c323340c76bf55983cc8a8b16cfac75f

Sharing

Copy URL Twitter E-mail

General

Target

c323340c76bf55983cc8a8b16cfac75f
Size

544KB
MD5

c323340c76bf55983cc8a8b16cfac75f
SHA1

af27ed007e4110482f092005c5977a59c7b3cbcb
SHA256

da4b45f78d96243b3a18f69d495b671963bb3be9b34d967e045a7aecf0d97dc9
SHA512

761089a16f3195438d2671e2d1ee7530c367c41d49fe17917c8b8972e60589911697857827f2f6f2014cb90a11033aeafb64f5d4bc4c7049a99757185da436a4
SSDEEP

6144:gF12EMWMsTUShPreMp5Kb2wj78AOwE3vz:gF12i/hzz878zv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c323340c76bf55983cc8a8b16cfac75f

Files

c323340c76bf55983cc8a8b16cfac75f
.exe windows:5 windows x86 arch:x86

5d8e342d37a92392a8774a097a7716ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

scrollnavigator

GetSharedMemory
_MouseHookProc@12
_GetMessageHookProc@12

kernel32

LoadLibraryA
FreeLibrary
GetProcAddress
Sleep
GetFileAttributesA
CreateDirectoryA
ReadFile
CloseHandle
GetFileSize
CreateFileA
WriteFile
SetFilePointer
DeleteFileA
GetLocaleInfoA
SizeofResource
LockResource
LoadResource
FindResourceA
GetTickCount
MultiByteToWideChar
GetShortPathNameA
GetCurrentProcess
GetModuleHandleA
GetVersionExA
GetModuleFileNameA
GetCurrentProcessId
FindClose
FindFirstFileA
FindNextFileA
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetCommandLineA
GetStartupInfoA
HeapAlloc
GetSystemTimeAsFileTime
GetLastError
HeapFree
RtlUnwind
GetModuleHandleW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
HeapSize
GetTimeZoneInformation
RaiseException
InitializeCriticalSectionAndSpinCount
LCMapStringA
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
LCMapStringW

user32

GetDC
SetWindowPos
ChildWindowFromPoint
MapWindowPoints
GetParent
EnumChildWindows
SetRect
LookupIconIdFromDirectory
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
DestroyIcon
KillTimer
SetTimer
DialogBoxIndirectParamA
SetForegroundWindow
ShowWindow
SetLayeredWindowAttributes
RedrawWindow
GetWindowThreadProcessId
GetForegroundWindow
LoadCursorA
SetCursor
MessageBeep
LoadImageA
DestroyWindow
ScreenToClient
BringWindowToTop
DefWindowProcA
IsWindowVisible
DispatchMessageA
TranslateMessage
IsDialogMessageA
SetCapture
ReleaseCapture
PeekMessageA
GetMessageA
CreateWindowExA
LoadIconA
RegisterClassA
RegisterWindowMessageA
EndPaint
DrawFocusRect
BeginPaint
CreateIconFromResource
IsIconic
IsZoomed
SetClassLongA
AdjustWindowRectEx
SetParent
CreateIconIndirect
GetIconInfo
FrameRect
WindowFromDC
DrawIconEx
TrackPopupMenuEx
InsertMenuItemA
CreatePopupMenu
DrawTextA
InvalidateRgn
SetFocus
GetDlgItemTextA
EnableWindow
GetAsyncKeyState
GetCursorPos
WindowFromPoint
PtInRect
GetDesktopWindow
GetWindowRect
CopyRect
GetWindowTextA
ReleaseDC
FillRect
GetSysColor
GetSystemMetrics
PostMessageA
MessageBoxA
GetWindowLongA
CreateDialogParamA
GetFocus
GetDlgItem
SetDlgItemTextA
SetWindowTextA
SetWindowLongA
InvalidateRect
EndDialog
PostQuitMessage
SendDlgItemMessageA
SetWindowsHookExA
UnhookWindowsHookEx
SystemParametersInfoA
EnumWindows
SendMessageA
GetClassNameA
CallWindowProcA
GetClientRect
OffsetRect
GetWindowDC
IsWindowEnabled

gdi32

CreateFontA
CreateFontIndirectA
CombineRgn
CreateDIBSection
CreateCompatibleDC
CreateRectRgnIndirect
SelectClipRgn
DeleteObject
LineTo
MoveToEx
CreatePen
SelectObject
GetStockObject
SetDIBits
DeleteDC
GetObjectA
ExtTextOutA
CreateSolidBrush
GetTextExtentPoint32A
SetBkMode
SetTextColor
CreateRectRgn
GetDIBits
BitBlt
PatBlt
Polygon

comdlg32

GetOpenFileNameA
ChooseColorA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
Shell_NotifyIconA
FindExecutableA

comctl32

_TrackMouseEvent
InitCommonControlsEx

version

GetFileVersionInfoA
VerQueryValueA

msimg32

GradientFill

advapi32

CryptReleaseContext
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptDestroyHash
CryptVerifySignatureA
CryptHashData
CryptCreateHash
CryptImportKey
GetUserNameA
CryptAcquireContextA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 306KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d8e342d37a92392a8774a097a7716ec

Headers

DLL Characteristics

File Characteristics

Imports

scrollnavigator

kernel32

user32

gdi32

comdlg32

shell32

comctl32

version

msimg32

advapi32

ole32

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 306KB - Virtual size: 595KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 306KB - Virtual size: 595KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 14KB - Virtual size: 14KB