ca4bc58923bc366e916d6333bee62333

Sharing

Copy URL Twitter E-mail

General

Target

ca4bc58923bc366e916d6333bee62333
Size

155KB
MD5

ca4bc58923bc366e916d6333bee62333
SHA1

a7ce72295d6ffed80c15de5a0714a105e1c693e7
SHA256

18e170752327219250d6e8adba40f4dc447907837631cca8c8b9948bf419ee82
SHA512

79a37f8481cda856786a3f9bbfdf7ca3f945947db9c66b4cb3480414cb23b2037cc51009a823dd3eb51331c5fdcc776a742046156edef2301f8adce79067c8c1
SSDEEP

3072:aRjOy3Lo/2t5obCItsucLbW//gB5Mpe+3BkjcGWasAFEJ0BzXc2q:aRjOyG2t5ahtsucLb/P+32AqC0VXHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca4bc58923bc366e916d6333bee62333

Files

ca4bc58923bc366e916d6333bee62333
.exe windows:5 windows x86 arch:x86

78fa33b94d9d07c5b279bcfa1cbadd49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\gKcgxNVrgnrN\sopSotJbNx\jeVoCzwglrbl.pdb

Imports

comdlg32

FindTextW
ChooseColorW
CommDlgExtendedError

gdi32

CreateDIBSection
ExcludeClipRect
EndPath
GetWindowOrgEx
SetWindowOrgEx
CreatePatternBrush
IntersectClipRect
CreatePalette
CreateBitmap
GetTextExtentPointA
SetBitmapDimensionEx
GetCurrentObject
RectInRegion
StretchBlt
PathToRegion
BeginPath
CreateBrushIndirect
CreateBitmapIndirect
TextOutW
CreateFontA
CreateHalftonePalette
AddFontResourceW
GetBkMode
GetTextExtentExPointW
CreateRectRgnIndirect
SetBrushOrgEx
EnumFontsW
PtVisible
GetTextExtentPoint32A
SaveDC
GetObjectA
SetMapMode
LPtoDP
StartDocW
LineDDA

comctl32

ImageList_Read
ImageList_SetIconSize
ImageList_Write
CreatePropertySheetPageA
CreatePropertySheetPageW

user32

InvalidateRect
DrawMenuBar
MessageBoxExA
SetCursorPos
OpenDesktopW
CharUpperW
PostThreadMessageA
WindowFromPoint
DestroyWindow
DeferWindowPos
GetClassInfoExW
SetDlgItemTextW
GetTopWindow
FindWindowExA
CreateIconIndirect
GetIconInfo
IsWindowVisible
GetUpdateRgn
OpenIcon
GetDCEx
IsCharAlphaW
EnableWindow
EnumThreadWindows
GetMenuItemID
SwapMouseButton
ChildWindowFromPoint
mouse_event
GetSystemMetrics
CreateCaret
DestroyMenu
RegisterClassA
ShowCursor
SendNotifyMessageW
IsMenu
SetWindowLongW
LookupIconIdFromDirectory
CloseDesktop
GetActiveWindow
GetUpdateRect
SetWindowPlacement
CharNextA
GetMenuItemInfoW
GetMenuStringA
CreateIconFromResource
GetUserObjectInformationW
ShowScrollBar
RegisterClassExA
CreateDialogParamA
GetFocus
ShowOwnedPopups
GetMenuState
DrawIconEx
BeginPaint
DefWindowProcA
CharToOemW
EndTask
DialogBoxIndirectParamW
wvsprintfA
GetKeyboardLayoutList
GetWindowTextLengthW
SetUserObjectInformationW
EqualRect
GetShellWindow
LoadIconA
WaitForInputIdle
SetCaretPos
DeleteMenu
InternalGetWindowText
GetCaretPos
GetScrollInfo
LoadMenuW
PeekMessageW
LoadBitmapW
SetScrollInfo
CreateCursor
EnableMenuItem
HiliteMenuItem
FrameRect
DrawIcon
MonitorFromPoint
ShowWindowAsync
GetCursorPos
SetWindowLongA
SetDlgItemInt
GetWindowDC
ClipCursor
BeginDeferWindowPos
TranslateAcceleratorA
GetDC

