d6835ed34c96070e7be9259b41bd306f

Sharing

Copy URL Twitter E-mail

General

Target

d6835ed34c96070e7be9259b41bd306f
Size

148KB
MD5

d6835ed34c96070e7be9259b41bd306f
SHA1

42f926fb0e68a0923f26840d744a71ead2bdbd51
SHA256

79fd632d8936c67f51f4b30b7783b86026a0d40afdd25740fb5b2a2a43e9d427
SHA512

2e1def6d42010012f732680c059605cb1962334b78dc7faedc78511c85e92adf401f6961130721cba3193ff8e2612784d629f7245f60211d0284543f66ec4ab1
SSDEEP

3072:K2VcvjonGT0LyPy2kFxvSmdTKXz9nj3XGQSZI:KDzTurF1S2Gjd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6835ed34c96070e7be9259b41bd306f

Files

d6835ed34c96070e7be9259b41bd306f
.exe windows:4 windows x86 arch:x86

3c385907dd9a37624cba76609980a698

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
ExpandEnvironmentStringsA
GetVersionExA
InterlockedCompareExchange
OpenProcess
TerminateProcess
CreateMutexA
CreateThread
Sleep
MulDiv
HeapCreate
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RaiseException
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
SetFilePointer
ReadFile
GetProcAddress
WideCharToMultiByte
HeapSize
VirtualAlloc
VirtualFree
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
GetCurrentProcess
ExitProcess
HeapAlloc
HeapFree
RemoveDirectoryA
DeleteFileA
CreateProcessA
IsBadCodePtr
CreateDirectoryA
LoadLibraryA
SetEndOfFile
GetLastError
CopyFileA
WinExec
GetTempPathA
CreateFileA
WriteFile
CloseHandle

advapi32

RegDeleteKeyA
RegCloseKey
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA

comctl32

InitCommonControlsEx
PropertySheetA

comdlg32

PrintDlgA
GetSaveFileNameA

gdi32

StartPage
EndDoc
DeleteObject
CreateCompatibleDC
GetStockObject
CreateFontA
CreateSolidBrush
SetBkMode
SetBkColor
GetDeviceCaps
LineTo
MoveToEx
SetTextColor
StartDocA
EndPage
BitBlt
GetObjectA
SelectObject
DeleteDC

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysAllocString
SysFreeString

rasapi32

RasEnumEntriesA
RasEnumDevicesA
RasEnumConnectionsA
RasGetEntryPropertiesA
RasDialA
RasDeleteEntryA
RasSetEntryPropertiesA
RasSetEntryDialParamsA
RasGetConnectStatusA
RasHangUpA
RasGetErrorStringA

rpcrt4

UuidToStringA
UuidCreate

shell32

SHGetSpecialFolderPathA

user32

LoadImageA
MessageBoxA
KillTimer
GetDC
wsprintfA
EndDialog
GetWindowThreadProcessId
GetWindowTextA
DispatchMessageA
SetWindowTextA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
DialogBoxParamA
ShowWindow
SetDlgItemTextA
SendDlgItemMessageA
PostQuitMessage
EnableWindow
GetDlgItem
GetDlgItemTextA
SetWindowPos
ClientToScreen
GetClientRect
SystemParametersInfoA
GetWindowRect
SetTimer
SetFocus
ScreenToClient
CloseWindow
GetWindow
DefWindowProcA
GetSysColor
EnumWindows
DrawTextA
GetParent
CheckDlgButton
IsDlgButtonChecked
BringWindowToTop
DestroyWindow
SendMessageA
GetMessageA
IsWindow
SetWindowLongA
BeginPaint
GetSysColorBrush
FillRect
EndPaint
InvalidateRect
LoadAcceleratorsA
CreateDialogParamA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetQueryDataAvailable
InternetCloseHandle

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c385907dd9a37624cba76609980a698

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

ole32

oleaut32

rasapi32

rpcrt4

shell32

user32

wininet

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 87KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 87KB

.rsrc
Size: 24KB - Virtual size: 22KB