ca8d5f2661e3015a600ab1590bdaef94

Sharing

Copy URL Twitter E-mail

General

Target

ca8d5f2661e3015a600ab1590bdaef94
Size

360KB
MD5

ca8d5f2661e3015a600ab1590bdaef94
SHA1

938abc75c276315a87688884f4d83b633d7841b1
SHA256

2789484ef43f23deebcd3b1cd973a96aed7e9ffe8058fb8260d791176ce12171
SHA512

a02b697e2dc4d73006592ecd5a2eea07c0bc4cab13bd65f7870972470976e248906c522aa1014efff975392b0d05e1361285eb7158ef88f0f0d3f3096b33b0ba
SSDEEP

6144:GnSOwjicQVfFdkO30Gb5tTmtAQldhq/lFJLaTJcJKlwCmxrbsaT9zBeth+OCS+U6:gS4dDFQls3RmcJQZmxEOBethFyUWt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca8d5f2661e3015a600ab1590bdaef94

Files

ca8d5f2661e3015a600ab1590bdaef94
.exe windows:4 windows x86 arch:x86

c5f0ad20acf70e332fdc0c433e4bd824

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\echqjiyexo\rxkqohoroj.pdb

Imports

user32

ScrollWindowEx
FindWindowExA
DlgDirSelectExA
GetDlgItemTextW
SubtractRect
GetKeyNameTextA
FillRect
GetClientRect
CheckRadioButton
GetWindow
ChangeClipboardChain
AdjustWindowRectEx
SetUserObjectInformationA
UnregisterDeviceNotification
DestroyWindow
CreateCaret
CloseWindowStation
SendMessageA
PtInRect
GrayStringA
GetGUIThreadInfo
InflateRect
LoadCursorFromFileW
GetParent
IsWindowVisible
DefWindowProcW
GetLastActivePopup
RegisterHotKey
SetClipboardViewer
GetMenuState
CharUpperBuffW
GetWindowModuleFileNameA
GetWindowTextW
SendIMEMessageExW
GetMenuItemCount
SetDlgItemInt
WINNLSGetIMEHotkey
TabbedTextOutW
GetActiveWindow
ArrangeIconicWindows
DrawStateW
DefMDIChildProcW
MessageBoxA
LoadStringA
DdeUnaccessData
EnumClipboardFormats
GetMenuStringA
GetSystemMetrics
LoadKeyboardLayoutA
RegisterClassA
IsCharAlphaW
OffsetRect
GetWindowRgn
SetProcessDefaultLayout
SetScrollPos
CharToOemBuffA
ToAsciiEx
ValidateRect
LoadKeyboardLayoutW
UnregisterClassW
SetTimer
SetDeskWallpaper
IsCharAlphaNumericW
GetScrollPos
CharPrevW
TrackPopupMenu
GetMenuContextHelpId
CreateIconIndirect
CreateWindowStationW
ShowWindow
CharNextExA
GetListBoxInfo
DestroyCaret
LoadAcceleratorsW
GetSystemMenu
CharToOemA
DefDlgProcW
GetClassInfoExA
GetMenuCheckMarkDimensions
BlockInput
CallMsgFilter
EnumPropsExA
InsertMenuW
CreateWindowExW
AnimateWindow
LoadCursorA
EnumWindowStationsA
GetMessagePos
GetTabbedTextExtentA
CallMsgFilterA
SetMessageQueue
MoveWindow
UnhookWindowsHookEx
RegisterClassExA
MonitorFromWindow
GetOpenClipboardWindow
EnableMenuItem
WINNLSGetEnableStatus
GetNextDlgTabItem

shell32

SHGetPathFromIDListW
CommandLineToArgvW
SHQueryRecycleBinA
SHChangeNotify

gdi32

TranslateCharsetInfo
SetPixelV
GetGlyphOutlineA
CreateEnhMetaFileA
FrameRgn
CancelDC
GetCharacterPlacementA
CloseEnhMetaFile

kernel32

FlushFileBuffers
HeapFree
DeleteCriticalSection
ExitProcess
EnumSystemLocalesA
TerminateProcess
TlsAlloc
GetLastError
WideCharToMultiByte
LeaveCriticalSection
GetCommandLineA
GetDateFormatA
GetEnvironmentStrings
EnterCriticalSection
TlsGetValue
IsBadWritePtr
InitializeCriticalSection
QueryPerformanceCounter
HeapAlloc
SetLastError
GetModuleHandleA
GetCurrentProcess
HeapReAlloc
GetTickCount
GetStartupInfoA
GetCurrentThreadId
ReadFile
GetFileType
GetStdHandle
GetCPInfo
GetEnvironmentStringsW
GetLocaleInfoW
HeapSize
LockFile
LoadLibraryA
LCMapStringA
HeapCreate
CompareStringW
TlsFree
SetHandleCount
SetStdHandle
SetEnvironmentVariableA
MultiByteToWideChar
VirtualProtect
GetUserDefaultLCID
GetTimeFormatA
VirtualAlloc
GetPrivateProfileIntA
IsValidLocale
GetCurrentThread
LockFileEx
CloseHandle
GetLocaleInfoA
VirtualFree
CreateMutexA
LCMapStringW
HeapDestroy
GetTimeZoneInformation
GetSystemTimeAsFileTime
TlsSetValue
SetFilePointer
UnhandledExceptionFilter
GetACP
IsValidCodePage
OutputDebugStringA
GetStringTypeW
GetVersionExA
RtlUnwind
GetDriveTypeW
CompareStringA
GetStringTypeA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualQuery
GetOEMCP
GetSystemInfo
GetCurrentProcessId
lstrlenW
InterlockedExchange
WriteFile
GetModuleFileNameA
GetProcAddress
OpenMutexA

comctl32

CreatePropertySheetPageW
DrawInsert
ImageList_AddIcon
InitCommonControlsEx

comdlg32

GetFileTitleA

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f0ad20acf70e332fdc0c433e4bd824

Headers

File Characteristics

PDB Paths

Imports

user32

shell32

gdi32

kernel32

comctl32

comdlg32

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 92KB - Virtual size: 114KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 92KB - Virtual size: 114KB

.rsrc
Size: 32KB - Virtual size: 28KB