d55343f7e7e122910525faf690e265b7

Sharing

Copy URL

Twitter E-mail

General

Target

d55343f7e7e122910525faf690e265b7
Size

340KB
MD5

d55343f7e7e122910525faf690e265b7
SHA1

4aaadf50cb4f887acfb3ae8d6502d236f7d65aa9
SHA256

5abd83d0831d95b9e2fe48205f337f8b568f28b6a9ba3168f4d6c0ec74b1f447
SHA512

a8178c974a329c9b51f9f740a6e8a7f78f01a20316aa74e82bd6299a179d2a291853f17e0704cd8e4ffbdc1c5496e60b67d5170d67f4e141b48fb2d30ab08a52
SSDEEP

6144:wsqb90MiVH38GAaWEwHvQzXVLR2oMnOEXiv:r2eMihvAaWTPQzXVN2oYOTv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d55343f7e7e122910525faf690e265b7

Files

d55343f7e7e122910525faf690e265b7
.exe windows:4 windows x86 arch:x86

5b6bdd99e332e30032a5169e345d5dc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
LocalReAlloc
GlobalAlloc
TlsGetValue
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
FreeLibrary
GlobalReAlloc
MulDiv
GlobalFree
GlobalHandle
GetOEMCP
HeapFree
RtlUnwind
HeapAlloc
GetProcessVersion
GlobalFlags
GetCommandLineA
ExitProcess
SetStdHandle
GetFileType
GetCPInfo
GetACP
GetVersion
lstrcpynA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpiA
LocalFree
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
ExpandEnvironmentStringsA
TlsAlloc
LocalAlloc
FileTimeToLocalFileTime
lstrcatA
GlobalUnlock
FileTimeToSystemTime
GlobalLock
SetLastError
GetCurrentThreadId
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcmpA
GetVolumeInformationA
GetFullPathNameA
GetProcAddress
lstrcpyA
LoadLibraryA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
SetFileAttributesA
GetCurrentProcess
DuplicateHandle
CloseHandle
CreateFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLastError
GetFileTime
FindFirstFileA
FindClose
GetTickCount
GetFileSize
GetFileAttributesA
HeapSize
HeapReAlloc
InterlockedDecrement
TerminateProcess
RaiseException
GetStartupInfoA
GetTimeZoneInformation

user32

GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
CreateDialogIndirectParamA
EndDialog
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
LoadCursorA
CallWindowProcA
RemovePropA
ReleaseDC
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
PostThreadMessageA
GetWindowTextA
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
LoadStringA
GetSystemMetrics
ShowWindow
SetWindowTextA
IsDialogMessageA
CharUpperA
RegisterClipboardFormatA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
EnableWindow
MessageBoxA
GetMessageTime
GetSysColorBrush
GetMessagePos
UpdateWindow
LoadIconA
PostMessageA
GetSysColor
SendDlgItemMessageA
MapWindowPoints
SetFocus
SetActiveWindow
IsWindow
AdjustWindowRectEx
SetPropA
GetPropA
SetWindowPos
GetMenu

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstance

oleaut32

VariantClear
SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen

comctl32

ord17

oledlg

ord8

gdi32

SaveDC
DeleteDC
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DeleteObject
GetStockObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
ScaleWindowExtEx
RestoreDC
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
SelectObject
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 192KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b6bdd99e332e30032a5169e345d5dc7

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

comctl32

oledlg

gdi32

winspool.drv

comdlg32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 30KB

.vmp0 Size: 192KB - Virtual size: 1.3MB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 30KB

.vmp0
Size: 192KB - Virtual size: 1.3MB