c8e8aa35b9d574d4cf5ee4ad2b106efb

Sharing

Copy URL Twitter E-mail

General

Target

c8e8aa35b9d574d4cf5ee4ad2b106efb
Size

986KB
MD5

c8e8aa35b9d574d4cf5ee4ad2b106efb
SHA1

f31e99a7d14baadc269e4ac1eb7ab41cfede457d
SHA256

818c332c8462aa6e9e18d5860836dcaff04a13162f4102ad3ce9c397f8c97e10
SHA512

fa0d32af0d2158352f51118d3cf96f17390f24fd46dda84c0ef2c78c56e7c790cde175ada9046870327e4ba6b3877ed476cff160f00d471ec374abcd2f08d349
SSDEEP

24576:0aVs6QEt3TLUunEMvRU43TT1Nw4TbZ8qtkp1j7K/:0ssEyvMv3jpW4TYn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e8aa35b9d574d4cf5ee4ad2b106efb

Files

c8e8aa35b9d574d4cf5ee4ad2b106efb
.exe windows:5 windows x86 arch:x86

e6d8ad6c43e90e444a5facaf8cbc2b1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
StringFromGUID2
CoGetObject
CoInitializeEx
CoUninitialize

kernel32

InterlockedCompareExchange
GetStartupInfoA
InterlockedExchange
GetSystemTimeAsFileTime
LocalFree
GetCurrentProcessId
Sleep
CreateMutexW
GetProcessHeap
SetUnhandledExceptionFilter
TerminateProcess
HeapFree
GetLastError
GetCurrentProcess
GetTickCount
UnhandledExceptionFilter
CloseHandle
GetCurrentThreadId
VerifyVersionInfoW
HeapAlloc
GetModuleHandleA
QueryPerformanceCounter
MulDiv
VerSetConditionMask
IsWow64Process

setupapi

SetupDiGetClassDevsW
SetupDiOpenDeviceInterfaceW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW

gdi32

StretchBlt
GetStockObject
GdiAlphaBlend
SelectObject
SetStretchBltMode
PatBlt
GdiSetBatchLimit
CreateSolidBrush
SetBkMode
GetTextMetricsW
CreateFontIndirectW
SetBkColor
CreatePen
Polyline
DeleteObject
DeleteDC
SetTextColor
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetObjectW
GetDeviceCaps

tapi32

lineUncompleteCall
lineAccept

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

oleacc

CreateStdAccessibleObject
LresultFromObject

comctl32

InitCommonControlsEx
PropertySheetW

user32

ShowWindow
GetSysColor
LoadBitmapW
GetWindowLongW
RedrawWindow
PostMessageW
LoadStringW
GetSysColorBrush
FindWindowW
DestroyWindow
IsDlgButtonChecked
KillTimer
PtInRect
SystemParametersInfoW
ChangeDisplaySettingsExW
EnableWindow
SetFocus
MapWindowPoints
FrameRect
SendMessageTimeoutW
CheckRadioButton
SendMessageW
GetParent
DrawFocusRect
SetTimer
EndDialog
SetForegroundWindow
MapDialogRect
DefWindowProcW
GetProcessDefaultLayout
EnumDisplayDevicesW
CopyImage
TrackMouseEvent
IsCharAlphaNumericW
MessageBoxW
CheckDlgButton
SendDlgItemMessageW
SetWindowTextW
RegisterClassExW
DialogBoxParamW
SetWindowLongW
EnumDisplaySettingsW
GetDC
EndPaint
InvalidateRect
DrawTextW
FillRect
SetDlgItemTextW
GetFocus
ReleaseDC
GetWindowRect
CreateWindowExW
GetClientRect
GetSystemMetrics
SetWindowPos
GetDlgItem
LoadCursorW
BeginPaint

Sections

.text
Size: 677KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6d8ad6c43e90e444a5facaf8cbc2b1f

Headers

File Characteristics

Imports

ole32

kernel32

setupapi

gdi32

tapi32

advapi32

oleacc

comctl32

user32

Sections

.text Size: 677KB - Virtual size: 676KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 276KB - Virtual size: 3.5MB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 677KB - Virtual size: 676KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 276KB - Virtual size: 3.5MB

.rsrc
Size: 28KB - Virtual size: 27KB