b1ed8b549cf61ae2019ac2fd6718aa751f4bf451d0881eac11f91e121c20a2a7

Sharing

Copy URL Twitter E-mail

General

Target

b1ed8b549cf61ae2019ac2fd6718aa751f4bf451d0881eac11f91e121c20a2a7
Size

444KB
MD5

fbfd5d08ebf6bfc5ae4420fad96d7f4d
SHA1

e4050d62b852c52b949fda7d9b252d1f3beb2a37
SHA256

b1ed8b549cf61ae2019ac2fd6718aa751f4bf451d0881eac11f91e121c20a2a7
SHA512

aec2489ddd3dfc53ad29ca6b4f0e7f87fc312f6f319875aec26ed27d3cdec90d99861108fac2e476c2b35873d74750a2d4ff3eb2667c8f17a9927688c1ea5ab9
SSDEEP

6144:55DRhr6QFvSbYrhvqhCu5MDwp/NR8helYMRLgPcO7KVVK3:XDLr6kqhCBU5NR8hep6Jz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1ed8b549cf61ae2019ac2fd6718aa751f4bf451d0881eac11f91e121c20a2a7

Files

b1ed8b549cf61ae2019ac2fd6718aa751f4bf451d0881eac11f91e121c20a2a7
.exe windows:4 windows x86 arch:x86

83a489f75eb44786563739d746959c79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveOutReset
waveOutWrite
mciSendCommandA
mciGetErrorStringA

msacm32

acmStreamOpen
acmStreamSize
acmStreamConvert
acmStreamClose
acmStreamUnprepareHeader
acmFormatTagDetailsA
acmStreamPrepareHeader

kernel32

FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SetEndOfFile
LocalAlloc
GlobalHandle
LocalReAlloc
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
LockFile
UnlockFile
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
ExitProcess
TerminateProcess
HeapFree
GetTimeZoneInformation
GetLocalTime
GetStartupInfoA
GetFileTime
DuplicateHandle
GetFileAttributesA
FlushFileBuffers
ExitThread
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentProcess
GetModuleFileNameA
GetCurrentThread
lstrcmpA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
GetVersion
GlobalGetAtomNameA
GlobalFindAtomA
GlobalDeleteAtom
WideCharToMultiByte
LocalFree
MultiByteToWideChar
GlobalLock
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GlobalUnlock
MulDiv
GetCurrentThreadId
SetLastError
SuspendThread
IsBadWritePtr
OutputDebugStringA
IsBadReadPtr
TlsFree
GlobalReAlloc
RaiseException
TlsGetValue
TlsAlloc
GetProfileStringA
DeleteCriticalSection
EnterCriticalSection
TlsSetValue
GetLastError
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
GetProcAddress
FreeLibrary
CopyFileA
GlobalSize
WaitForMultipleObjects
lstrcpyA
GetSystemTime
GetTickCount
lstrcatA
GetVersionExA
lstrcpynA
WriteFile
GetTempPathA
GetTempFileNameA
ReadFile
GetFileSize
GlobalAlloc
CreateFileA
GlobalFree
GetSystemInfo
lstrcmpiA
SetFilePointer
SetThreadPriority
FindResourceA
ResetEvent
ResumeThread
LockResource
LoadResource
SizeofResource
Sleep
DeleteFileA
SetEvent
lstrlenA
WaitForSingleObject
CloseHandle
HeapAlloc
CreateEventA
CreateThread
GetCommandLineA
InterlockedExchange

user32

GetTopWindow
MessageBoxA
CopyRect
GetCapture
AdjustWindowRectEx
SetFocus
SendDlgItemMessageA
UpdateWindow
CheckRadioButton
IsDlgButtonChecked
MapWindowPoints
WinHelpA
ShowWindow
LoadStringA
SetCursor
CharUpperA
LoadIconA
GetClassNameA
PtInRect
DestroyMenu
IsDialogMessageA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
wsprintfA
GetWindowTextA
MoveWindow
SetWindowTextA
GetSysColorBrush
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ClientToScreen
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
RegisterClassA
GetWindowPlacement
SetWindowsHookExA
GetMenuCheckMarkDimensions
GetMenuState
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetDesktopWindow
GetWindowRect
LoadCursorA
DrawIcon
GetDC
ReleaseDC
LoadImageA
GetIconInfo
OffsetRect
IntersectRect
UnionRect
GetSysColor
SetRect
PostQuitMessage
RedrawWindow
ShowCursor
GetCursorPos
ScreenToClient
PostMessageA
SetClassLongA
SystemParametersInfoA
LoadBitmapA
GetSystemMetrics
GetForegroundWindow
SendMessageA
EnableWindow
GetClientRect
FillRect
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
EndDialog
GetClassInfoA
GetWindowTextLengthA
SetActiveWindow
RegisterWindowMessageA
IsIconic
PeekMessageA
IsWindowVisible
SetMenuItemBitmaps
ModifyMenuA
GetWindowDC
InflateRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
IsWindowUnicode
CharNextA
DefDlgProcA
InvalidateRect

gdi32

PatBlt
CreateCompatibleBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
CreateFontA
BitBlt
CreateCompatibleDC
GetBitmapDimensionEx
DeleteObject
GetTextExtentPoint32A
CreateFontIndirectA
CreateBitmap
SetBitmapDimensionEx
StretchBlt
SetDIBitsToDevice
GetDeviceCaps
GetDIBits
CreatePalette
CreateDIBSection
RealizePalette
SelectPalette
GetSystemPaletteEntries
GetStockObject
CreateDIBitmap
GetObjectA
DeleteDC
SelectObject
SetMapMode
SetBkColor
SaveDC
SetBkMode
RestoreDC
SetTextColor
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
IntersectClipRect
GetTextExtentPointA
MoveToEx
LineTo
SetTextAlign
CreateSolidBrush
CreatePen
PtVisible
GetTextMetricsA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA
SHGetFileInfoA

comctl32

ord17

Sections

.text
Size: 320KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83a489f75eb44786563739d746959c79

Headers

File Characteristics

Imports

winmm

msacm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 320KB - Virtual size: 318KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 24KB - Virtual size: 37KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 320KB - Virtual size: 318KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 24KB - Virtual size: 37KB

.rsrc
Size: 32KB - Virtual size: 29KB