d4cdc604a388bbbf48142a2cf236c5da

Sharing

Copy URL Twitter E-mail

General

Target

d4cdc604a388bbbf48142a2cf236c5da
Size

996KB
MD5

d4cdc604a388bbbf48142a2cf236c5da
SHA1

9e74254b4b8e5a0957337f4084552fdd67937af6
SHA256

3354a0c4f9befa50ec984410461f74c44381fb9e7ddbd8d5070f0ad11ff8ee96
SHA512

189ab845310b5b57c0cb3d2c044897da1c06b9b161e29d71f665182ecbf178ab452fb189e7519bcd43357c813585bbd3c1d7a39870a72eb7b53ee84920c79e32
SSDEEP

24576:1hneke1Y06QL+OCb7cGFb544E4NHR82suLg:DekQY06QLTicG44E4NW3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4cdc604a388bbbf48142a2cf236c5da

Files

d4cdc604a388bbbf48142a2cf236c5da
.exe windows:4 windows x86 arch:x86

932e2f271f2fe584466f8f7a82677aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetUserDefaultLangID
GetACP
GetModuleHandleA
GetLocalTime
GetVersionExA
GetVersion
ExitProcess
GetExitCodeProcess
WaitForSingleObject
GetWindowsDirectoryA
SetCurrentDirectoryA
CreateProcessA
CreateDirectoryA
SetConsoleTitleA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
FindResourceA
GetModuleFileNameA
GetCommandLineA
ReadFile
GetFullPathNameA
FreeConsole
SetVolumeLabelA
SetEndOfFile
SetLocalTime
WritePrivateProfileStringA
RemoveDirectoryA
FindClose
GetVolumeInformationA
GetLogicalDrives
FindFirstFileA
CopyFileA
MoveFileA
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetDriveTypeA
FindNextFileA
GetPrivateProfileStringA
LockResource
SizeofResource
LoadResource
LoadLibraryA
SetFilePointer
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileSize
VirtualAlloc
GetStdHandle
MultiByteToWideChar
lstrlenW
CloseHandle
CompareStringA
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
GetDiskFreeSpaceA
VirtualFree
AllocConsole
DeleteFileA
WideCharToMultiByte
WriteFile
CreateFileA
lstrlenA
RaiseException

user32

GetDC
GetCursorPos
PostQuitMessage
DefWindowProcA
MessageBoxA
EnableWindow
ReleaseDC
DestroyWindow
CharToOemBuffA
OemToCharBuffA
IsIconic
EndPaint
BeginPaint
FillRect
SetKeyboardState
GetKeyboardState
PeekMessageA
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
KillTimer
SetTimer
SetWindowPlacement
GetWindowPlacement
SetCursor
GetClientRect
ShowCursor
InvalidateRect
LoadIconA
IsWindow
RegisterClassA
CreateWindowExA
SetWindowLongA
ShowWindow
SetFocus
GetWindowRect
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
GetForegroundWindow
GetSystemMetrics
LoadKeyboardLayoutA
GetDlgItem
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
CharLowerA
CharUpperA
CreateCursor
DestroyIcon
DestroyCursor
GetWindow
GetWindowLongA
RegisterWindowMessageA
ScreenToClient
GetKeyState
GetAsyncKeyState
ClientToScreen
MoveWindow
SendMessageA
LoadCursorA
IsZoomed
UpdateWindow
EndDialog
DialogBoxParamA
AdjustWindowRectEx
GetClassNameA
GetSysColor

gdi32

CreatePalette
DeleteObject
SetBkColor
SetTextColor
StretchDIBits
SetStretchBltMode
SelectPalette
CreateFontA
CreateSolidBrush
DeleteDC
GetDIBits
GetStockObject
GetTextExtentPoint32A
SelectObject
TextOutA
CreateBitmap
BitBlt
CreateCompatibleDC
GetDeviceCaps
CreateDCA
CreateCompatibleBitmap
EnumFontFamiliesA
CreateHatchBrush
RealizePalette

msacm32

acmStreamOpen
acmFormatSuggest
acmStreamClose
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader

winmm

waveOutRestart
waveOutPrepareHeader
waveOutReset
waveOutGetPosition
joyGetPos
waveOutPause
waveOutWrite
joyGetDevCapsA
waveOutOpen
waveOutUnprepareHeader
waveOutClose
mciSendCommandA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
FindTextA

comctl32

ord17
ord6

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ExtractIconA

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rtexts
Size: 836KB - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

932e2f271f2fe584466f8f7a82677aea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msacm32

winmm

comdlg32

comctl32

advapi32

shell32

Sections

.text Size: 188KB - Virtual size: 186KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 32KB - Virtual size: 31KB

.rtexts Size: 836KB - Virtual size: 836KB

.text
Size: 188KB - Virtual size: 186KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 32KB - Virtual size: 31KB

.rtexts
Size: 836KB - Virtual size: 836KB