d66af469db80fa70ce7849134ca1f30b

Sharing

Copy URL Twitter E-mail

General

Target

d66af469db80fa70ce7849134ca1f30b
Size

416KB
MD5

d66af469db80fa70ce7849134ca1f30b
SHA1

5f16f0d4615a219c1cdb4fa01a96425967e14b29
SHA256

b13acaaed8d73b830250c0294ad294b4148a695a5b842e5f60d32dcd2fa157b4
SHA512

f19e2725768aa173ec658d7e9f1cda42445004f7756a7bc8f332ea47c515725f52161b53daec525e1b771b1fa0cfa5ad319953cb90985d8c69eeffa725cf2d2a
SSDEEP

6144:ckr4X0RZkj0FnVBL8evLo83dZbb9WDiwR9VjQhVYu8oKa7gL1q4AiH0B1R:cX0RZkYFnVBLhU8/SR9admZAiHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d66af469db80fa70ce7849134ca1f30b

Files

d66af469db80fa70ce7849134ca1f30b
.exe windows:4 windows x86 arch:x86

a7cb2c062c65a4252972a1cb359c40dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\oyxoodm\syj.pdb

Imports

shell32

RealShellExecuteA
ExtractAssociatedIconA
SHChangeNotify
RealShellExecuteExA

comctl32

ImageList_DragEnter
ImageList_LoadImageW
ImageList_Replace
CreatePropertySheetPageA
ImageList_Write
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
CreatePropertySheetPageW
ImageList_GetIcon
ImageList_DragMove
ImageList_SetFlags
CreateMappedBitmap
ImageList_SetIconSize
DrawStatusTextW
DrawStatusTextA
CreatePropertySheetPage
InitMUILanguage
ImageList_DragLeave
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_SetImageCount
InitCommonControlsEx
ImageList_EndDrag
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetImageRect

gdi32

EnumICMProfilesW
CreatePolyPolygonRgn
SetMiterLimit
GetNearestColor
DeleteObject
SetWorldTransform
GetArcDirection
SetDIBits
SetPolyFillMode
gdiPlaySpoolStream
GetDCOrgEx
GdiPlayDCScript
AnimatePalette
GetDeviceCaps
GetDeviceGammaRamp
UpdateColors
CreateScalableFontResourceA
ChoosePixelFormat
CreateCompatibleDC
DeleteDC
SetEnhMetaFileBits
CreateICW
SelectObject
DeviceCapabilitiesExW
GetObjectW
DeleteEnhMetaFile
GetLogColorSpaceW
CreateCompatibleBitmap
CreateDCA

advapi32

CryptGenKey
InitiateSystemShutdownW
CryptVerifySignatureW
RegOpenKeyA
CryptExportKey
GetUserNameA
LookupSecurityDescriptorPartsA
CryptAcquireContextW
CryptEncrypt

user32

CheckMenuItem
CallNextHookEx
RedrawWindow
DefWindowProcA
RegisterWindowMessageW
SetMenu
DlgDirSelectExW
GetProcessDefaultLayout
SetClassWord
GetKeyboardLayout
DispatchMessageA
CreateCaret
EndPaint
CreateWindowExA
MessageBoxA
DlgDirListComboBoxA
GetParent
MapVirtualKeyA
GetMenu
RegisterClassA
ImpersonateDdeClientWindow
RemovePropA
GetActiveWindow
SwitchToThisWindow
GetMenuItemInfoW
SetMessageQueue
SetWindowPos
DestroyWindow
UnionRect
RegisterClassExA
DdeCreateStringHandleA
InflateRect
GetGuiResources
DrawEdge
GetClassInfoA
MonitorFromWindow
GetShellWindow
TranslateMDISysAccel
GetWindowContextHelpId
GrayStringA
ShowWindow

kernel32

CompareStringW
InterlockedExchange
MoveFileExW
FreeEnvironmentStringsW
GetConsoleCP
CreateWaitableTimerA
EnumCalendarInfoExA
GetThreadContext
TlsSetValue
GlobalUnlock
WriteFileEx
HeapValidate
WideCharToMultiByte
WritePrivateProfileStringA
ReadFile
OpenEventA
SetSystemTime
WritePrivateProfileStructW
CreateFileW
LeaveCriticalSection
GetCPInfo
GetConsoleMode
SetHandleCount
InitializeCriticalSection
CreateDirectoryA
GetPrivateProfileSectionW
InterlockedDecrement
GetProfileStringA
GetStringTypeW
SetLocaleInfoA
WriteConsoleA
SetFileAttributesW
IsBadReadPtr
GetTimeFormatA
GetStartupInfoA
GetCurrentThreadId
RemoveDirectoryW
WriteConsoleW
HeapAlloc
MapViewOfFile
GetStdHandle
WriteFile
HeapReAlloc
CloseHandle
GetPriorityClass
EnterCriticalSection
GetCurrentProcess
GetCommandLineW
SetUnhandledExceptionFilter
GetTempFileNameA
UnhandledExceptionFilter
GetDiskFreeSpaceExA
IsDebuggerPresent
TlsGetValue
CompareStringA
TlsAlloc
GetEnvironmentStringsW
GetLocaleInfoA
GetUserDefaultLCID
GetPrivateProfileSectionNamesW
LoadLibraryA
GetEnvironmentStrings
GetOEMCP
CreateRemoteThread
RaiseException
ReadConsoleOutputCharacterW
HeapCreate
LocalSize
Sleep
FindResourceA
HeapFree
GlobalAddAtomA
GetAtomNameA
WaitNamedPipeA
SetEnvironmentVariableA
GetVersion
OpenMutexA
FreeLibrary
TerminateProcess
CopyFileExA
GetWindowsDirectoryW
FlushFileBuffers
GetModuleFileNameA
GetTimeZoneInformation
SetConsoleCtrlHandler
GlobalLock
GetSystemTimeAsFileTime
GetCurrentProcessId
EnumTimeFormatsA
GetTickCount
QueryPerformanceCounter
VirtualAlloc
SetConsoleOutputCP
FreeEnvironmentStringsA
EnumResourceNamesA
GetConsoleOutputCP
GetDateFormatA
GetShortPathNameA
OpenEventW
GetACP
InitializeCriticalSectionAndSpinCount
LCMapStringA
CreateMutexW
TlsFree
GetLocaleInfoW
InterlockedIncrement
ExpandEnvironmentStringsA
GetLastError
VirtualFree
DeleteCriticalSection
GetFileType
SetFilePointer
GetStringTypeA
GetCommandLineA
HeapSize
GetFileAttributesExW
SetConsoleTextAttribute
ExpandEnvironmentStringsW
RtlUnwind
SetLastError
CreateEventA
CreateFileA
SetComputerNameW
FindFirstFileW
OutputDebugStringA
VirtualQuery
InterlockedCompareExchange
GetCurrentThread
GetVersionExA
GetTempPathA
LCMapStringW
DebugBreak
CreateMutexA
GetProcAddress
SetStdHandle
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
HeapDestroy
GetProcessHeap
GetThreadSelectorEntry
ExitProcess
GetDiskFreeSpaceA
GetModuleHandleA
MultiByteToWideChar

wininet

UnlockUrlCacheEntryFileA

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7cb2c062c65a4252972a1cb359c40dd

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

gdi32

advapi32

user32

kernel32

wininet

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 108KB - Virtual size: 128KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 108KB - Virtual size: 128KB

.rsrc
Size: 12KB - Virtual size: 10KB