c025f7f6dd9830264661b956e0386728

Sharing

Copy URL

Twitter E-mail

General

Target

c025f7f6dd9830264661b956e0386728
Size

191KB
MD5

c025f7f6dd9830264661b956e0386728
SHA1

8ccfc42801c93ae15b5ece7dd54902735e1bec71
SHA256

002481b042b38eaf2b8ff7d9e2d49310c923d5f2324d1d567d0a69a885c74a69
SHA512

e3f554a7b52253f4519d0d50d8801c60d93897ea650b0c5edcb0556046536f1b1855267f92e18d6a65b631e17a875eff24ee3699675ac51517291b30c6fb71c3
SSDEEP

3072:zo3hlv5jCj/fNoZrfqXapuVwxmCJLf+N7sA5x8qUd/yodLAR5X:zoRlJsWZrSMu8JrY5od/yodLsd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c025f7f6dd9830264661b956e0386728

Files

c025f7f6dd9830264661b956e0386728
.exe windows:4 windows x86 arch:x86

b4afda793a98d822212416962eb32efc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyRect
wsprintfA
SetWindowLongA
SetRect
SetCapture
MsgWaitForMultipleObjects
IsWindow
PostMessageA
ReleaseDC
GetDlgItem
FindWindowA
FillRect
EndPaint
LoadCursorA
SendMessageTimeoutA
SetFocus
SendNotifyMessageA
GetActiveWindow
CreateAcceleratorTableA
IsChild
GetQueueStatus
wvsprintfA
GetSysColor
GetDesktopWindow
GetClassNameA
RegisterWindowMessageA
CreateDialogParamA
MoveWindow
ReleaseCapture
CreateWindowExA
RegisterClassExA
EnumDisplayDevicesA
InvalidateRgn
DrawTextA
ShowWindow
SetTimer
CharNextA
InvalidateRect
GetFocus
GetWindowRect
DestroyAcceleratorTable
SetWindowTextA
EqualRect
DispatchMessageA
GetWindowTextA
GetClassInfoExA
DestroyWindow
DefWindowProcA
KillTimer
UnregisterClassA
CallWindowProcA
SendMessageA
RedrawWindow
PeekMessageA
GetClientRect
GetParent
BeginPaint
PostThreadMessageA
GetDC
SetParent
GetWindowLongA
GetWindowTextLengthA
GetWindow
SetWindowPos

advapi32

CryptAcquireContextA
CryptHashData
CryptDestroyKey
CryptImportKey
RegEnumKeyExA
RegEnumValueA
RegCloseKey
CryptDestroyHash
RegQueryInfoKeyA
CryptEncrypt
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
CryptReleaseContext
CryptGetHashParam
RegQueryValueExA
CryptCreateHash
RegCreateKeyExA
RegDeleteKeyA

ole32

BindMoniker
CoCreateInstance
CoTaskMemFree
OleUninitialize
CoTaskMemAlloc
CoGetClassObject
StgOpenStorage
GetRunningObjectTable
CreateStreamOnHGlobal
CLSIDFromProgID
CoTaskMemRealloc
CoUninitialize
StringFromGUID2
CoInitialize
CoInitializeSecurity
StgCreateDocfile
CreateItemMoniker
CoSetProxyBlanket
CreateBindCtx
OleInitialize
OleLockRunning
StgIsStorageFile
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

winmm

timeGetTime
timeSetEvent

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueA

gdi32

SelectPalette
ExtEscape
RealizePalette
GetDIBits
CreateSolidBrush
BitBlt
GetObjectA
CreateFontA
SetStretchBltMode
CreateDIBitmap
SelectObject
CreateCompatibleDC
GetStockObject
DeleteObject
CreateDIBSection
DeleteDC
CreateCompatibleBitmap
StretchDIBits
GetDeviceCaps
SetBkMode

kernel32

WideCharToMultiByte
GetLongPathNameW
LocalFree
CreateFileA
Sleep
GetProcessId
GlobalSize
LocalAlloc
UnmapViewOfFile
GetFileSize
CreateFileMappingA
EnumResourceTypesA
MapViewOfFile
WriteFile
CreateFileW
ReadFile
GetFileAttributesA
GetTickCount
GlobalAlloc
GlobalFree
SetFilePointer
DisableThreadLibraryCalls
CloseHandle

gdiplus

GdipDisposeImage
GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCloneImage

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4afda793a98d822212416962eb32efc

Headers

File Characteristics

Imports

user32

advapi32

ole32

shlwapi

winmm

version

gdi32

kernel32

gdiplus

setupapi

wininet

shell32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 78KB - Virtual size: 77KB

.tls Size: 1024B - Virtual size: 64KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 78KB - Virtual size: 77KB

.tls
Size: 1024B - Virtual size: 64KB