c865b4535abf92a902baa0b44132c870

Sharing

Copy URL Twitter E-mail

General

Target

c865b4535abf92a902baa0b44132c870
Size

176KB
MD5

c865b4535abf92a902baa0b44132c870
SHA1

6904b9163b0d03101c6826406414316857ab6ce1
SHA256

39019bd60ad79f83401ea7386dede652cce5537396fcb6bd36d07233d0202100
SHA512

a4b16ede5f3c91b8492d290a76cf34f0e32ba53b38cc9bf6f31d5accf4072ff89330698cde644a4bb6d6fbe21374d1b79a2e6050679c25d1a749c056a2283d31
SSDEEP

3072:7bRKh9JvcM4s9VH/59IeAoQTQ/OBQ1zJ76so5k9wa:7bRK7JkY//Ee2er1F7zo5k9f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c865b4535abf92a902baa0b44132c870

Files

c865b4535abf92a902baa0b44132c870
.exe windows:4 windows x86 arch:x86

7b72a02377b772d3b9b1d6e6aab5185d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
CreateFileW
GetCalendarInfoW
FindClose
GetProcAddress
SetFilePointer
RemoveDirectoryW
GetThreadLocale
InitializeCriticalSection
lstrcpyW
RaiseException
GetModuleFileNameW
ReleaseMutex
GetVersionExW
FindFirstFileW
GetThreadContext
GetSystemDefaultLangID
DeleteFileW
MultiByteToWideChar
LoadLibraryW
EnumResourceLanguagesW
SetFileTime
GetLocaleInfoA
FindNextFileW
ReadFile
WaitForSingleObject
GetACP
EnumResourceNamesA
MoveFileW
WriteFile
CloseHandle
GetCurrentDirectoryW
LockResource
ExitProcess
WideCharToMultiByte
DeleteCriticalSection
LocalFileTimeToFileTime
SizeofResource
lstrcmpiA
GetLocaleInfoW
GetFileAttributesW
GetModuleHandleW
VirtualFree
FreeLibrary
LoadResource
CreateDirectoryW
CreateMutexW
InterlockedDecrement
GetVersion
SystemTimeToFileTime
InterlockedExchange
FindResourceW
ConvertDefaultLocale
lstrcmpA

gdi32

GetBkColor
SetMapMode
PtVisible
TextOutW
GetTextColor
GetObjectW
GetStockObject
SetTextColor
SetWindowExtEx
CreateBitmap
GetDeviceCaps
OffsetViewportOrgEx
GetClipBox
SetViewportOrgEx
SetViewportExtEx
RectVisible
Escape
ScaleViewportExtEx
ExtTextOutW
RestoreDC
GetRgnBox
GetMapMode
ScaleWindowExtEx
ExtSelectClipRgn
DeleteObject
DeleteDC
SaveDC
GetWindowExtEx
SelectObject
SetBkColor
GetViewportExtEx
CreateRectRgnIndirect

ole32

StgCreateDocfileOnILockBytes
CoUninitialize
CoInitialize
StgOpenStorageOnILockBytes
OleUninitialize
CLSIDFromProgID
OleInitialize
OleFlushClipboard
CoGetClassObject
CoTaskMemFree
CreateILockBytesOnHGlobal
CoCreateInstance
CoRevokeClassObject
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoTaskMemAlloc
CoRegisterMessageFilter
CLSIDFromString

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathStripToRootW
PathIsUNCW
PathFileExistsW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathAppendW

advapi32

RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW

oledlg

OleUIBusyW

user32

AdjustWindowRectEx
SetRect
GetClassLongW
CopyAcceleratorTableW
EqualRect
IsRectEmpty
OffsetRect
GetClassInfoW
IsChild
GetClassInfoExW
GetMessagePos
IsIconic
SetPropW
GetNextDlgTabItem
CharNextW
DefWindowProcW
RegisterClassW
GetMessageTime
SetActiveWindow
GetNextDlgGroupItem
IsWindow
InvalidateRgn
GetWindowPlacement
MapWindowPoints
MessageBeep
IntersectRect
GetForegroundWindow
GetClientRect
CharUpperW
LoadIconW
RegisterWindowMessageW
InvalidateRect
GetPropW
UpdateWindow
SetForegroundWindow
CallWindowProcW
RemovePropW
CreateWindowExW
SendDlgItemMessageA
GetMenu
WinHelpW
GetTopWindow
DestroyMenu

comdlg32

GetFileTitleW

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b72a02377b772d3b9b1d6e6aab5185d

Headers

File Characteristics

Imports

kernel32

gdi32

ole32

winspool.drv

shell32

shlwapi

advapi32

oledlg

user32

comdlg32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 66KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 66KB

.edata
Size: 1024B - Virtual size: 92KB