b643742928fc2a2eb5dabf5f58202938f24a0f322503e74ede27ed1457068bb5[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b643742928fc2a2eb5dabf5f58202938f24a0f322503e74ede27ed1457068bb5.exe
Size

472KB
MD5

42f5383d9a63b479f13ee3642d53c0fa
SHA1

39483ac92992493a4f9364033ca6f84f27152fec
SHA256

b643742928fc2a2eb5dabf5f58202938f24a0f322503e74ede27ed1457068bb5
SHA512

d983ba76c125906c053301c7c3ceb85d062321fc243da54ccb18ad52e7e3621549f33302fd2c7ba6d52b9f0137056371fc130617dc23d5f091a9e8568bad8fa0
SSDEEP

12288:J8gSZp5aBhxeH3Z5bbGv5a5Kw13ikTNLIKD:8ZpcBhxeH3Z5vj5Kw13BxTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b643742928fc2a2eb5dabf5f58202938f24a0f322503e74ede27ed1457068bb5.exe

Files

b643742928fc2a2eb5dabf5f58202938f24a0f322503e74ede27ed1457068bb5.exe
.exe windows:4 windows x86 arch:x86

824d439308b33d2d874a8ca459662306

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
lstrcmpA
GlobalReAlloc
SetFileAttributesA
FreeLibrary
LoadLibraryA
GetCurrentDirectoryA
GetFileAttributesA
CompareFileTime
FindClose
FindFirstFileA
GetTempFileNameA
GetTempPathA
ExitProcess
TerminateProcess
GetCurrentProcess
ReleaseMutex
CreateMutexA
OpenMutexA
GetSystemDirectoryA
GetWindowsDirectoryA
CreateDirectoryA
CreateProcessA
MultiByteToWideChar
IsDBCSLeadByte
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
MoveFileExA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetShortPathNameA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InitializeCriticalSection
GetLocaleInfoA
GetProcessHeap
GetStringTypeW
GetExitCodeProcess
LCMapStringW
LCMapStringA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
WideCharToMultiByte
GetFileType
SetHandleCount
HeapSize
GetStdHandle
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
CreateThread
GetCurrentThreadId
SetEnvironmentVariableA
ExitThread
GetFullPathNameA
RtlUnwind
RaiseException
InterlockedExchange
SetLastError
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
ReadFile
HeapAlloc
GetModuleHandleA
GetProcAddress
GlobalUnlock
VirtualProtect
GlobalAlloc
LocalSize
GlobalLock
GlobalSize
SetCurrentDirectoryA
Sleep
RemoveDirectoryA
DeleteFileA
LocalAlloc
LocalFree
lstrcatA
WriteFile
GetModuleFileNameA
GetDriveTypeA
CreateFileA
SetFilePointer
GetFileSize
CloseHandle
lstrcpynA
GlobalFree
lstrcpyA
GetTickCount
lstrlenA
GetStringTypeA
GetLastError
HeapFree

user32

SetCursor
LoadCursorA
ScreenToClient
LoadStringA
MessageBoxA
ExitWindowsEx
IsWindow
IsIconic
IsWindowVisible
GetSystemMetrics
GetSysColor
DestroyWindow
SystemParametersInfoA
SetPropA
MapDialogRect
DialogBoxParamA
DrawTextExA
SetFocus
GetWindowLongA
SetTimer
GetCursorPos
GetScrollInfo
KillTimer
LoadBitmapA
SetRect
SetRectEmpty
GetSysColorBrush
GetParent
PostMessageA
IsDlgButtonChecked
SendDlgItemMessageA
EnableWindow
FillRect
GetWindowTextA
DrawTextA
CallWindowProcA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
SetWindowPos
LoadIconA
LoadImageA
RegisterClassExA
CreateWindowExA
GetSystemMenu
EnableMenuItem
PostQuitMessage
GetDC
ReleaseDC
BeginPaint
EndPaint
SendMessageA
IsZoomed
DefWindowProcA
MessageBeep
SetWindowLongA
UpdateWindow
InvalidateRect
EndDialog
GetDlgItem
GetWindowRect
MoveWindow
ShowWindow
wsprintfA
SetDlgItemTextA
SetClassLongA
SetWindowTextA
GetClientRect
PtInRect
CheckDlgButton

gdi32

CreateFontA
CreateBrushIndirect
CreateRectRgn
SetTextAlign
SelectClipRgn
GetDeviceCaps
SetStretchBltMode
StretchBlt
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleDC
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreatePen
SelectObject
CreateSolidBrush
Rectangle
DeleteObject
SetBkMode
SetTextColor
TextOutA
BitBlt
SetBkColor
GetStockObject
GetTextFaceA

shell32

SHGetSpecialFolderLocation
SHChangeNotify
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

comctl32

ord8
CreatePropertySheetPageA
ord17
PropertySheetA

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

824d439308b33d2d874a8ca459662306

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 125KB

.rsrc Size: 116KB - Virtual size: 113KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 125KB

.rsrc
Size: 116KB - Virtual size: 113KB