c8fe706230b0e62b258bcc97644df805

Sharing

Copy URL Twitter E-mail

General

Target

c8fe706230b0e62b258bcc97644df805
Size

176KB
MD5

c8fe706230b0e62b258bcc97644df805
SHA1

538254f35b6d4174a438b893730d9aee29ceaaf8
SHA256

52e0f89d42f29d65d8840955bd179e8405bf6735bb879a351b9d52b6948c7549
SHA512

9079c2345ff76b51a3ee2897adbb2118ea9c7dad748c958b42e7078c46da5fa5358af927f688161b6f491103ce86cf91fa81efc4200100eafdf9808680f90f25
SSDEEP

3072:Kar6+eF0xEAzbGWwop0NbPJcR6nNmIiBZYSg+1EK/nDYPW:5NeSVhpcxS6NtjSB1vn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8fe706230b0e62b258bcc97644df805

Files

c8fe706230b0e62b258bcc97644df805
.exe windows:4 windows x86 arch:x86

57d4f9b40c06ec1783f2ae83f85b77b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetActiveWindow
MonitorFromPoint
GetMonitorInfoA
LoadIconA
GetActiveWindow
GetSystemMetrics
ReleaseDC
GetDC
GetWindowRect
CreateWindowExA
MonitorFromWindow
LoadCursorA
GetDesktopWindow
OffsetRect
EnumDisplayMonitors
ScrollWindowEx
GetClientRect
WindowFromDC
RegisterClassA
DefWindowProcA
SetWindowPos
CharNextW
DestroyWindow
UnregisterClassA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

shlwapi

PathRemoveFileSpecA
PathAppendA

kernel32

InterlockedCompareExchange
GetCalendarInfoW
GetModuleFileNameA
InterlockedIncrement
GetThreadPriority
GetTimeFormatW
GetCurrentThreadId
SetCurrentDirectoryA
lstrcmpW
GetProcAddress
GlobalAlloc
WaitForSingleObject
GetCurrentDirectoryA
GetLocalTime
CreateFileA
TlsFree
GetProfileStringW
FreeLibrary
GetUserDefaultLangID
SetThreadPriority
GetTickCount
FindFirstFileA
GetTempPathW
GetLastError
GlobalUnlock
DeleteFileW
GetThreadLocale
WideCharToMultiByte
GetDateFormatW
MultiByteToWideChar
SetUnhandledExceptionFilter
TlsSetValue
EnumResourceNamesA
GetWindowsDirectoryA
ExitProcess
ReadFile
IsDebuggerPresent
FindNextFileA
GetCurrentThread
GlobalFree
FindClose
lstrlenW
GetFileSize
GetDateFormatA
Sleep
GetEnvironmentVariableW
GetSystemInfo
TerminateProcess
EnterCriticalSection
GetCurrentProcess
GetSystemDefaultLCID
CreateMutexA
IsProcessorFeaturePresent
GetModuleHandleA
GlobalSize
CreateSemaphoreA
GetSystemTimeAsFileTime
CloseHandle
InitializeCriticalSection
TlsGetValue
QueryPerformanceCounter
GlobalLock
GetTimeFormatA
LeaveCriticalSection
UnhandledExceptionFilter
GetACP
GetSystemDirectoryA
GetVersionExA
ReleaseSemaphore
LoadLibraryA
ReleaseMutex
InterlockedExchange
GetFileTime
GetLocaleInfoA
LocalAlloc
DeleteCriticalSection
GetCurrentProcessId
RaiseException

gdi32

PatBlt
IntersectClipRect
GetDIBColorTable
CreateDIBSection
SetStretchBltMode
RestoreDC
EndPath
BitBlt
SelectObject
SetWorldTransform
CreateBrushIndirect
CreatePalette
StretchDIBits
SelectClipRgn
GetClipBox
GetObjectA
CreateRectRgn
MoveToEx
CreateICW
CreatePolyPolygonRgn
GetViewportOrgEx
BeginPath
SaveDC
StartDocW
Escape
SelectClipPath
SelectPalette
SetGraphicsMode
FillPath
RealizePalette
AbortDoc
CreateBitmap
SetROP2
OffsetRgn
ExtSelectClipRgn
Rectangle
StrokePath
GetCurrentObject
EqualRgn
PolyBezierTo
LineTo
CreateDCW
GetRegionData
CreateCompatibleDC
SetDIBits
StartPage
StretchBlt
EndPage
ResetDCW
DeleteObject
SetBrushOrgEx
CloseFigure
GetStockObject
GetGraphicsMode
EndDoc
ExtEscape
ModifyWorldTransform
GetDeviceCaps
PolylineTo
GetRgnBox
SetMiterLimit
SetPolyFillMode
GetWorldTransform
DeleteDC
CombineRgn
ExtCreatePen
CreateCompatibleBitmap
CreatePatternBrush
PolyDraw

ole32

StgOpenStorageOnILockBytes
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRetireServer
OleInitialize
StgCreateDocfileOnILockBytes
CoInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleUninitialize
CoUninitialize
OleFlushClipboard
CoGetClassObject
CoTaskMemFree
CoCreateInstance
CLSIDFromProgID
CoFreeUnusedLibraries
CLSIDFromString

msimg32

AlphaBlend

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57d4f9b40c06ec1783f2ae83f85b77b2

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

kernel32

gdi32

ole32

msimg32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 66KB - Virtual size: 66KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 66KB - Virtual size: 66KB

.edata
Size: 1024B - Virtual size: 92KB