d6b7dcb5465cef8d85d56092f55f81d4

Sharing

Copy URL Twitter E-mail

General

Target

d6b7dcb5465cef8d85d56092f55f81d4
Size

508KB
MD5

d6b7dcb5465cef8d85d56092f55f81d4
SHA1

aebeccffbb7fb42dc47e77434bbad76fee340edd
SHA256

dd7924a134108576a3e0dfa450f9d96e23eac5d496a0420a23bae5840353d43c
SHA512

0b89acedcf3394b4aa77cbfa4c5e35829c2f608c23a06862cbcb7a48182bb5afe6c75d23dc8d2e7c370af5ad6e38e650d316faba8f095ec2b25c0f1231da199c
SSDEEP

12288:RUMMnMMMMMkScpZAMZWDQjBeOU53W9qeC0lrkbm2O17T9U3S+nRN8:RUMMnMMMMMtcH0EBed587Cxo1GS+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6b7dcb5465cef8d85d56092f55f81d4

Files

d6b7dcb5465cef8d85d56092f55f81d4
.exe windows:4 windows x86 arch:x86

29a6be4a70b4732ea4571432415c1750

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleLoad
OleSave

ddraw

DirectDrawEnumerateA

advapi32

RegEnumKeyA
LookupPrivilegeValueA
RegDeleteKeyA
RegOpenKeyW
RegDeleteValueA
RegEnumValueW
AdjustTokenPrivileges
RegSetValueA
ReportEventA
OpenProcessToken
RegQueryInfoKeyA
RegEnumKeyW
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegQueryValueA
RegOpenKeyExA
RegCreateKeyW
RegCloseKey
RegOpenKeyA
RegisterEventSourceA
RegDeleteKeyW
DeregisterEventSource
RegEnumValueA
SetSecurityDescriptorDacl
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
InitializeSecurityDescriptor

samlib

SamConnect

ws2_32

WSAConnect
accept

kernel32

_lclose
SetErrorMode
GetCPInfo
SetFilePointer
GetFileTime
VirtualProtect
CreateDirectoryA
FreeLibrary
GlobalSize
FormatMessageW
GetUserDefaultLCID
GetUserDefaultLangID
GetCurrentProcess
GetEnvironmentStrings
VirtualFree
FreeResource
GetCurrentProcessId
FileTimeToSystemTime
ResetEvent
InitializeCriticalSection
CreateThread
GetSystemDefaultLCID
SystemTimeToFileTime
GetACP
WriteFile
RtlUnwind
VirtualQuery
GetCommandLineA
Sleep
GetProcAddress
GetLocaleInfoA
SetEvent
_lread
TlsSetValue
GetFileType
CloseHandle
FlushFileBuffers
GetDriveTypeA
HeapDestroy
GetFileAttributesA
GetOEMCP
LockResource
HeapReAlloc
FindClose
FreeEnvironmentStringsW
FindNextFileA
lstrcmpA
CreateEventA
ReleaseSemaphore
GlobalUnlock
LeaveCriticalSection
SetHandleCount
CreateProcessA
TlsAlloc
lstrlenA
FindResourceA
lstrcatA
GetProfileStringA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetSystemTime
lstrcpynA
GlobalLock
GetVersion
GetStringTypeW
WideCharToMultiByte
DuplicateHandle
InterlockedDecrement
GetCurrentDirectoryA
ExitProcess
LoadLibraryExA
LockFile
IsDBCSLeadByte
RemoveDirectoryA
HeapCreate
GetTickCount
lstrcpyA
ReadFile
HeapAlloc
CompareStringW
MulDiv
UnhandledExceptionFilter
GlobalAlloc
GetLastError
FindFirstFileA
GetTempFileNameA
GetSystemInfo
_lwrite
DeleteCriticalSection
FormatMessageA
SetLocalTime
GlobalHandle
ExitThread
RaiseException
DeleteFileA
HeapFree
GetTempPathA
IsBadReadPtr
GetEnvironmentStringsW
LoadLibraryA
GetExitCodeProcess
MultiByteToWideChar
SetStdHandle
GetSystemDirectoryA
TerminateProcess
GetVolumeInformationA
SetFileAttributesA
SetLastError
GlobalFree
GetVersionExA
HeapSize
GetLocalTime
GetShortPathNameA
GlobalAddAtomA
GetModuleHandleA
IsBadCodePtr
WaitForSingleObject
SetEndOfFile
FreeEnvironmentStringsA
LoadResource
SetFileTime
GetSystemDefaultLangID
GetCurrentThreadId
GetStartupInfoA
GetStringTypeA
ResumeThread
lstrcmpiW
TlsFree
LCMapStringA
GlobalReAlloc
FileTimeToLocalFileTime
SearchPathA
CreateSemaphoreA
SetEnvironmentVariableA
GetModuleFileNameW
SizeofResource
UnlockFile
GlobalDeleteAtom
WinExec
_llseek
GetTimeZoneInformation
MoveFileA
CreateFileA
GetModuleFileNameA
EnterCriticalSection
VirtualAlloc
GetDateFormatA
GetFullPathNameA
LCMapStringW
InterlockedIncrement
GetStdHandle
GetStringTypeExA
CreateProcessW
TlsGetValue
lstrcmpiA
CompareStringA
FlushInstructionCache

