b77856e20ab81a8228da08cf1c9d37a4

Sharing

Copy URL Twitter E-mail

General

Target

b77856e20ab81a8228da08cf1c9d37a4
Size

147KB
MD5

b77856e20ab81a8228da08cf1c9d37a4
SHA1

e1dc2a9e5a61e4cae4bc98f143d566cb9ae649e8
SHA256

921e20233414d8ab38f819ef50614514b869b96469d9b1213a9a638496be6156
SHA512

a5e4da2032d101545c8f985c07cd02187fec9cb95d04c2e984739fda64c551a1fb3f7e49c2993d03380def8dfbcb11b85483ec8dcf4404428012cffb4725af90
SSDEEP

3072:okRRxEsZ9FixSPaR8eXztjBBxxBwRETUp5bQWNGy:9R3Z72fiETUciH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b77856e20ab81a8228da08cf1c9d37a4

Files

b77856e20ab81a8228da08cf1c9d37a4
.exe windows:4 windows x86 arch:x86

af039b1249f3564da9c3fc6b425b9cbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
FileTimeToLocalFileTime
GlobalLock
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetFileTime
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
TlsAlloc
TlsGetValue
TlsFree
lstrlenW
VirtualProtect
GetFileType
lstrcmpA
FindFirstFileA
FindNextFileA
FindClose
FindFirstFileW
FindNextFileW
GetStartupInfoW
CreateFileMappingA
LocalFileTimeToFileTime
DuplicateHandle
SetUnhandledExceptionFilter
CreateThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
GetExitCodeThread
ExitThread
TerminateThread
InterlockedDecrement
TlsSetValue
GlobalUnlock
GetModuleFileNameA
CreateEventA
SetEvent
ResetEvent
UnmapViewOfFile
MapViewOfFile
IsDBCSLeadByte
GetTempPathA
DisableThreadLibraryCalls
GlobalFree
GetCommandLineW
DeleteFileW
RaiseException
GetOEMCP
RtlUnwind
IsBadWritePtr
CreateMutexA
ReleaseMutex
GetFileTime
GetSystemTime
CompareStringA
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
GetProcAddress
GetStdHandle
GetCurrentThread
CreateFileW
ReadFile
WriteFile
GetFileSize
SetEndOfFile
CloseHandle
ExitProcess
FileTimeToDosDateTime
OpenMutexA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeEnvironmentStringsA
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
VirtualQuery
GlobalReAlloc
FlushFileBuffers
IsBadCodePtr
GetDateFormatA
GetSystemDefaultLCID
GetCommandLineA
InterlockedIncrement
GetSystemDirectoryW
GetStringTypeExA
UnhandledExceptionFilter
CreateProcessW
GetLocalTime
GlobalHandle
GetSystemDirectoryA
GetLocaleInfoA
FindResourceW
GetExitCodeProcess
InterlockedCompareExchange
SetFileAttributesA
GetLastError
SetEnvironmentVariableA
SetStdHandle
SetThreadLocale
SetErrorMode
CreateEventW
GetACP
LCMapStringA
GetVersionExW
RemoveDirectoryA
CreateFileA
SetHandleCount
OutputDebugStringA
SetCurrentDirectoryA
GetShortPathNameA
Sleep
GetConsoleOutputCP
GetTempPathW
VirtualAlloc

