c82e4186c76dd276ddeeae40bb38625d

Sharing

Copy URL

Twitter E-mail

General

Target

c82e4186c76dd276ddeeae40bb38625d
Size

307KB
MD5

c82e4186c76dd276ddeeae40bb38625d
SHA1

1b0c80b4977b1367464a0f7db9c4bf083fe295ec
SHA256

39d8e3eb492914e882fdcbd45ddaa0946632e295c075bcfab3c0734e821a3363
SHA512

0b7ba2ddf8f35df78204428e4a2ad676732cbd73c9e90e78a725407b0cf1bbe3132c1759eba9e314885dac037f18302d82def3bc4614ff5157d5905ffe4ce80d
SSDEEP

6144:jS8yBuXbsr+ygr/YbtdV5oVWTJbIBbboV7UXF6:jLyYsayRbHYxAn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c82e4186c76dd276ddeeae40bb38625d

Files

c82e4186c76dd276ddeeae40bb38625d
.exe windows:4 windows x86 arch:x86

70d7dabf74f51a8bc4f1ddf01c7c758f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcatW
GetModuleHandleA
GetProcessVersion
lstrcmpiW
lstrcmpW
GlobalFlags
GetCurrentDirectoryW
FlushFileBuffers
SetEndOfFile
GetFullPathNameW
RtlUnwind
RaiseException
ExitProcess
TlsAlloc
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
HeapSize
HeapReAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
SetStdHandle
CreateFileA
GetACP
GetOEMCP
GetDriveTypeA
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalAlloc
FileTimeToLocalFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
SetLastError
lstrlenA
InterlockedDecrement
InterlockedIncrement
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
UnmapViewOfFile
DuplicateHandle
CreateFileMappingW
MapViewOfFile
GetFileType
GetFileInformationByHandle
GetLocalTime
SystemTimeToFileTime
FileTimeToDosDateTime
FileTimeToSystemTime
GetModuleFileNameA
WinExec
CreateMutexW
ReleaseMutex
CreateThread
GetCurrentProcessId
OutputDebugStringW
LoadLibraryA
lstrlenW
GetEnvironmentVariableW
GetShortPathNameW
GetCurrentProcess
SetPriorityClass
ResumeThread
GetModuleHandleW
EnumResourceNamesW
FindResourceW
LoadResource
SizeofResource
LockResource
FreeLibrary
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetSystemTime
SetFilePointer
LoadLibraryW
GetProcAddress
MultiByteToWideChar
ExpandEnvironmentStringsW
CreateProcessW
WaitForSingleObject
GetModuleFileNameW
GetDiskFreeSpaceExW
GetTickCount
Sleep
GetDriveTypeW
GetVolumeInformationW
SetFileAttributesW
GetFileAttributesW
CopyFileW
lstrcpynW
CreateDirectoryW
DeleteFileW
GetLastError
RemoveDirectoryW
FormatMessageW
LocalFree
CreateFileW
GetFileSize
ReadFile
CloseHandle
WriteFile
TerminateProcess

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageW
SetWindowTextW
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameW
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutW
DrawTextW
GrayStringW
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
DestroyWindow
SetPropW
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageW
SetWindowsHookExW
GetParent
GetLastActivePopup
GetWindowLongW
SendMessageW
EnableWindow
UnhookWindowsHookEx
PostQuitMessage
DefWindowProcW
GetForegroundWindow
GetWindowTextA
GetAsyncKeyState
CreateWindowExW
UpdateWindow
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
wsprintfW
MessageBoxW
IsWindowEnabled

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetViewportExtEx
SetViewportOrgEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
DeleteObject
Escape
OffsetViewportOrgEx
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
CreateBitmap
GetClipBox
DeleteDC

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

ord17

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70d7dabf74f51a8bc4f1ddf01c7c758f

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 140KB - Virtual size: 137KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 140KB - Virtual size: 137KB