c871418268a293eeb3e754c08c6d550d

Sharing

Copy URL

Twitter E-mail

General

Target

c871418268a293eeb3e754c08c6d550d
Size

740KB
MD5

c871418268a293eeb3e754c08c6d550d
SHA1

19484b48cdd45099fd3a2de610310f3267af4d6e
SHA256

37ef370b7400a91001df528bb41685dca00b56d31051a85c2d0f6dd938ff8a0d
SHA512

e9a141f3b65dda7e81d5670c658f318a233d24c110504de767c23e843949cb15efef4094f3fdaec70a4918778441dab272a10580deec9799503ee530e7c03631
SSDEEP

12288:Q7PIXzdFNrfJuwR8K0fCTJKIBrw6EWToSRswJpJg5TQ:OQjCw6K4sJKYw6HTo+LJEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c871418268a293eeb3e754c08c6d550d

Files

c871418268a293eeb3e754c08c6d550d
.exe windows:4 windows x86 arch:x86

2e229406bc4492e837e6f180b2bc6fec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\vqq_debug\release\pdb\SnapShot.pdb

Imports

kernel32

CreateMutexW
OpenMutexW
GetCommandLineW
MapViewOfFileEx
FlushInstructionCache
MulDiv
InterlockedDecrement
GetCPInfo
GetFullPathNameW
WideCharToMultiByte
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
GetCurrentDirectoryA
CompareStringW
CompareStringA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
GetStdHandle
Sleep
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetVersionExW
RtlUnwind
GetStartupInfoW
CreateDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
ProcessIdToSessionId
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
QueryPerformanceCounter
GetTickCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetDriveTypeA
SetEndOfFile
InterlockedCompareExchange
VirtualQueryEx
GetCurrentProcess
SizeofResource
LoadResource
FindResourceW
FindResourceExW
GetLocalTime
OpenFileMappingW
LockResource
UnmapViewOfFile
GetStartupInfoA
CloseHandle
MapViewOfFile
CreateFileMappingW
SystemTimeToFileTime
InterlockedIncrement
GetVersion
GetModuleHandleA
LoadLibraryA
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetFileAttributesW
SetLastError
OutputDebugStringA
lstrlenW
LocalFree
FindClose
DeviceIoControl
CopyFileW
GetFileSize
GetDriveTypeW
GetLogicalDrives
FindFirstFileW
TlsGetValue
GetSystemDirectoryW
TlsSetValue
GetTempPathW
GetTempFileNameW
TlsFree
TlsAlloc
IsBadReadPtr
MultiByteToWideChar
ReadProcessMemory
CreateFileA
SetUnhandledExceptionFilter
FreeLibrary
GetCurrentThread
VirtualQuery
GetThreadSelectorEntry
CreateFileW
GetCurrentProcessId
DeleteFileW
ReadFile
GetModuleFileNameA
SetFilePointer
GetCurrentThreadId
WriteFile
GetACP
WritePrivateProfileStringW
GetLastError
ExitProcess
GetModuleFileNameW

user32

SetWindowTextW
DrawTextW
SetWindowsHookExW
TrackPopupMenu
GetClassInfoW
CallNextHookEx
ReleaseCapture
InsertMenuW
BringWindowToTop
DispatchMessageW
DestroyMenu
SetPropW
EnableWindow
UnregisterClassW
SetCapture
SetClipboardData
UpdateLayeredWindow
GetPropW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
LoadMenuW
GetClassInfoExW
UpdateWindow
InflateRect
OpenClipboard
GetWindowTextW
GetMessageW
SetForegroundWindow
CloseClipboard
GetSubMenu
RegisterClassW
DefWindowProcW
TranslateMessage
EndMenu
MoveWindow
UnhookWindowsHookEx
GetMenuItemCount
EmptyClipboard
SetWindowPlacement
GetFocus
RegisterClassExW
GetWindowTextLengthW
IsWindowVisible
PostMessageW
FrameRect
LoadBitmapW
LoadStringW
KillTimer
SetTimer
EndPaint
SendDlgItemMessageW
ShowWindow
CreateWindowExW
BeginPaint
ClientToScreen
GetDlgItem
ScreenToClient
SetFocus
EnumDisplayMonitors
SystemParametersInfoW
EndDialog
CreateDialogParamW
MapWindowPoints
GetWindow
DestroyWindow
GetMonitorInfoW
IsWindow
MonitorFromPoint
LoadCursorW
OffsetRect
SetCursor
GetDC
GetSystemMetrics
GetDesktopWindow
FillRect
ReleaseDC
IsWindowEnabled
LoadImageW
GetWindowRect
PtInRect
GetWindowLongW
GetClientRect
InvalidateRect
SendMessageW
GetParent
SetWindowPos
SetWindowLongW
CallWindowProcW
GetCursorPos
DeleteMenu
UnregisterClassA

gdi32

GetDIBits
CreateDIBSection
PatBlt
GetDeviceCaps
SetTextColor
SetPixelV
GetStockObject
SetStretchBltMode
SetROP2
SetBkMode
Polygon
Ellipse
CreateFontIndirectW
GetPixel
Rectangle
LineTo
MoveToEx
CreatePen
CreateSolidBrush
CreateCompatibleBitmap
DeleteObject
StretchBlt
BitBlt
SelectObject
GetObjectW
CreateCompatibleDC
DeleteDC

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
LookupAccountNameW
ConvertSidToStringSidW
RegDeleteValueW
RegSetValueExW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
GetSecurityInfo
SetEntriesInAclW
RegCloseKey

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFolderPathW

ole32

CoUninitialize
CoCreateGuid
CoInitialize

shlwapi

PathFindFileNameW
PathFindExtensionW
PathFileExistsW

msimg32

AlphaBlend

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

htons
WSAStartup
gethostbyname
sendto
WSACleanup
socket
closesocket

netapi32

NetApiBufferFree
NetWkstaTransportEnum
Netbios

Sections

.text
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uI�
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e229406bc4492e837e6f180b2bc6fec

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msimg32

wtsapi32

version

ws2_32

netapi32

Sections

.text Size: 404KB - Virtual size: 401KB

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 136KB - Virtual size: 135KB

uI� Size: 72KB - Virtual size: 72KB

.text
Size: 404KB - Virtual size: 401KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 136KB - Virtual size: 135KB

uI�
Size: 72KB - Virtual size: 72KB