msvcrt

_utime
_amsg_exit
_wcsnicmp
_CIpow
_setjmp
_iob
_mktemp
strpbrk
_stricmp
swscanf
_dup
_fstat
_kbhit
fgets
strlen
swprintf
strtok
_ftol
_controlfp
fseek
memchr
wcsrchr
srand
fgetc
wcschr
_fullpath
fopen
_cexit
strstr
_open
fwrite
fputc
wcsncmp
memcpy
__dllonexit
fflush
strerror
sscanf
atoi
_errno
floor
wcsstr
_getpid
_vsnprintf
strtoul
_mbsicmp
_strnicmp
gmtime
__initenv
_isctype
puts
_strlwr
_write
_wcsupr
__CxxFrameHandler
isleadbyte
malloc
_mkdir
time
memset
_getch
_c_exit
fputs
_fdopen
sprintf
_mbsrchr
tolower
_onexit
_close
_wcslwr
setlocale
_lseek
_putenv
_exit
_read
__set_app_type
__getmainargs
_snprintf
strrchr
_CIsqrt
strcpy
fsetpos
_wcsicmp
ceil
_vsnwprintf
_ismbblead
__p___initenv
bsearch
_snwprintf
_open_osfhandle
_getcwd
_wtoi
__pioinfo
sin
_pctype
strncat
cos
isspace
wcstol
longjmp
free
__p__environ
atof
remove
iswctype
strncmp
_flsbuf
_itow
fprintf
signal
isdigit
realloc
_strcmpi
_initterm
rand
clock
atexit
sqrt
strspn
_XcptFilter
strcspn
_except_handler3
_purecall
strtol
__mb_cur_max
_wfopen
printf
_filelengthi64
_strdup
_isatty
towlower
wcscmp
clearerr
_pipe
memcmp
localtime
isxdigit
__p__fmode
strcat
ungetc
_adjust_fdiv
__p__commode
_assert
ctime
_get_osfhandle
wctomb
log
_wtol
calloc
putchar
_filbuf
rename
atol
_itoa
abort
_dup2
perror
_stat
_unlock
__lc_codepage
_lseeki64
towupper
iswdigit
_fileno
getenv
_chmod
wcstombs
strncpy
_setmode
wcsncpy
_ultoa
__setusermatherr
wcscspn
strcmp
fclose
iswspace
wcscat
_setjmp3
exit
_lock
pow
vsprintf
_umask
localeconv
wcslen
_osver
_unlink
memmove
fgetpos
_mbscmp
fread
strchr
__badioinfo
qsort
toupper
ftell
_acmdln

user32

MessageBoxA
DestroyCursor
AdjustWindowRectEx
GetWindowPlacement
PtInRect
OpenClipboard
GetTopWindow
UpdateWindow
InvalidateRect
GetClassNameA
SetScrollRange
GetMenu
MessageBeep
MapWindowPoints
ClientToScreen
GetFocus
GetMenuItemCount
RemoveMenu
CreatePopupMenu
DrawIcon
IsZoomed
SendDlgItemMessageA
CreateWindowExA
GetMenuState
InsertMenuA
CharNextA
GetWindowThreadProcessId
GetIconInfo
FrameRect
GetDesktopWindow
SetMenu
GetWindowRect
RegisterWindowMessageA
CharLowerA
ScrollWindow
DestroyWindow
WindowFromPoint
FillRect
EnumWindows
DrawTextA
CloseClipboard
DestroyMenu
GetMenuStringA
SetCapture
PeekMessageA
OemToCharA
EnableWindow
GetKeyboardType
SetWindowPlacement
IsIconic
GetScrollRange
SetWindowPos
RegisterClipboardFormatA
SetClassLongA
SetWindowLongA
DrawMenuBar
GetWindowLongA
EndPaint
GetActiveWindow
DestroyIcon
GetKeyState
SendMessageA
CallNextHookEx
IsWindowEnabled
GetWindowTextA
WaitMessage
GetScrollPos
GetDlgItem
SetForegroundWindow
SetScrollInfo
GetMessagePos
GetClientRect
DrawFrameControl
ReleaseDC
GetSubMenu
SetClipboardData
ShowOwnedPopups
RegisterClassA
PostMessageA
PostQuitMessage
CallWindowProcA
LoadCursorA
GetPropA
GetWindowDC
EnableMenuItem
DialogBoxParamA
ScreenToClient
InflateRect
GetSysColor
DispatchMessageA
LoadStringA
EmptyClipboard
GetParent
GetSysColorBrush
SystemParametersInfoA
SetCursor
DeleteMenu
wsprintfA
ShowCursor
IsRectEmpty
GetDCEx
SetWindowsHookExA
UnhookWindowsHookEx
IsWindowVisible
EnumThreadWindows
LoadIconA
OffsetRect
EndDialog
BeginPaint
GetMenuItemID
DrawEdge
GetLastActivePopup
GetCapture
EqualRect
SetActiveWindow
KillTimer
InsertMenuItemA
CheckMenuItem
CreateMenu
LoadBitmapA
TrackPopupMenu
RedrawWindow
DrawIconEx
RemovePropA
GetSystemMetrics
TranslateMessage
GetMessageA
ShowWindow
GetCursorPos
IntersectRect
FindWindowA
SetTimer
SetRect
IsDialogMessageA
ReleaseCapture
GetWindow
SetPropA
GetSystemMenu
IsWindow
SetFocus

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af039b1249f3564da9c3fc6b425b9cbe

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 1KB - Virtual size: 4KB