kernel32

HeapFree
GetSystemWindowsDirectoryA
DeleteCriticalSection
DisconnectNamedPipe
GlobalAddAtomW
SetFileAttributesW
AddAtomA
EnumResourceNamesA
WaitForSingleObject
GetModuleHandleA
GetCommandLineW
OpenFile
RegisterWaitForSingleObject
GlobalSize
TlsGetValue
EnumResourceNamesW
SetCommTimeouts
GetComputerNameExW
GlobalLock
CreateNamedPipeW
LoadLibraryExA
GlobalAlloc
GlobalFindAtomW
WinExec
SetLocalTime
CreateRemoteThread
SetCommMask
RtlUnwind
GetCommandLineA
lstrcpynA
GetStdHandle
SetThreadAffinityMask
CreateFileW
FindFirstFileW
SetSystemTimeAdjustment
EnumResourceLanguagesA
CloseHandle
CompareStringW
SetFileApisToOEM
HeapLock
GlobalMemoryStatus

msvcrt

isalnum
_controlfp
system
__set_app_type
__p__fmode
setlocale
strchr
__p__commode
qsort
wcspbrk
isalpha
wcstoul
isdigit
ftell
isspace
_amsg_exit
_initterm
printf
_acmdln
putc
vswprintf
floor
exit
isprint
_ismbblead
_XcptFilter
strspn
_exit
_cexit
realloc
fputs
fputc
__setusermatherr
__getmainargs
tolower
fgets
isxdigit
wcscmp
fprintf
gmtime

Exports

Exports

?SendComponentOriginal@@YGPAIMJ&U
?IsPointW@@YGXG&U
?NameExA@@YGKPADPA_N&U
?CancelFilePath@@YGK_NPAFF&U
?LoadCharOld@@YGPA_NNPAK&U
?ShowConfigExW@@YGM_NJ&U
?CloseFolderExW@@YGIE&U
?ValidateFullNameNew@@YGPAXPAK&U
?FreeProjectNew@@YGPA_N_N&U
?SendProcess@@YGXMKKG&U
?KillFunctionExW@@YGPAJMD&U
?ShowVersionOriginal@@YGIMPADHPAJ&U
?IncrementSystemOriginal@@YGPAGPADF&U
?CrtRectOld@@YGPAEPAH&U
?IsNotExpressionNew@@YGFM&U
?LoadFileA@@YGNKIFE&U
?FreeDirectoryA@@YGEJDPAIJ&U
?RectExW@@YGPAJFPAI&U
?SetValueOriginal@@YGFGPADFM&U
?GlobalProcessExW@@YGPAIFNEE&U
?FormatScreenEx@@YGPADKPAGPADH&U
?CrtCommandLineExW@@YGFE&U
?IncrementWindowInfo@@YGHDPAD&U
?IsNotProviderA@@YGPAGDPAEPA_NPAN&U
?ValidateClass@@YGPAMPAGPAIPAMPAD&U
?FreeSystemEx@@YGPAFH_ND&U
?HideSection@@YGJIK&U
?CloseStateExA@@YGID&U
?PutObjectNew@@YGGK&U
?DecrementObjectA@@YGXPAIDPAG&U
?FormatFilePathOld@@YGIDFJ&U
?KillAppNameA@@YGEDPAEHPAG&U
?ProcessA@@YGXJPAD&U
?GenerateKeyNameW@@YGGND&U
?PutFile@@YGPAXPAIJKG&U
?ShowSectionNew@@YGGMPAK&U

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78fa33b94d9d07c5b279bcfa1cbadd49

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

comctl32

user32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 85KB

.imdat Size: 1024B - Virtual size: 876B

.edata Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 57KB

.rsrc Size: 106KB - Virtual size: 105KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 85KB - Virtual size: 85KB

.imdat
Size: 1024B - Virtual size: 876B

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 57KB

.rsrc
Size: 106KB - Virtual size: 105KB

.reloc
Size: 2KB - Virtual size: 1KB