c433a35c5d5febad0ae31adeaa4d75da

Sharing

Copy URL Twitter E-mail

General

Target

c433a35c5d5febad0ae31adeaa4d75da
Size

208KB
MD5

c433a35c5d5febad0ae31adeaa4d75da
SHA1

8dbaa20f248b562ebc11de8b04ce1cc41cfb6d1b
SHA256

52ae2a6178d019a36fd1d16b49af8e5066413749f92c51b30cfbf2b8beabfac2
SHA512

046f5868689b18d7ff61cd7643286584b215cc017d5283c100a5e316112d1a374c0be844bcaa80adc7b7e7e68c1dd484ade30de5ce8fa08168acf41bf47d198d
SSDEEP

6144:ADhBFmnE7+dtwE6LnKPtsq6a4zpBGlln/l:GDmE7wtSLKPtv6ftI/l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c433a35c5d5febad0ae31adeaa4d75da

Files

c433a35c5d5febad0ae31adeaa4d75da
.dll windows:5 windows x86 arch:x86

499c9c6424851cafc78549b09a204ee2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\htxgqbKsHkupwI\viVpPsyhsgeEy\jdfxKrSbpWR.pdb

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_Write
ImageList_Remove
PropertySheetA
ImageList_LoadImageW
ImageList_AddMasked

kernel32

GlobalHandle
GetOEMCP
WriteFile
GetWindowsDirectoryA
GetSystemInfo
GetLocaleInfoA
GetACP
SetUnhandledExceptionFilter
DuplicateHandle
HeapValidate
OpenSemaphoreW
GetCommConfig
VerifyVersionInfoW
SetPriorityClass
GetStartupInfoA
SetFilePointer
VirtualAlloc
CallNamedPipeW
MulDiv
GlobalFree
GetBinaryTypeA
GetStringTypeExW
FindResourceExA
GlobalGetAtomNameW
GlobalFindAtomW
GetCommProperties
CreateMutexW
GetModuleFileNameA
GlobalGetAtomNameA
SystemTimeToFileTime
ExitThread
GetShortPathNameA
FileTimeToLocalFileTime
HeapUnlock
ClearCommError
LoadLibraryExW
CancelIo
GlobalFlags
SetHandleInformation
FindResourceA
lstrlenW
TerminateThread
HeapWalk
IsDBCSLeadByteEx
CopyFileW
GetFileType
CreateFileA
Sleep
FlushViewOfFile
CreateNamedPipeW
GetPriorityClass
IsDBCSLeadByte
lstrcmpiA
GetTempPathA
GetSystemTimeAsFileTime
CreateRemoteThread
UnmapViewOfFile
ResumeThread
TlsFree
GetModuleHandleA

msvcrt

_controlfp
fclose
wcstod
fflush
realloc
setlocale
fprintf
fseek
perror
fputs
time
wcstoul
wcsstr
__set_app_type
iswxdigit
__p__fmode
system
isprint
__p__commode
bsearch
rand
_amsg_exit
isspace
atol
_initterm
_acmdln
exit
fgetc
wcstol
vswprintf
fgets
_ismbblead
_XcptFilter
memset
iswdigit
wcstok
wcstombs
isdigit
calloc
qsort
_exit
strchr
mbstowcs
strstr
_cexit
gmtime
iswalpha
__setusermatherr
strspn
__getmainargs
localtime

gdi32

GetFontData
DeleteObject
SetViewportExtEx
GetLayout
CreatePenIndirect
SetViewportOrgEx
SetWindowOrgEx
FillRgn
SetRectRgn
SelectClipRgn
RealizePalette
GetClipBox
SetBitmapBits
SetBkColor
GetTextAlign
SelectPalette
CreateCompatibleBitmap
DeleteDC
IntersectClipRect
CreateHalftonePalette
CreateFontIndirectA
RemoveFontResourceW
OffsetRgn
StartDocW
CreateDiscardableBitmap
GetObjectW
EnumFontFamiliesExW
Rectangle
GetTextCharsetInfo
LineTo
CreateHatchBrush
ExtTextOutW
GetTextFaceW
SetStretchBltMode
CreateFontIndirectW
OffsetViewportOrgEx
StretchDIBits
GetTextColor
GetNearestColor
CreateBrushIndirect
CreateFontA
CreateSolidBrush
SetBkMode
LPtoDP
CreateEllipticRgnIndirect
DPtoLP
GetSystemPaletteUse
BitBlt
TranslateCharsetInfo
PtVisible
CreatePalette

user32

CreatePopupMenu
SetActiveWindow
CharToOemA
GetLastActivePopup
DialogBoxParamW
DrawMenuBar
CheckMenuRadioItem
LoadAcceleratorsW
GetDCEx
InSendMessageEx
MessageBoxExA
InsertMenuItemW
AppendMenuA
RegisterClassA
MapVirtualKeyExW
InflateRect
SendDlgItemMessageA
CharPrevA
RedrawWindow
DeleteMenu
IsCharUpperA
GetNextDlgTabItem
CharUpperA
EnableWindow
FindWindowExA
SetCursor
LoadMenuW
LoadIconA
ActivateKeyboardLayout
TranslateAcceleratorW
EnableMenuItem
ScrollWindowEx
GetPropW
BeginPaint
EnumWindows
DefFrameProcW
SetCursorPos
ChangeMenuW
ShowOwnedPopups
GetDC
SetRect
GetDlgItem
GetClassLongW
InvalidateRgn
CreateCaret
LoadCursorW
DestroyIcon
GetMenu
GetSysColorBrush
PtInRect
InsertMenuA
GetForegroundWindow
OpenInputDesktop
SetCaretPos
IsDialogMessageW
LoadBitmapA
GetMenuItemID
GetDlgItemTextW
GetClassLongA
IsCharLowerA
ChildWindowFromPoint
DrawTextA
GrayStringW
TranslateMessage
GetWindow
ShowCaret
WindowFromPoint
IsMenu
TrackPopupMenu
HiliteMenuItem
CreateMenu
IsWindowVisible
GetWindowTextA
PeekMessageW
SwitchToThisWindow
FindWindowW
KillTimer
OpenDesktopW
LoadBitmapW
ToUnicodeEx
FillRect
DrawFocusRect
SetMenuDefaultItem
OemToCharA
ChildWindowFromPointEx
CreateDialogIndirectParamW
AllowSetForegroundWindow
GetClassInfoA
GetScrollPos
GetIconInfo
DrawIcon
GetClassInfoExA
wsprintfA
ValidateRect
CheckMenuItem
ShowCursor
TrackPopupMenuEx
SetScrollInfo
InvertRect
CharToOemBuffA
RegisterWindowMessageW
CharUpperBuffA
IsIconic
GetParent
GetClassInfoExW
DefDlgProcA
RegisterWindowMessageA
BeginDeferWindowPos
CreateWindowExA
DrawEdge
DestroyCaret
SetSysColors
SetForegroundWindow
GetDoubleClickTime
DrawStateW
GetMenuCheckMarkDimensions
RemovePropW
CreateDialogParamW
GetSysColor
LoadCursorA
RegisterClassExA
ExitWindowsEx
CloseDesktop
GetMessageW
DrawTextW
MapVirtualKeyA

Exports

Exports

?FindFunctionOld@@IJFPAIPAKD@X
?CancelExpressionA@@IJPAXIE@X
?IsValidDialogNew@@IJXEMDPAG@X

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cfg1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcode
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg3
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

499c9c6424851cafc78549b09a204ee2

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

msvcrt

gdi32

user32

Exports

Exports

Sections

.text Size: 119KB - Virtual size: 119KB

.import Size: 1KB - Virtual size: 1KB

.rdata Size: 6KB - Virtual size: 6KB

.cfg1 Size: 512B - Virtual size: 44B

.pcode Size: 13KB - Virtual size: 12KB

.cfg2 Size: 512B - Virtual size: 44B

.cfg3 Size: 1024B - Virtual size: 678B

.data Size: 2KB - Virtual size: 9KB

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 119KB - Virtual size: 119KB

.import
Size: 1KB - Virtual size: 1KB

.rdata
Size: 6KB - Virtual size: 6KB

.cfg1
Size: 512B - Virtual size: 44B

.pcode
Size: 13KB - Virtual size: 12KB

.cfg2
Size: 512B - Virtual size: 44B

.cfg3
Size: 1024B - Virtual size: 678B

.data
Size: 2KB - Virtual size: 9KB

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: 2KB - Virtual size: 2KB