bd2162a86e8962c9700fd19c588b7049

Sharing

Copy URL

Twitter E-mail

General

Target

bd2162a86e8962c9700fd19c588b7049
Size

312KB
MD5

bd2162a86e8962c9700fd19c588b7049
SHA1

9a6a695bb4b6e5d1de32abac0e0263ed8e4da1e9
SHA256

c0135f4b29c7b5c042cf3601323a3135f3e68ce731afe6dffd9adef4f81e0d1e
SHA512

81b3978fc66b3706591c8f0dab3b9cfc388dab4f43c076bed167a4336de452f561e53204a04ebcfe9fbde90ed63859b233108a8a20d99f7bf07b380aa601eed7
SSDEEP

6144:BbAkeqQZirN4Chjfc2Jyl5F2wOlZKuI4lUBbmL9VNBAMcR4u:tAkeqp4Mjlkl5F/gkan9VN8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd2162a86e8962c9700fd19c588b7049

Files

bd2162a86e8962c9700fd19c588b7049
.exe windows:4 windows x86 arch:x86

b086e72fe4ca54cb7d4de1e0d9b2f25d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ttipflp\hqos

Imports

user32

BeginPaint
DialogBoxParamW
SetClassLongW
RegisterClassA
GetKeyboardLayout
ShowWindow
DestroyWindow
RegisterClassW
DefWindowProcW
UnhookWindowsHookEx
CascadeWindows
LoadStringA
MessageBoxA
CreateWindowExA
CharNextA
ChangeMenuA
CallMsgFilter
SetWindowRgn
EnumChildWindows
DrawAnimatedRects
RegisterClassExA
ShowCursor
SetScrollPos
FlashWindowEx
GetThreadDesktop

kernel32

DeleteCriticalSection
GetStartupInfoA
CreateRemoteThread
GetCurrentThread
GetEnvironmentStrings
GetFileType
ExitProcess
VirtualQuery
GetProfileIntW
EnterCriticalSection
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetStdHandle
OpenEventA
GetUserDefaultLCID
IsValidCodePage
GetLogicalDrives
SetLastError
GetCPInfo
GetDateFormatA
VirtualFree
HeapSize
GetACP
InterlockedExchange
lstrcpy
FindResourceExW
GetLocaleInfoW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GlobalLock
FreeEnvironmentStringsA
HeapAlloc
IsBadWritePtr
GetModuleHandleA
GetEnvironmentVariableW
LeaveCriticalSection
SetConsoleActiveScreenBuffer
CreateMutexA
QueryPerformanceCounter
LCMapStringA
GetEnvironmentStringsW
GetPrivateProfileSectionW
GetStringTypeW
SetStdHandle
HeapDestroy
GetStartupInfoW
RemoveDirectoryA
EnumSystemLocalesA
VirtualProtect
TerminateProcess
InitializeCriticalSection
GetTimeZoneInformation
GetModuleFileNameW
GetVersionExA
GetTimeFormatA
SetHandleCount
GetCurrentProcess
GetCommandLineA
GetCurrentThreadId
MultiByteToWideChar
GetModuleHandleW
WaitForDebugEvent
HeapCreate
LocalSize
IsValidLocale
LoadLibraryA
GetCommandLineW
LCMapStringW
RtlUnwind
GetCurrentProcessId
OpenMutexA
TlsSetValue
GetTempPathA
DeleteFileA
HeapFree
GetStringTypeA
VirtualAlloc
GetLastError
GetSystemInfo
TlsGetValue
ReadFile
FlushFileBuffers
OpenFile
RtlZeroMemory
GetOEMCP
GetProcAddress
GetLocaleInfoA
FreeEnvironmentStringsW
TlsFree
HeapReAlloc
CompareStringA
TlsAlloc
GetModuleFileNameA
CreateFileMappingW
CloseHandle
WideCharToMultiByte
GetTickCount
SetFilePointer
WriteFile
CompareStringW

comdlg32

GetSaveFileNameW
PrintDlgW
FindTextW
GetFileTitleW

comctl32

ImageList_Replace
DrawStatusTextW
ImageList_GetImageRect
ImageList_GetImageCount
ImageList_SetIconSize
CreateStatusWindowW
ImageList_DrawEx
InitMUILanguage
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
ImageList_GetDragImage
ImageList_Create
ImageList_GetBkColor
ImageList_Duplicate
DrawStatusTextA
ImageList_GetIconSize
ImageList_Add
ImageList_Copy

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b086e72fe4ca54cb7d4de1e0d9b2f25d

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comdlg32

comctl32

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 92KB - Virtual size: 113KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 92KB - Virtual size: 113KB

.rsrc
Size: 16KB - Virtual size: 14KB