d763469717105b7e70d54eede6b105ee

Sharing

Copy URL Twitter E-mail

General

Target

d763469717105b7e70d54eede6b105ee
Size

504KB
MD5

d763469717105b7e70d54eede6b105ee
SHA1

b068f57964fb5b67dec2f5cbdaa2e08a9b5a84f1
SHA256

e490eb83292ffa5732324938506bfb5032bec805e2f2c02157e8e0a65f917e62
SHA512

8524574df40ac22499001d8a510a4970a6f322dacab2ef38164cbb1e6795dfa566eeabdb4378d22fdb9b485dae9cb93fcf1d678b8f34ecaaa08730b0da59ac30
SSDEEP

12288:NVfmBCbkxIkMDN3jM6QgxEQfQVGRyJzhg+EPFY9VWdIYJ:DmBCbgIyz1yaOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d763469717105b7e70d54eede6b105ee

Files

d763469717105b7e70d54eede6b105ee
.exe windows:4 windows x86 arch:x86

09ca7f978944dc788fed1fd6c49dc296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathW
FindClose
FindFirstFileW
GetShortPathNameW
GetCurrentDirectoryW
GetFileAttributesW
TlsSetValue
LocalAlloc
GlobalSize
CloseHandle
FindNextFileW
GetVersionExW
lstrcatW
lstrcpyW
lstrlenW
lstrcpynW
GetFullPathNameW
IsBadStringPtrW
MultiByteToWideChar
IsBadWritePtr
GetNumberFormatW
GetLocaleInfoW
CompareFileTime
GetDateFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTimeFormatW
IsBadReadPtr
LockResource
LoadResource
FindResourceW
GlobalLock
lstrcmpiW
GlobalAlloc
GlobalFree
GetModuleHandleA
lstrcmpiA
lstrcmpW
GetProcAddress
GlobalUnlock
WideCharToMultiByte
LoadLibraryW
GetModuleFileNameW
LocalFree
CompareStringW
CreateFileW
LoadLibraryExW
OutputDebugStringW
FreeLibrary
FormatMessageW
HeapCreate
CreateSemaphoreA
CreateEventA
RegisterWaitForSingleObject
SetEvent
HeapDestroy
Sleep
DisableThreadLibraryCalls
InterlockedIncrement
lstrcpyA
ReleaseSemaphore
GetCommandLineA
IsBadCodePtr
VirtualProtect
GetStartupInfoA

user32

KillTimer
InflateRect
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
SetClipboardViewer
ChangeClipboardChain
ShowCursor
SetCursor
IsWindowVisible
GetWindowTextW
IsWindowEnabled
GetDlgItemInt
CheckRadioButton
CreateWindowExW
ShowWindow
GetParent
DestroyIcon
wsprintfW
PostMessageW
GetDlgItemTextW
SetWindowLongW
SetDlgItemTextW
SendDlgItemMessageW
SetWindowTextW
GetPropW
GetLastActivePopup
ScreenToClient
SetTimer
GetClipboardFormatNameW
GetCursorPos
GetWindow
ChildWindowFromPointEx
GetDlgCtrlID
GetWindowRect
GetDC
ReleaseDC
SetWindowPos
RemovePropW
SetPropW
GetWindowLongW
DialogBoxIndirectParamW
IsWindow
LoadIconW
IsIconic
SetForegroundWindow
EndDialog
LoadStringW
MessageBoxW
SetFocus
GetFocus
GetForegroundWindow
EnableWindow
GetDesktopWindow
GetDlgItem
GetWindowThreadProcessId
SendMessageW
AttachThreadInput
DeleteMenu
CreatePopupMenu
InsertMenuW
DestroyMenu
GetActiveWindow
GetMenu
DrawMenuBar
CharPrevW
CheckDlgButton
LoadCursorW
FillRect
RegisterWindowMessageW
GetSysColor
DrawIcon
DrawFocusRect
GetSystemMetrics
IsDlgButtonChecked
InvalidateRect
UpdateWindow
DestroyWindow
GetClientRect
MapWindowPoints
CharNextW

advapi32

RegCloseKey
RegOpenKeyExW
CloseServiceHandle
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegQueryValueExW

gdi32

GetMetaFileBitsEx
SetTextColor
CreateSolidBrush
SetBkMode
SetBkColor
ExtTextOutW
SetViewportExtEx
EnumMetaFile
PlayMetaFile
RestoreDC
PlayMetaFileRecord
GetStockObject
SelectObject
GetTextMetricsW
DeleteObject
GetObjectW
CreateFontIndirectW
DeleteDC
CreateICW

ole32

CoTaskMemFree
CoTaskMemRealloc
OleGetClipboard
OleQueryLinkFromData
CoGetMalloc
OleGetIconOfFile
GetClassFile
CLSIDFromProgID
OleMetafilePictFromIconAndLabel
ReleaseStgMedium
OleDuplicateData
OleRegGetUserType
StringFromCLSID
CLSIDFromString
OleGetIconOfClass
IsValidInterface

msvcrt

_CxxThrowException
_adjust_fdiv
_initterm
free
_ltoa
_except_handler3
iswalpha
wcschr
memmove
_exit
_XcptFilter
exit
_acmdln
__getmainargs
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_controlfp
malloc

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 428KB - Virtual size: 855KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09ca7f978944dc788fed1fd6c49dc296

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 428KB - Virtual size: 855KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 428KB - Virtual size: 855KB

.rsrc
Size: 8KB - Virtual size: 4KB