bef2b996dfc1120ec847ad92cef2d828

Sharing

Copy URL Twitter E-mail

General

Target

bef2b996dfc1120ec847ad92cef2d828
Size

695KB
MD5

bef2b996dfc1120ec847ad92cef2d828
SHA1

8a4393c9a58586d67b78d4010f289c0010db4b29
SHA256

dc22c358d0513d692bb93aefb59a27f45b3e33f12f697e04b86d3d03d3cfcaee
SHA512

9a4d488ad0d922b643ea22a288591d637ce4debd8dcb2666179ecf78d7ebd82468ec904b8a5d982b6ae757749418a9459f832729df38f0ab66e97dd9960aabba
SSDEEP

12288:BPHfNvD06aagN2DRHKxJnkZJ6d/PxUAB+vV8gAKaA/93Z3AqQYqb0Yn7o2:B3Nv46aagENHKTkud/PiABKigHaiZ3A1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bef2b996dfc1120ec847ad92cef2d828

Files

bef2b996dfc1120ec847ad92cef2d828
.exe windows:4 windows x86 arch:x86

96356ad3a0260bb8835dbda7f5687001

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CompareFileTime
VerLanguageNameA
GetFileTime
RemoveDirectoryA
GetModuleFileNameA
ExitProcess
GetCurrentProcess
CreateProcessA
MoveFileExA
WritePrivateProfileSectionA
WritePrivateProfileStringA
GetShortPathNameA
GlobalMemoryStatus
SetFileTime
GetExitCodeProcess
lstrcpynA
GetDateFormatA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetCommandLineA
GetVersionExA
CreateMutexA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetSystemTime
GetSystemInfo
GetComputerNameA
SetEndOfFile
GetFileSize
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
WideCharToMultiByte
GetVersion
GetStartupInfoA
RtlUnwind
TerminateProcess
HeapAlloc
HeapFree
GetLogicalDriveStringsA
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
GetLastError
MultiByteToWideChar
GetFileAttributesA
SetFileAttributesA
FindFirstFileA
lstrcmpiA
FindNextFileA
LCMapStringW
FindClose
GetDriveTypeA
lstrcatA
GetModuleHandleA
LoadLibraryA
GetTickCount
Sleep
GetCurrentThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetThreadPriority
SetThreadPriority
GlobalReAlloc
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
MulDiv
lstrlenA
WriteFile
ReadFile
lstrcpyA
SetFilePointer
CreateFileA
CloseHandle
LCMapStringA
DeleteFileA

user32

PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowA
IsIconic
PostMessageA
RegisterClassA
GetSystemMetrics
GetActiveWindow
ReleaseDC
WaitMessage
AppendMenuA
GetClientRect
MsgWaitForMultipleObjects
FillRect
KillTimer
SetTimer
LoadBitmapA
GetDlgItemTextA
CreateDialogParamA
SetWindowPos
GetDlgItem
SetDlgItemTextA
IsDialogMessageA
MessageBoxA
DrawEdge
SetRect
EnumDisplaySettingsA
SetRectEmpty
GetDC
EndDialog
DestroyWindow
DefWindowProcA
GetWindowRect
GetDesktopWindow
ExitWindowsEx
SystemParametersInfoA
SetForegroundWindow
DialogBoxParamA
EnableWindow
PostQuitMessage
SendMessageA
ScreenToClient
SendDlgItemMessageA
RegisterClassExA
ChildWindowFromPoint
GetWindowLongA
SetCursor
InvalidateRect
LoadIconA
LoadImageA
GetSysColor
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowLongA
SetFocus
GetSystemMenu
DeleteMenu
ShowWindow
SetWindowTextA
LoadCursorA
GetCursorPos

gdi32

CreatePalette
AddFontResourceA
CreateDIBitmap
RemoveFontResourceA
CreateBitmap
GetTextExtentPoint32A
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
SetTextColor
SetBkColor
GetStockObject
CreateSolidBrush
DeleteObject
TextOutA
SetBkMode
SelectObject
CreateFontA
GetDeviceCaps
CreateScalableFontResourceA
DeleteDC
BitBlt

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyExA
LookupPrivilegeValueA
OpenProcessToken
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
GetUserNameA
AdjustTokenPrivileges
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHFileOperationA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize

winmm

waveOutGetNumDevs
midiOutGetNumDevs
joyGetPos

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ImageList_Create
ImageList_Add
ord17

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96356ad3a0260bb8835dbda7f5687001

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

version

comctl32

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 335KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 335KB

.rsrc
Size: 4KB - Virtual size: 3KB