c29cc07f65f171662f0e6bd4d4039bab

Sharing

Copy URL

Twitter E-mail

General

Target

c29cc07f65f171662f0e6bd4d4039bab
Size

544KB
MD5

c29cc07f65f171662f0e6bd4d4039bab
SHA1

d4aa2c48ea6ef9dd101dc5163662c1ed95c4f6e8
SHA256

6ccbfaffc3c1707c5dda72590459d75c96cf7e4345f9944dc1a530e9c0173f48
SHA512

4b90abb33ea11f26f6145d83e06c8d917cadc337254397d99432ae2b83a93794c4e6acf61d46bc15a3c089cfd41b7a1747350e6b824c23ce86fa9bc95b348bb7
SSDEEP

6144:6nhWubOStZ6AbgmgwLp3gUhWeGtHOPc/woVPHma1MXohuPATdTpNSTrbkYW412ph:6nTltgBNwxgUXI/DGaXhu45pI3rep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c29cc07f65f171662f0e6bd4d4039bab

Files

c29cc07f65f171662f0e6bd4d4039bab
.dll windows:4 windows x86 arch:x86

f3deb6209dc9c95daaecc9f849af840f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
LCMapStringW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
GetProfileStringA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
HeapSize
HeapReAlloc
GetACP
TerminateProcess
ExitProcess
RaiseException
HeapFree
GetCommandLineA
HeapAlloc
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
SizeofResource
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalFree
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetProcessVersion
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
CloseHandle
GetModuleFileNameA
CreateProcessA
GlobalAlloc
GetCurrentThread
lstrcmpA
GlobalFree
SetLastError
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcpyA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
MulDiv
GetModuleHandleA
GetProcAddress
lstrlenA
MultiByteToWideChar
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
lstrcpynA
GetFileAttributesA
LoadLibraryW
GetCurrentProcess

user32

DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
RedrawWindow
IsZoomed
SetParent
IsRectEmpty
AppendMenuA
DeleteMenu
GetSystemMenu
CreateDialogIndirectParamA
EndDialog
PostQuitMessage
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
CharUpperA
GetSysColorBrush
LoadStringA
GetClassNameA
FindWindowA
GetTabbedTextExtentA
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
InvertRect
InsertMenuA
GetMenuStringA
DestroyIcon
ClientToScreen
WindowFromPoint
KillTimer
SetTimer
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
RegisterClassA
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
GrayStringA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
BringWindowToTop
EqualRect
CopyRect
GetDlgItem
SetWindowLongA
SetWindowPos
GetMenuItemCount
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
DestroyMenu
SetFocus
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetDlgCtrlID
IsIconic
AdjustWindowRectEx
PeekMessageA
GetCursorPos
ScreenToClient
wsprintfA
InvalidateRect
PtInRect
FillRect
GetSysColor
SetRect
OffsetRect
EnableWindow
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
PostMessageA
EnumThreadWindows
GetSubMenu
IsChild
GetDC
ReleaseDC
ShowScrollBar
LoadCursorA
SetCursor
DestroyCursor
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
RemovePropA
GetWindowDC
GetParent
GetNextDlgTabItem
IsWindowVisible
UpdateWindow
SendMessageA
GetKeyState
GetClientRect
LoadMenuA
SetWindowsHookExA

gdi32

DeleteObject
GetCharWidthA
CreateFontA
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateCompatibleBitmap
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
LPtoDP
GetBkColor
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
CreateFontIndirectA
GetTextFaceA
GetWindowOrgEx
SetRectRgn
CombineRgn
BitBlt
CreateCompatibleDC
SelectObject
StretchDIBits
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DeleteDC
CreateDCA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
CreatePen
DPtoLP
Rectangle
GetStockObject
PatBlt
GetDeviceCaps
CreateDIBitmap
GetTextExtentPointA
CreateBitmap

comdlg32

PrintDlgA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
GetFileSecurityA
RegQueryValueA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
SetFileSecurityA
RegSetValueExA
RegCreateKeyExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ExtractIconA

comctl32

ord17

Exports

Exports

StartW

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3deb6209dc9c95daaecc9f849af840f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 248KB - Virtual size: 246KB

.reloc Size: 28KB - Virtual size: 26KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 248KB - Virtual size: 246KB

.reloc
Size: 28KB - Virtual size: 26KB