bde9a9f5058b0098429e0ad056a21946

Sharing

Copy URL Twitter E-mail

General

Target

bde9a9f5058b0098429e0ad056a21946
Size

544KB
MD5

bde9a9f5058b0098429e0ad056a21946
SHA1

8bcc396518db180457c190978961500d324bfe91
SHA256

ffcedc97a10aa0855b4f65747130ad0434477424cb3f5a28a3579c558f2f7926
SHA512

9b76b5a92f4de53e845d1a7754edd974144a1a6d26aa1decbcf73fe1b07221ccd4c9dbaec884307f7d4495742e955bd7a0a7aba6f9265b042aa8f0825dde473e
SSDEEP

12288:BY7COmzy6oIiUQSV3cIU8vAUJC2JG3zjD0k65ZRmrWrrbrX:y7wbnzMFohG3zjD0Fm2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bde9a9f5058b0098429e0ad056a21946

Files

bde9a9f5058b0098429e0ad056a21946
.exe windows:4 windows x86 arch:x86

0d34ca6abc79b5b124b15155d7a26658

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DrawStatusText
InitCommonControlsEx

user32

ChildWindowFromPoint
DdeQueryStringA
DlgDirSelectExA
GetMenuItemInfoW
GetKeyboardLayout
ScrollDC
OpenDesktopA
CharUpperBuffW
EnableWindow
DialogBoxParamW
GetUserObjectSecurity
VkKeyScanExA
BroadcastSystemMessageW
CharUpperBuffA
GetNextDlgTabItem
DrawAnimatedRects
SetWindowTextW
IsZoomed
MapVirtualKeyA
OpenDesktopW
IsMenu
GetClipboardOwner
DefMDIChildProcA
CreateWindowExW
DestroyWindow
RegisterClassA
DialogBoxIndirectParamA
GetKeyNameTextW
LockWindowUpdate
GetKeyboardLayoutNameA
MessageBoxW
DefWindowProcA
GetClipboardFormatNameA
CreatePopupMenu
GetWindowRgn
ValidateRgn
DdeUninitialize
BlockInput
LoadIconW
DdeConnectList
ShowWindow
RegisterClassExA
CreateCursor
PeekMessageW
CharPrevA
GetUserObjectInformationA
LoadMenuA
DrawIcon
IsCharAlphaA
InsertMenuItemW
wvsprintfW
DialogBoxParamA
SetForegroundWindow
FindWindowW
AdjustWindowRectEx
SetShellWindow
MessageBoxIndirectA
SetWindowPos
CascadeWindows
SetClassLongW
GrayStringW
CreateDialogIndirectParamA
AttachThreadInput
SubtractRect
GetKeyboardLayoutList
GetOpenClipboardWindow
SetWindowLongA

kernel32

EnumSystemCodePagesW
GetModuleFileNameW
lstrcmp
GetSystemTime
GetTempPathA
DeleteAtom
SetEnvironmentVariableA
GetEnvironmentStrings
IsBadWritePtr
ReadConsoleOutputA
GetStartupInfoA
ReadFile
SetConsoleOutputCP
TlsGetValue
DeleteCriticalSection
SetHandleCount
GetCPInfo
SetThreadContext
OpenEventW
IsValidCodePage
EnumSystemCodePagesA
LeaveCriticalSection
SetFileAttributesW
InitializeCriticalSection
TlsAlloc
HeapDestroy
RtlZeroMemory
HeapAlloc
WideCharToMultiByte
FindClose
GetFullPathNameA
GetVersion
GetProcAddress
VirtualAlloc
GetConsoleScreenBufferInfo
GetModuleHandleA
CompareStringA
TlsFree
VirtualQuery
GetCommandLineA
InterlockedDecrement
EnumResourceNamesA
LoadLibraryA
WriteFile
SetLastError
FillConsoleOutputCharacterA
VirtualFree
GetModuleFileNameA
GetLastError
QueryPerformanceCounter
GetCurrentProcessId
CreateMutexA
HeapFree
GetComputerNameW
SetFilePointer
FlushFileBuffers
HeapReAlloc
FreeEnvironmentStringsA
UnhandledExceptionFilter
InterlockedExchangeAdd
SuspendThread
ContinueDebugEvent
WriteConsoleOutputW
HeapCreate
EnterCriticalSection
lstrcpyn
lstrlenA
TlsSetValue
GetTickCount
FreeEnvironmentStringsW
CompareStringW
FreeLibrary
GetStartupInfoW
GetFileAttributesA
FindNextFileW
MultiByteToWideChar
GetNamedPipeHandleStateA
CreateMailslotW
ReleaseSemaphore
GetVersionExA
GetCurrentProcess
GetStringTypeA
GetWindowsDirectoryA
LCMapStringW
InterlockedExchange
GetCurrentThread
GlobalFindAtomW
GetEnvironmentStringsW
LCMapStringA
GetFileType
GetPrivateProfileSectionW
OpenMutexA
LockFile
GetSystemTimeAsFileTime
GetCommandLineW
InterlockedIncrement
ExitProcess
GetSystemDefaultLangID
GetCurrentThreadId
RtlUnwind
GetLocalTime
GetNumberFormatW
GetTimeZoneInformation
FreeResource
SetThreadAffinityMask
GetStdHandle
GetStringTypeW
SetStdHandle
CloseHandle
CreateDirectoryExA
VirtualLock
EnumResourceNamesW
TerminateProcess

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d34ca6abc79b5b124b15155d7a26658

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 16KB - Virtual size: 14KB