b772134c5706497394e2389cf8618a01

Sharing

Copy URL Twitter E-mail

General

Target

b772134c5706497394e2389cf8618a01
Size

416KB
MD5

b772134c5706497394e2389cf8618a01
SHA1

e0284a89164df30aa3f078a328e839c691a23f33
SHA256

9d6be8adaaadb68f025c755d31e04e231793c3aae1ae6b80fd4f2d140828c7f9
SHA512

a94d0dece2ace21f457500d052341f719ce0bf3a67f759e6b49d46a19e8b08db58487d5632489aa348bbc53bf4ae28e91cb5766bddc7be319960c2d8fc484d2e
SSDEEP

6144:4k/gQLYVUYjinqATngRt1xE0tD+u3dD/+z2QhTv3XBe0:7/gyYVUQ/IU1xE0da2Qv34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b772134c5706497394e2389cf8618a01

Files

b772134c5706497394e2389cf8618a01
.exe windows:4 windows x86 arch:x86

c5f491a0ef7577aa308caed1d3986773

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
DeleteFileW
CreateWaitableTimerW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
LCMapStringW
lstrcpynW
LeaveCriticalSection
GetLocaleInfoW
EnumSystemLocalesA
GetLastError
GetConsoleCP
LockResource
CreateEventA
LCMapStringA
GetCurrentProcess
VirtualQuery
HeapAlloc
GetProcessHeap
GetProfileSectionW
InterlockedIncrement
RtlUnwind
TlsAlloc
FindResourceA
FindFirstFileExA
MultiByteToWideChar
GetStartupInfoW
WriteConsoleA
SetLastError
GetCurrentThreadId
FreeEnvironmentStringsW
CreateDirectoryExW
GetTickCount
OpenSemaphoreA
IsValidCodePage
DosDateTimeToFileTime
TlsSetValue
CreateMutexA
OpenMutexA
CreateNamedPipeW
WriteFile
GetOEMCP
GetFileType
SetEvent
WriteConsoleOutputAttribute
VirtualFree
GetComputerNameA
GetCommandLineA
TlsFree
GetModuleFileNameA
HeapSize
GetStartupInfoA
LocalFlags
GetProcAddress
lstrlenA
InitializeCriticalSection
CreateProcessA
FillConsoleOutputAttribute
CloseHandle
lstrcpyA
EnumDateFormatsA
lstrlenW
VirtualAlloc
InterlockedDecrement
GetStringTypeW
ExpandEnvironmentStringsW
SetStdHandle
GetCurrentThread
CompareStringA
HeapReAlloc
SetEnvironmentVariableA
GetStringTypeA
IsValidLocale
GetConsoleOutputCP
CreateFileMappingA
SetFilePointer
GlobalFindAtomW
CreatePipe
GetVersionExA
GlobalGetAtomNameW
ReadFile
HeapCreate
WaitNamedPipeA
FlushConsoleInputBuffer
QueryPerformanceCounter
GetPrivateProfileStructW
GetMailslotInfo
ContinueDebugEvent
SetComputerNameW
GetVersionExW
CreateFileA
FreeLibraryAndExitThread
InterlockedExchange
CompareStringW
GlobalReAlloc
GetModuleHandleA
SetHandleCount
FlushFileBuffers
OpenFileMappingW
GetACP
DeleteCriticalSection
HeapFree
HeapDestroy
VirtualUnlock
TerminateProcess
GetStringTypeExW
GetTimeFormatA
WideCharToMultiByte
GetUserDefaultLCID
EnumSystemCodePagesW
GetStdHandle
Sleep
GetCurrentProcessId
SetConsoleCtrlHandler
GetLocaleInfoA
ExitProcess
UnhandledExceptionFilter
GetEnvironmentStringsW
RtlFillMemory
FreeLibrary
FreeEnvironmentStringsA
GetEnvironmentStrings
TlsGetValue
SetTimeZoneInformation
EnterCriticalSection
GetConsoleMode
GetDateFormatA
GetTimeZoneInformation
GetProfileStringA
LoadLibraryA
WriteConsoleW

comctl32

ImageList_LoadImage
ImageList_BeginDrag
CreateStatusWindow
ImageList_GetFlags
_TrackMouseEvent
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_SetFilter
CreateToolbar
CreateStatusWindowW
DrawStatusTextW
CreatePropertySheetPage
ImageList_GetIconSize
InitCommonControlsEx
ImageList_DrawEx

user32

ChangeDisplaySettingsA
DestroyMenu
ShowWindow
wvsprintfW
DialogBoxIndirectParamW
GetClassNameW
CheckRadioButton
ImpersonateDdeClientWindow
CreateWindowExA
CopyAcceleratorTableW
SetLastErrorEx
LoadAcceleratorsW
SendDlgItemMessageW
LoadImageA
AppendMenuW
SetPropA
MessageBoxW
DefWindowProcW
DdeDisconnectList
ReuseDDElParam
RegisterClassA
BroadcastSystemMessageW
LoadBitmapA
DdeUninitialize
DestroyWindow
SystemParametersInfoA
FreeDDElParam
RegisterClassExA
RegisterClipboardFormatW
TileWindows
MessageBoxA
CallMsgFilter

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f491a0ef7577aa308caed1d3986773

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 96KB - Virtual size: 124KB

.rsrc Size: 80KB - Virtual size: 78KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 96KB - Virtual size: 124KB

.rsrc
Size: 80KB - Virtual size: 78KB