wvsprintfW
GetClipCursor
CharUpperBuffW
IsWindowEnabled
TrackPopupMenu
WindowFromPoint
SetWindowTextA
GetSysColor
GetMenuState
PtInRect
PostThreadMessageW
RedrawWindow
DrawTextExW
SendInput
MessageBoxA
DefWindowProcW
CharLowerA
ExitWindowsEx
UpdateWindow
GetMenuItemCount
IsMenu
GetDlgItemTextW
CreatePopupMenu
PostThreadMessageA
CopyAcceleratorTableW
PostMessageA
LoadAcceleratorsW
CharToOemA
RemovePropW
GetKeyboardLayoutList
EndTask
MonitorFromRect
DragObject
SetMenu
GetSysColorBrush
ChildWindowFromPointEx
GetUserObjectInformationA
CreateDialogParamA
EndDialog
wvsprintfA
CharPrevW
DrawIcon
SetCursorPos
CreateWindowExW
ValidateRect
EnumThreadWindows
InsertMenuW
MapWindowPoints
DrawEdge
OpenIcon
BeginPaint
LoadCursorA
HideCaret
BeginDeferWindowPos

comctl32

ImageList_Write
CreatePropertySheetPageW
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_GetImageCount

gdi32

SetBkColor
CreatePenIndirect
CreatePatternBrush
CreateDIBitmap
ExtFloodFill
GetDIBits
StartDocW
Ellipse
TextOutA
GetTextCharsetInfo
SetLayout
GetLayout
GetBitmapBits
RoundRect
GetDIBColorTable
StretchDIBits
CreateCompatibleBitmap
SetDIBColorTable
EndPath
GetSystemPaletteEntries
SetBrushOrgEx
LineDDA
EnumFontFamiliesExW
SetPixel
RectInRegion
CreateFontW
EnumFontFamiliesW
CreatePen
PathToRegion
CreateCompatibleDC
SelectPalette
GetTextColor
EnumFontsW
GetBkMode
CreateFontIndirectW
StartPage
CreateHalftonePalette
GetDeviceCaps
GetClipBox
DPtoLP
GetTextExtentPoint32W
GetTextExtentPoint32A
GetObjectA
SetROP2

Exports

Exports

?EnumDialogEx@@YGDJ]A
?ShowClassOriginal@@YGMEIG]A
?IsNotMonitor@@YGEPAD]A
?InstallPointNew@@YGKPAK]A
?ValidateMutant@@YGXI]A
?InsertObjectEx@@YGGPAM]A
?FreeWindowInfoW@@YGEFPAJ]A
?IsValidDateTimeExA@@YGPAEGIHM]A
?InstallModuleOld@@YGPAMG]A
?ShowRectExA@@YGII]A
?ShowComponentW@@YGXNPAEPA_N]A
?LoadPointExA@@YGPAXI_NJ]A
?ProcessExW@@YGPANPAM]A
?ShowMemory@@YG_NPAD]A
?IsValidVersionOld@@YGPAXM]A
?GlobalObjectA@@YGJHIFI]A
?IsNotWindowInfo@@YGFMPAEIF]A
?MessageW@@YGXMH]A
?InsertSectionEx@@YGPA_NPAJD_NPAG]A
?RemovePenExA@@YGXGM]A
?CloseWindowInfoExA@@YGXPAHHPA_N]A
?ShowWindowInfoExW@@YG_NJDPAF]A
?RemoveMemoryW@@YGPADGG]A
?SetExpressionW@@YGXPAGDHG]A
?ModifyValueExW@@YGEJJID]A
?InstallMemory@@YGPADKGJH]A
?InvalidateValueExW@@YGKIPA_N]A
?GlobalConfigExA@@YGPAM_NPANPAMK]A
?SendConfig@@YGJ_NEPAHJ]A
?OnDateOld@@YGEPAFDME]A
?EnumDateTimeExA@@YGEID]A
?CallPathNew@@YGXF]A
?CallFunctionExA@@YGMGPAG]A

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

637ad59a05fb65179fc1cc93d1177ce8

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

comctl32

gdi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 192KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 192KB - Virtual size: 192KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB