be349558564ae1be9c5fb7585cbe8451acee0e07661ae3dbf4da8f785bf7a9fb

Sharing

Copy URL

Twitter E-mail

General

Target

be349558564ae1be9c5fb7585cbe8451acee0e07661ae3dbf4da8f785bf7a9fb
Size

376KB
MD5

edc6f474010e23e56a5d13ee9bcad9fd
SHA1

3fb9b48cfdc5fd8bf7dfcbd14e67b3b91a4dd171
SHA256

be349558564ae1be9c5fb7585cbe8451acee0e07661ae3dbf4da8f785bf7a9fb
SHA512

114289ddaa5be42d275848247fa65a7994c94ecd4fa3e002c1e68ed259a5751fa313c56ca11c2aa588f818f80d68895e87f65502062a1bf7fdafb84d240c1e01
SSDEEP

6144:aWadT2HpCKco9BzB8jfLgGBo+K9OqFA/MCsISURoWJEpEQ/YP:Ut2HPvtWPgGBY9ltISURoW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be349558564ae1be9c5fb7585cbe8451acee0e07661ae3dbf4da8f785bf7a9fb

Files

be349558564ae1be9c5fb7585cbe8451acee0e07661ae3dbf4da8f785bf7a9fb
.exe windows:4 windows x86 arch:x86

612f926caf7443e6e2e2d02c339c9e5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
RemoveDirectoryA
GetFileAttributesA
GetCurrentProcess
GetCurrentThreadId
CreateMutexA
DuplicateHandle
GetCurrentThread
GetUserDefaultLCID
HeapDestroy
SystemTimeToFileTime
FileTimeToSystemTime
GetWindowsDirectoryA
SetFileTime
MoveFileExA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
SetStdHandle
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapSize
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
RaiseException
ExitProcess
GetVersion
ExitThread
TlsSetValue
CreateThread
ResumeThread
GetOEMCP
GetCPInfo
GetFileType
HeapReAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
RtlUnwind
InterlockedExchange
GetFileTime
GetVolumeInformationA
CreateDirectoryA
EnterCriticalSection
LeaveCriticalSection
FindFirstFileA
FindNextFileA
FindClose
MulDiv
IsValidCodePage
WideCharToMultiByte
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
GetLocalTime
FormatMessageA
LocalFree
Sleep
DeleteFileA
GetModuleFileNameA
MoveFileA
CloseHandle
CopyFileA
GetLastError
CreateFileA
WriteFile
SetFilePointer
ReadFile
GetCommandLineA
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
MultiByteToWideChar
GetSystemTime
InterlockedDecrement
InterlockedIncrement
GetACP
GetTempPathA
GetModuleHandleA
GetProcAddress
lstrlenW
GetEnvironmentStrings
lstrcpynA

user32

PostQuitMessage
CreateDialogParamA
DefWindowProcA
DrawTextA
GetDlgItemTextA
SendDlgItemMessageA
GetForegroundWindow
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapA
LoadIconA
ShowWindow
MapWindowPoints
GetClientRect
MessageBoxA
SystemParametersInfoA
DialogBoxParamA
DestroyWindow
BeginPaint
EndPaint
SetDlgItemTextA
EnumWindows
GetDlgItem
SetWindowTextA
SendMessageA
MessageBoxExA
CheckRadioButton
EndDialog
SendMessageTimeoutA
FindWindowA
GetFocus
CreateWindowExA
LoadCursorA
RegisterClassExA
GetWindowTextA
EnumChildWindows
GetParent
UpdateWindow
GetSysColor
wsprintfA
GetWindowRect
GetSystemMetrics
SetWindowPos
GetWindowLongA
SetWindowLongA
GetDesktopWindow
CopyRect
SetRect
FillRect
SetFocus
IsDlgButtonChecked
EnableWindow
CheckDlgButton
GetClassNameA
GetDC
ReleaseDC
MessageBoxExW
PostMessageA

gdi32

GetStockObject
GetDeviceCaps
CreateFontA
GetTextFaceA
GetTextMetricsA
DeleteObject
SetBkColor
CreateCompatibleDC
SelectObject
GetMapMode
SetMapMode
BitBlt
DeleteDC
SetBkMode
SetTextColor
GetObjectA
CreateSolidBrush
LineTo
MoveToEx
GetTextExtentPoint32A
TranslateCharsetInfo
TextOutA

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

612f926caf7443e6e2e2d02c339c9e5f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 20KB - Virtual size: 27KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 20KB - Virtual size: 27KB

.rsrc
Size: 88KB - Virtual size: 84KB