be26f14c1716f087268fb3d86d42878d

Sharing

Copy URL Twitter E-mail

General

Target

be26f14c1716f087268fb3d86d42878d
Size

166KB
MD5

be26f14c1716f087268fb3d86d42878d
SHA1

3770d28454fb090eec84c7658484069f5fe72b54
SHA256

e52ff3aa220dc275da2d5a7bb97481faed810dc5eac1bf757124ebe5a715bd3a
SHA512

31a10384db6576a703cd0435657083ddc2fcbf176294b8d62dffb338642bffda8ed82f4d31a07e24afeed29e6416bd03af0476a5a915bf8f5938b7c509c9da62
SSDEEP

3072:H6U1Ltlwfy0pprPR38JfYND5I+eT0Z5y3Ia2ke5aSb8iVn7iG:aew6u7R3iT++0CL2vQC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be26f14c1716f087268fb3d86d42878d

Files

be26f14c1716f087268fb3d86d42878d
.exe windows:4 windows x86 arch:x86

b5edfc6d2c8acab2882946c5a0126aae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
LockWindowUpdate
SetFocus
MapVirtualKeyW
CloseWindow
EnumChildWindows
FindWindowW
SetActiveWindow
GetTabbedTextExtentW
PeekMessageW
GetForegroundWindow
SetForegroundWindow
GetNextDlgTabItem
DestroyWindow
GetMenuItemInfoW
IsMenu
TrackPopupMenu
RegisterWindowMessageW
CreatePopupMenu
GetLastActivePopup
DrawAnimatedRects
ShowWindow
SetWindowRgn
DestroyMenu

advapi32

RegDeleteValueW
RegCreateKeyExW
RegEnumValueW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyExW
RegSetValueExW
RegCloseKey

gdi32

GetBkColor
CombineRgn
GetTextColor
GetStockObject
GetDIBits
EnumFontFamiliesW
Rectangle
ExtFloodFill
SetPixelV
SetBoundsRect
SetDIBits
GetTextAlign
Escape
GetTextExtentPoint32W
RoundRect
StretchDIBits
CreateRectRgnIndirect
CreateFontW
Ellipse
GetCharWidthW
CreateDIBSection

ole32

CoCreateInstance
DoDragDrop
OleRun

kernel32

GetModuleFileNameW
FileTimeToSystemTime
GetCurrentDirectoryW
GlobalAlloc
GlobalSize
FindFirstFileW
SetThreadPriority
LoadLibraryW
LoadLibraryA
QueryDosDeviceW
LoadLibraryExW
LocalFree
GetVersionExA
GetProcessId
WideCharToMultiByte
MulDiv
GlobalLock
Sleep
lstrcpyW
WritePrivateProfileStringW
GetVersionExW
FreeLibrary
InitializeCriticalSection
GetSystemTimeAsFileTime
GlobalFree
FindCloseChangeNotification
FindFirstChangeNotificationW
LoadResource
WaitForSingleObject
EnumResourceTypesA
SetFileAttributesW
GetModuleHandleW
FindResourceW
GetVersion
LockResource
GetLastError
GetTickCount
lstrcpynW
FindNextChangeNotification
GlobalUnlock
GetProcAddress
ExitProcess
GetNumberFormatW
CloseHandle
GetPrivateProfileStringW
CreateThread
DeleteCriticalSection
DeleteFileW
GetLocaleInfoW
FindClose
FileTimeToLocalFileTime
InterlockedExchange
ResumeThread
GetACP
GetCurrentThreadId
MultiByteToWideChar
InterlockedIncrement
QueryPerformanceCounter
GetLocaleInfoA
GetFileAttributesW
GetThreadLocale
lstrlenW
InterlockedDecrement
GetPrivateProfileIntW
lstrcmpW
GetCurrentProcessId

comctl32

PropertySheetW
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_LoadImageW
_TrackMouseEvent
ImageList_GetIcon
ImageList_Destroy
ImageList_GetImageCount
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_Draw

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5edfc6d2c8acab2882946c5a0126aae

Headers

File Characteristics

Imports

user32

advapi32

gdi32

ole32

kernel32

comctl32

gdiplus

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 62KB - Virtual size: 61KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 62KB - Virtual size: 61KB

.tls
Size: 1024B - Virtual size: 92KB