d72ffe04e7a49ae1adec7782c0ff015b

Sharing

Copy URL Twitter E-mail

General

Target

d72ffe04e7a49ae1adec7782c0ff015b
Size

480KB
MD5

d72ffe04e7a49ae1adec7782c0ff015b
SHA1

1c1fc5e32cfd8681d2848afcf87774543c4c44a1
SHA256

e258ba39fc271aa7bce178719c2abd082727f3415a3b8043c8c4bf2d7c1f8b50
SHA512

298dfb5a2602b26807d915836ddf488bf497f5de7151c5f26295cbabd7292e08651acfd2694600309e668f9aab719856c487a5d57a5db974ef1205e42ac390ec
SSDEEP

12288:a9dSErV8HtndfKK37kVB8sNInt9nExGyHdIEzjwT0gLh/304CjPRdRtDLN+5KRqT:aWErV8HtnjOfe/36jJdRtDLN+5Sj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d72ffe04e7a49ae1adec7782c0ff015b

Files

d72ffe04e7a49ae1adec7782c0ff015b
.exe windows:4 windows x86 arch:x86

10d96472558b789f160ae9955e3ce684

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
inet_ntoa
inet_addr
select
sendto
closesocket
setsockopt
WSAStartup
WSACleanup
WSASocketA
WSAGetLastError
gethostbyname

kernel32

SetFilePointer
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
FormatMessageA
DeviceIoControl
GetDiskFreeSpaceA
GetVersion
GetSystemInfo
lstrcmpiA
GetCurrentProcessId
GetLongPathNameA
SuspendThread
ResumeThread
ExitProcess
InterlockedDecrement
VirtualFree
HeapCreate
HeapDestroy
SetEndOfFile
TerminateProcess
SetHandleCount
SetStdHandle
GetLocalTime
MoveFileA
GetCPInfo
HeapSize
HeapReAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
RaiseException
HeapAlloc
SetFileTime
GetTimeZoneInformation
GetFileType
MultiByteToWideChar
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
RtlUnwind
SetLocalTime
FindResourceA
LoadResource
LockResource
ExitThread
CreateThread
SetThreadPriority
GlobalGetAtomNameA
FreeLibrary
GetLastError
GetFileInformationByHandle
GetVersionExA
WinExec
GetVolumeInformationA
GetACP
GlobalDeleteAtom
WideCharToMultiByte
GetLogicalDrives
GetDriveTypeA
GetWindowsDirectoryA
GetCurrentProcess
GetStdHandle
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
CreateDirectoryA
OpenFile
WaitForSingleObject
ResetEvent
SetEvent
GetTickCount
CreateEventA
LocalSize
CreateFileA
LocalFree
WriteFile
CloseHandle
MulDiv
GlobalAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
GlobalLock
lstrcpyA
lstrlenA
GlobalUnlock
GlobalFree
GetModuleFileNameA
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
LocalAlloc
ReadFile
GetModuleHandleA
SetFileAttributesA
GetSystemDefaultLangID
GetPrivateProfileStringA
GetSystemDirectoryA
ExpandEnvironmentStringsA
FindNextFileA
RemoveDirectoryA
FindFirstFileA
FindClose
Sleep
GetFileSize
WritePrivateProfileStringA
OutputDebugStringA
CopyFileA
DeleteFileA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
GetComputerNameA
LoadLibraryA
GetSystemTime
GetProcAddress
CompareStringW
GetOEMCP
VirtualAlloc

user32

CharLowerBuffA
GetSysColor
CheckMenuRadioItem
CheckMenuItem
EnableMenuItem
IsWindow
GetWindowLongA
GetSubMenu
PeekMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
GetMenuState
ExitWindowsEx
SetDlgItemInt
SetCapture
ReleaseCapture
DialogBoxParamA
GetDlgItem
BeginPaint
EndPaint
CreateDialogParamA
UpdateWindow
ScreenToClient
CreatePopupMenu
AppendMenuA
IsWindowEnabled
ShowCursor
TranslateAcceleratorA
IsDialogMessageA
GetMessageA
LoadAcceleratorsA
LoadMenuA
PostQuitMessage
SetForegroundWindow
TrackPopupMenu
DestroyMenu
SetWindowTextA
LoadIconA
DestroyWindow
SetWindowLongA
GetActiveWindow
SetFocus
IsIconic
MessageBoxA
LoadCursorA
SetCursor
EnumDisplaySettingsA
LoadBitmapA
ShowWindow
LoadStringA
GetAsyncKeyState
CallWindowProcA
SetWindowPos
GetClientRect
MoveWindow
PostMessageA
GetSystemMetrics
GetForegroundWindow
GetParent
GetWindowThreadProcessId
GetWindowTextA
IsWindowVisible
GetWindowRect
SetTimer
GetCursorPos
KillTimer
DefWindowProcA
wsprintfA
FindWindowA
SendMessageA
RegisterClassA
CreateWindowExA
EndDialog
GetWindow
GetDC
ReleaseDC
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
WinHelpA
EnableWindow

gdi32

CreatePatternBrush
Rectangle
SetBkColor
SetTextColor
CreatePen
MoveToEx
ExtTextOutA
CreateHatchBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
DeleteObject
GetDeviceCaps
CreateFontA
GetTextExtentPointA
SetBkMode
SetDIBitsToDevice
RealizePalette
SelectPalette
UnrealizeObject
CreatePalette
CreateDIBSection
CreateSolidBrush

advapi32

ControlService
RegEnumKeyExA
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
QueryServiceStatus
StartServiceA
CloseServiceHandle
CreateServiceA
OpenServiceA
OpenSCManagerA
RegOpenKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
AllocateAndInitializeSid
GetUserNameA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
FreeSid

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
CoCreateGuid

oleaut32

SysAllocString
SysFreeString
VariantClear

comctl32

ord6
ord17
PropertySheetA
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
CreateToolbarEx

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

rpcrt4

UuidToStringA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA

hudcomm

ord2

huft

ord2

hufwalk

ord2

hulib

ord4

hulog

ord2

huregn

ord2

huuacnt

ord2

huui

ord3
ord4
ord2

huinven

ord2

huncomm

ord2

Sections

.text
Size: 384KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10d96472558b789f160ae9955e3ce684

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

rpcrt4

setupapi

hudcomm

huft

hufwalk

hulib

hulog

huregn

huuacnt

huui

huinven

huncomm

Sections

.text Size: 384KB - Virtual size: 382KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 64KB - Virtual size: 143KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 384KB - Virtual size: 382KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 64KB - Virtual size: 143KB

.rsrc
Size: 8KB - Virtual size: 4KB