f848b22438735517f13797b61a78b4563ce2166e1d19c7b18c05c4bdff4a8cd2

Sharing

Copy URL

Twitter E-mail

General

Target

f848b22438735517f13797b61a78b4563ce2166e1d19c7b18c05c4bdff4a8cd2
Size

404KB
MD5

bdd2a639e52983f0f43258adb81155fb
SHA1

2bc75f3f6ef2b5e3b27a2d19147b20419dae9e98
SHA256

f848b22438735517f13797b61a78b4563ce2166e1d19c7b18c05c4bdff4a8cd2
SHA512

7932fe904ef26310f1751a79de9a6e3c9b994dbea9ff53789ca77ea8f3b5a918789abd77c4e0d02056f05176729ed5129fb92c7e6583134f1309e443b5da25db
SSDEEP

12288:0RLMuc1QJZwH2d1QkOOf7RkoBSQBDHtUCxS:0pu1Q9HlOOyUSQgCo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f848b22438735517f13797b61a78b4563ce2166e1d19c7b18c05c4bdff4a8cd2

Files

f848b22438735517f13797b61a78b4563ce2166e1d19c7b18c05c4bdff4a8cd2
.exe windows:4 windows x86 arch:x86

39e6701c7b8ef273496a6d1a05014c21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteEnhMetaFile
ResizePalette
PolyBezierTo
CreateBitmap
GetFontData
SetWindowExtEx
StretchBlt
GetEnhMetaFileHeader
CreateFontA
CreateFontIndirectA
SetViewportOrgEx
GetPixel
GetStockObject
PolyDraw
StartPage
GetEnhMetaFileBits
GetNearestPaletteIndex
CreateEnhMetaFileA
EnumMetaFile
SetTextCharacterExtra
GetClipRgn
GetGlyphOutlineW
CreateDIBPatternBrushPt
CreateFontW
ExtEscape
SetWindowOrgEx
RemoveFontResourceA
DeleteObject
GetBitmapBits
SetWorldTransform
GetGlyphOutlineA
RealizePalette
ResetDCW
GetWinMetaFileBits
EndPage
IntersectClipRect
StartDocA
ScaleViewportExtEx
GetTextFaceA
Rectangle
AbortDoc
LPtoDP
RectInRegion
GetDIBColorTable
GdiFlush
GetSystemPaletteEntries
SetMapMode
GetEnhMetaFilePaletteEntries
GetMapMode
SetMetaFileBitsEx
CancelDC
GetObjectW
DeleteDC
CreateRoundRectRgn
EndPath
GetObjectA
BeginPath
ExtCreatePen
CreateDCA
GetClipBox
SetTextAlign
SelectClipRgn
SetStretchBltMode
EqualRgn
EndDoc
GetTextMetricsA
UpdateColors
MoveToEx
CreateFontIndirectW
CreateRectRgn
SetBitmapBits
FillPath
GetTextExtentPoint32A
CreateEllipticRgn
CreateICW
PolyPolyline
GetKerningPairsA
CreateCompatibleBitmap
FillRgn
GetTextColor
SetPolyFillMode
OffsetClipRgn
SetColorAdjustment
PlayEnhMetaFileRecord
BitBlt
ExtSelectClipRgn

advapi32

DecryptFileW
SetServiceStatus
GetServiceKeyNameA
RegConnectRegistryA
RegOpenKeyExA
ControlService
ReportEventW
RegisterServiceCtrlHandlerW
EnumServicesStatusA
LogonUserA
StartServiceCtrlDispatcherW
RegOpenKeyExW
RegQueryInfoKeyA
RegNotifyChangeKeyValue
GetServiceDisplayNameW
RegCreateKeyExW
RegSetValueExA
ChangeServiceConfigW
ReportEventA
ReadEventLogW
RegCreateKeyW
OpenSCManagerA
RegSetValueW
QueryServiceConfigW
RegRestoreKeyW
RegSetValueA
LsaOpenPolicy
ChangeServiceConfig2A
RegQueryInfoKeyW
CreateServiceW
StartServiceCtrlDispatcherA
RegCloseKey
SetServiceObjectSecurity
GetUserNameW
CreateProcessAsUserW
RegDeleteKeyA
DeleteService
InitiateSystemShutdownA
QueryServiceLockStatusW
ChangeServiceConfig2W
RegEnumKeyExA
RegisterEventSourceA
LsaFreeMemory
QueryServiceStatus
EnumDependentServicesA
RegUnLoadKeyW
RegCreateKeyA
RegCreateKeyExA
OpenSCManagerW
RegQueryValueW
CloseServiceHandle
RegEnumKeyW
OpenEventLogW

rasapi32

RasGetConnectStatusA
RasEnumConnectionsA

user32

ShowOwnedPopups
FillRect
CheckMenuItem
ReuseDDElParam
CreateDialogParamA
SystemParametersInfoA
ChangeDisplaySettingsA
DrawStateA
GetCursorPos
GetClipCursor
SetClipboardData
ClipCursor
DialogBoxParamA
InsertMenuW
FindWindowA
EnableWindow
mouse_event
GetClipboardFormatNameW
DdeClientTransaction
GetCapture
GetDlgItem
GetMessagePos
CharToOemA
FindWindowExA
SetActiveWindow
DrawStateW
GetWindow
GetClassNameA
InsertMenuA
DispatchMessageA
FindWindowW
GetWindowTextLengthA
SetMenuDefaultItem
DrawTextA
SetFocus
DrawIcon
ChangeClipboardChain
MapVirtualKeyA
CopyImage
CharNextA
IsCharLowerA
GetKeyState
SetWindowPlacement
GetSystemMetrics
UnionRect
SendInput
MessageBoxA
DdeFreeStringHandle
GetWindowLongW
GetDC
ValidateRect
IsClipboardFormatAvailable
TranslateAcceleratorW

msvcrt

_setmbcp
_controlfp
_getpid
__dllonexit
_onexit
exit
wcstok
_j0
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

mpr

WNetUseConnectionA
WNetCancelConnectionA
WNetDisconnectDialog
MultinetGetConnectionPerformanceA
WNetGetConnectionA

kernel32

GetFileTime
GetConsoleTitleA
EnterCriticalSection
OpenJobObjectA
GetStringTypeA

mfc42

ord4424
ord1029
ord4080
ord3079
ord3825
ord3831
ord3830
ord3401
ord2976
ord3081
ord2985
ord3262
ord1084
ord4465
ord3259
ord1054
ord2982
ord3738
ord5714
ord1041
ord5307
ord4698
ord1059
ord2725
ord5302
ord1082
ord3346
ord2396
ord1014
ord1089
ord3922
ord5731
ord1035
ord2554
ord4486
ord6375
ord815
ord561
ord1576
ord1078
ord1168

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

39e6701c7b8ef273496a6d1a05014c21

Headers

File Characteristics

Imports

gdi32

advapi32

rasapi32

user32

msvcrt

mpr

kernel32

mfc42

Sections

.text Size: 240KB - Virtual size: 237KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 60KB - Virtual size: 4.2MB

.rsrc Size: 12KB - Virtual size: 11KB

.htext Size: 20KB - Virtual size: 20KB

.text
Size: 240KB - Virtual size: 237KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 60KB - Virtual size: 4.2MB

.rsrc
Size: 12KB - Virtual size: 11KB

.htext
Size: 20KB - Virtual size: 20KB