d763bd33cfa2529cbe4d12c2d892240f

Sharing

Copy URL

Twitter E-mail

General

Target

d763bd33cfa2529cbe4d12c2d892240f
Size

505KB
MD5

d763bd33cfa2529cbe4d12c2d892240f
SHA1

20c1dfa4094bd52d33895f7593de4ad43dd5a3db
SHA256

10f288dcc1369af37e039c1392d9b03ca15984164f8e0bcff9636bd4050a951d
SHA512

7462a9f92e0b55b3fcf19e332a49751b8f8eb5d19ed0039b9a219243d63e5d3bcb099df61b5c031e0633ae288ad89edcb98b11219d690aa17b4abf403595c6ff
SSDEEP

6144:dr5afBhXaLrf8vI++qE5tgxwYaa7H16XYIGreX96AkT/1gYS5j3yngCkUBPjbOWM:R2hXaPvXecXYIV9BkhgcngZUhjbv4I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d763bd33cfa2529cbe4d12c2d892240f

Files

d763bd33cfa2529cbe4d12c2d892240f
.exe windows:4 windows x86 arch:x86

631975b5e8541b77f15df91f1a89bc22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptEncrypt
CryptDuplicateKey
RegQueryInfoKeyW
LookupPrivilegeDisplayNameA
CryptGetDefaultProviderA
CryptReleaseContext
RegEnumValueA
CreateServiceW
RegOpenKeyExW
CryptExportKey
CryptDecrypt
AbortSystemShutdownA
RegLoadKeyA
LookupAccountNameW
RegQueryValueW
CryptGenRandom
LogonUserW
CryptDuplicateHash
RegRestoreKeyA
RegQueryInfoKeyA
CryptHashSessionKey
RegDeleteValueA
LogonUserA

user32

RegisterClassA
RegisterClassExA
GetWindowRect
GetMessageTime
SwapMouseButton
RegisterDeviceNotificationA
GetMenuStringW
ToAsciiEx
SetThreadDesktop
GetWindowInfo
ShowWindow
GetMessageA
RemovePropA
SetWindowsHookExA
AdjustWindowRectEx
DdeCreateStringHandleW
GetKBCodePage
GetMenu
DdeInitializeA
WindowFromDC
TrackMouseEvent
SetMenuItemInfoW
InsertMenuW
CloseClipboard
SetDeskWallpaper
SetClassWord

comctl32

InitCommonControlsEx

kernel32

WideCharToMultiByte
GetCurrentProcessId
CloseHandle
InterlockedExchange
IsValidLocale
GetProfileStringA
HeapReAlloc
SetConsoleCursorPosition
CreateToolhelp32Snapshot
VirtualProtect
CommConfigDialogW
LoadLibraryA
OpenMutexA
InitializeCriticalSection
GetLastError
GetOEMCP
FindAtomA
GetProcAddress
ExpandEnvironmentStringsA
GlobalAddAtomW
GetCompressedFileSizeA
SetLastError
SetHandleCount
FindFirstFileExA
FreeEnvironmentStringsW
GetFileType
SetEnvironmentVariableA
TerminateProcess
GetTickCount
HeapDestroy
TlsSetValue
GetShortPathNameW
AddAtomA
GetStringTypeW
GetCommandLineA
HeapCreate
WriteFile
SetVolumeLabelA
QueryPerformanceCounter
FlushFileBuffers
SetFilePointer
EnumSystemLocalesA
GetTimeZoneInformation
VirtualQuery
SetStdHandle
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
ReadFile
GetCPInfo
CompareStringA
GetSystemTimeAsFileTime
GetStartupInfoA
GetSystemInfo
GetACP
GlobalLock
ExitProcess
GetModuleHandleA
LCMapStringA
GetCommandLineW
GetTimeFormatA
GetEnvironmentStringsW
VirtualAlloc
MultiByteToWideChar
EnterCriticalSection
GetCurrentProcess
TlsAlloc
GetUserDefaultLCID
CompareStringW
GetStartupInfoW
RtlUnwind
GetEnvironmentStrings
GetNamedPipeHandleStateA
LCMapStringW
GetCurrentThreadId
GetDateFormatA
CreateMutexA
VirtualFree
GetStdHandle
GetProfileSectionW
ReleaseMutex
FreeEnvironmentStringsA
TlsGetValue
GetModuleFileNameW
HeapAlloc
GetDriveTypeW
DeleteCriticalSection
IsBadWritePtr
HeapFree
GetVersionExA
TlsFree
LeaveCriticalSection
IsValidCodePage
GetStringTypeA
LoadModule
HeapSize
GetCurrentThread
UnhandledExceptionFilter

wininet

SetUrlCacheConfigInfoA
RetrieveUrlCacheEntryFileA
InternetQueryOptionA
FtpCreateDirectoryA
GopherGetLocatorTypeW
HttpEndRequestA

gdi32

GetMetaFileW
GetKerningPairsW
GetMetaFileBitsEx
Escape
LineTo
LineDDA
StretchDIBits
EnumEnhMetaFile
SelectClipRgn
GetTextExtentPoint32W
GetEnhMetaFileHeader
GetTextMetricsW
GetStretchBltMode
ExtCreateRegion
GetMetaRgn
CreateBitmap
FloodFill
ScaleViewportExtEx
EnumFontFamiliesExW

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

631975b5e8541b77f15df91f1a89bc22

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

wininet

gdi32

Sections

.text Size: 178KB - Virtual size: 178KB

.rdata Size: 9KB - Virtual size: 30KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 178KB - Virtual size: 178KB

.rdata
Size: 9KB - Virtual size: 30KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 1KB - Virtual size: 1KB