d61d0abd67faa11961cbd9c3e3c2cf17

Sharing

Copy URL

Twitter E-mail

General

Target

d61d0abd67faa11961cbd9c3e3c2cf17
Size

501KB
MD5

d61d0abd67faa11961cbd9c3e3c2cf17
SHA1

1607d74f72564dcef7643eabe8df816ccb947ddc
SHA256

45548276619848f7b73ef513b90598a9a253e80900a33599bfab8d1c5d7ef464
SHA512

7e5aa2d3f5fbec4333ec85a1460e0e84b356db6a43c0d7c28b8590cccbf96d68edaa576464e591b0d5653aff3034cd8681e22bb17007e87e63e54f365dee7db9
SSDEEP

6144:cl81M+bAyKBG95/1/LbgbBXn3RgjaqLlOsJXDuHCtkkpwBLGTOLZNr5uv+5drArm:iiXbBKBw/1/nSap4YKTLGTOLpeOA7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d61d0abd67faa11961cbd9c3e3c2cf17

Files

d61d0abd67faa11961cbd9c3e3c2cf17
.exe windows:4 windows x86 arch:x86

08ccce6f9ee95685db4ffabec986b0b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\nvvbg\sfk\isgpxlu\wjqlwqrsmz\oywp.pdb

Imports

user32

CloseWindow
GetPriorityClipboardFormat
CharPrevExA
SetCaretPos
LoadBitmapA
DdeGetLastError
DrawTextExA
RegisterClassExA
DestroyWindow
DefDlgProcA
CreateWindowExW
SendDlgItemMessageA
GetTabbedTextExtentA
CheckDlgButton
SetWindowsHookExW
MessageBoxW
ExitWindowsEx
LookupIconIdFromDirectory
DdeImpersonateClient
MessageBeep
MsgWaitForMultipleObjectsEx
DefWindowProcA
ShowWindow
DdeClientTransaction
ShowWindowAsync
RegisterClassA
ModifyMenuW
SetMenuItemBitmaps
CharPrevA
MapWindowPoints

comctl32

ImageList_GetIcon
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_GetImageRect
CreateUpDownControl
ImageList_GetIconSize
ImageList_Replace
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetFilter
CreateStatusWindowW
CreatePropertySheetPage
ImageList_SetImageCount
MakeDragList
InitCommonControlsEx
ImageList_DragMove
ImageList_Remove
GetEffectiveClientRect

kernel32

EnumResourceTypesA
GetACP
TlsSetValue
LCMapStringW
GetTickCount
HeapFree
CompareStringW
GetModuleFileNameW
MultiByteToWideChar
VirtualFree
InterlockedIncrement
GetModuleFileNameA
lstrcatW
UnhandledExceptionFilter
SetHandleCount
GetProcAddress
CreateMutexA
GetTempPathA
GetEnvironmentStrings
MoveFileW
InterlockedExchange
SetStdHandle
FreeEnvironmentStringsW
GetCommandLineA
InitializeCriticalSection
GetLastError
GetTimeZoneInformation
TlsGetValue
GetCPInfo
VirtualAlloc
GetStdHandle
GetStartupInfoA
CompareStringA
OpenMutexW
OpenMutexA
GetStringTypeA
GetFileType
GetCurrentThread
TlsFree
GetCurrentProcess
ReadFile
CloseHandle
IsValidLocale
VirtualQuery
HeapCreate
GetCurrentProcessId
LCMapStringA
GetSystemTimeAsFileTime
HeapDestroy
WritePrivateProfileStructW
FreeEnvironmentStringsA
GetCurrentThreadId
GetStartupInfoW
HeapAlloc
GetPriorityClass
GetCommandLineW
CreateDirectoryExW
FlushFileBuffers
GetSystemTime
InterlockedDecrement
ReadConsoleOutputCharacterA
GetEnvironmentStringsW
TerminateProcess
RtlUnwind
SetLastError
CreateEventA
HeapReAlloc
GetLocalTime
SetFilePointer
TlsAlloc
GetVersion
DeleteCriticalSection
WideCharToMultiByte
IsBadWritePtr
LoadLibraryA
WaitCommEvent
WriteFile
GetExitCodeThread
ExitProcess
EnterCriticalSection
GetTempPathW
GetProcessHeap
SetEnvironmentVariableA
QueryPerformanceCounter
GlobalFlags
GetStringTypeW
GetPrivateProfileSectionA
lstrcmpiW
GetModuleHandleA
LeaveCriticalSection
GetPrivateProfileSectionW
GlobalAddAtomW

Sections

.text
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08ccce6f9ee95685db4ffabec986b0b6

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 311KB - Virtual size: 310KB

.rdata Size: 46KB - Virtual size: 54KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 311KB - Virtual size: 310KB

.rdata
Size: 46KB - Virtual size: 54KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 32KB - Virtual size: 32KB