8b04af13b729b0634b1a3c83e5758f25aecb708480bf2e3df524e889b305c621

Resubmissions

18-03-2024 13:45

240318-q2hzhaab76 10

Sharing

Copy URL

Twitter E-mail

General

Target

8b04af13b729b0634b1a3c83e5758f25aecb708480bf2e3df524e889b305c621
Size

1020KB
MD5

496f86f951e1dbd3c4534d51a5297668
SHA1

1199c5f30f5724841905cbdb9787649d15aae3d5
SHA256

8b04af13b729b0634b1a3c83e5758f25aecb708480bf2e3df524e889b305c621
SHA512

382abc596081ca5d0fdea39b12afe433e446cd50f59e4abca818162d96e46465beb1cda631109083071e7c050af6bfcf867be41d02c1e2ebe5dd99f61f45d510
SSDEEP

24576:es0fVWVbd8fKT0KqTAFFCa/2yDEmdvAkomBbOsn51D:es0fVWVR8fKTeU1imBbl51D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b04af13b729b0634b1a3c83e5758f25aecb708480bf2e3df524e889b305c621

Files

8b04af13b729b0634b1a3c83e5758f25aecb708480bf2e3df524e889b305c621
.exe windows:5 windows x86 arch:x86

caeae43a095cc441a32b8fb2f33dae42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
LoadLibraryExW
GetModuleFileNameW
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
lstrlenA
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
GetCommandLineA
RtlUnwind
RaiseException
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
LCMapStringW
HeapReAlloc
GetStringTypeW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
SetStdHandle
WriteConsoleW
DecodePointer
EncodePointer
SetConsoleTitleA
GetUserDefaultLangID
EnumTimeFormatsA
lstrcpyW
CreatePipe
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemInfo
CloseHandle
LoadResource
WaitForMultipleObjects
GetLastError
GetCurrentProcess
GetProcessHeap
HeapFree
MultiByteToWideChar
GetFullPathNameA
FindResourceExW
GetModuleHandleW
GetModuleHandleA
CreateFileW
TerminateProcess
lstrlenW
HeapAlloc
HeapCreate
GlobalAlloc
GetProcAddress

user32

MoveWindow
DialogBoxParamA
TranslateMessage
UpdateLayeredWindow
GetMessagePos
PostQuitMessage
SetClipboardData
GetMessageA
ShowWindow
CreateWindowExA
GetDlgItem
RegisterClassExA
GetKeyboardLayout
EmptyClipboard
CharLowerBuffA
SendMessageA
CloseClipboard
DefWindowProcA
SetFocus
RegisterHotKey
SetMessageQueue
OpenClipboard
DispatchMessageA
GetFocus
keybd_event
EnableWindow
GetSystemMetrics
wsprintfA
EndDialog
CreatePopupMenu
AppendMenuA
GetCursorInfo
SetScrollInfo
LoadStringW
GetIconInfo
CopyIcon
DrawIconEx
CopyImage
CreateIcon
LoadIconA
LoadCursorA
CallNextHookEx
GetTopWindow
EnumWindows
GetParent
GetWindowLongA
PtInRect
WindowFromPoint
GetCursorPos
SetCursorPos
MessageBoxA
GetWindowRect
GetClientRect
SetWindowTextA
SetScrollRange
SetScrollPos
GetWindowRgn
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
GetDC
TrackPopupMenu

gdi32

CreateCompatibleDC
CreateRectRgn
CreateSolidBrush
CreateCompatibleBitmap
CreateBitmap
SetBkMode
DeleteDC
GdiFlush
ExtTextOutA
CombineRgn
SelectObject
GetStockObject
GetPixel
Ellipse
DeleteObject

winspool.drv

SetPrinterDataExA
DeviceCapabilitiesA

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyA
GetTokenInformation
AllocateAndInitializeSid
FreeSid
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
OpenProcessToken
RegCloseKey
CheckTokenMembership
LookupPrivilegeNameA

shell32

Shell_NotifyIconA
SHBrowseForFolderA

ole32

CoTaskMemAlloc

oleaut32

VariantInit
UnRegisterTypeLi
VariantChangeTypeEx
LoadTypeLibEx

ws2_32

WSCEnumProtocols

winscard

SCardEndTransaction

winmm

timeGetTime

shlwapi

StrCmpNIA
PathAppendA
StrFormatByteSizeA

comctl32

ImageList_Remove
ImageList_Draw
ord17
ImageList_Create

pdh

PdhCollectQueryData
PdhAddCounterA
PdhGetFormattedCounterValue
PdhOpenQueryA

rpcrt4

RpcServerUseProtseqEpA
RpcServerRegisterIfEx

gdiplus

GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDisposeImage
GdipCreateFromHDC
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipCloneImage
GdipDrawImageI
GdipDeleteGraphics

opengl32

glLoadIdentity
glClear
glMatrixMode

imm32

ImmSetOpenStatus
ImmGetOpenStatus
ImmGetConversionStatus
ImmReleaseContext
ImmGetContext
ImmGetDescriptionA
ImmIsIME

setupapi

CM_Query_Resource_Conflict_List
CM_Query_Arbitrator_Free_Size
CM_Query_Remove_SubTree

uxtheme

OpenThemeData
GetThemeSysSize
CloseThemeData

powrprof

GetPwrCapabilities

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 903KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

caeae43a095cc441a32b8fb2f33dae42

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

winscard

winmm

shlwapi

comctl32

pdh

rpcrt4

gdiplus

opengl32

imm32

setupapi

uxtheme

powrprof

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 903KB - Virtual size: 1.7MB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 903KB - Virtual size: 1.7MB