user32

SetParent
ShowScrollBar
MessageBoxA
DdeCmpStringHandles
SetWindowsHookExW
EndDialog
RegisterClipboardFormatA
SendDlgItemMessageA
CopyRect
DrawMenuBar
IsWindowEnabled
SetClipboardData
MessageBeep
CallNextHookEx
DdeNameService
CloseClipboard
VkKeyScanA
SetScrollPos
LoadStringA
FillRect
ShowCaret
WindowFromPoint
SetMenuDefaultItem
GetForegroundWindow
DrawFrameControl
GetTabbedTextExtentA
SubtractRect
DdeAbandonTransaction
ScreenToClient
wsprintfA
SetFocus
EnableWindow
RegisterClassA
DeleteMenu
AdjustWindowRect
GetKeyboardState
IsRectEmpty
CharNextA
SetWindowRgn
UnregisterClassA
GetCaretPos
GetSystemMetrics
DefFrameProcA
InvalidateRect
OemToCharA
OffsetRect
CharUpperBuffW
DestroyCaret
GetWindowTextLengthA
AdjustWindowRectEx
SetWindowLongA
GetSysColor
FindWindowA
ReleaseDC
PtInRect
SetWindowContextHelpId
GetIconInfo
SetWindowTextA
CopyAcceleratorTableA
WaitForInputIdle
MsgWaitForMultipleObjects
CharLowerBuffA
CreateIcon
VkKeyScanW
CharUpperBuffA
KillTimer
DeferWindowPos
CreatePopupMenu
OpenClipboard
ClientToScreen
PeekMessageA
DestroyWindow
SetForegroundWindow
SetWindowsHookExA
DefMDIChildProcA
GetQueueStatus
EndPaint
AttachThreadInput
PostThreadMessageA
UnhookWindowsHookEx
CreateWindowExA
GetScrollInfo
GetMessageTime
FrameRect
DdeQueryStringA
SetScrollRange
GetFocus
UpdateWindow
GetMessagePos
SetPropA
CreateDialogParamA
DdeDisconnect
EndDeferWindowPos
DestroyIcon
SetWindowPos
SetRect
GetClientRect
DdeFreeDataHandle
DestroyAcceleratorTable
GetDlgItem
SetCursorPos
SetActiveWindow
LoadImageA
DdeQueryConvInfo
ModifyMenuA
CreateCursor
WaitMessage
IsWindow
GetMenuItemInfoA
DdeInitializeA
GetDC
IsDialogMessageA
GetCursor
CreateCaret
CheckMenuItem
GetLastActivePopup
DrawFocusRect
CreateAcceleratorTableA
CharToOemBuffA
EnableMenuItem
DefWindowProcA
GetMenuItemCount
LoadCursorA
GetUpdateRect
SetCapture
WinHelpA
SetCursor
RemovePropA
SetMenu
TrackPopupMenu
SetDlgItemTextA
CallWindowProcA
CharLowerA
GetDesktopWindow
EnumClipboardFormats
GetClassInfoA
ShowWindow
GetActiveWindow
BringWindowToTop
EnumThreadWindows
TranslateMessage
DdeFreeStringHandle
DdeCreateDataHandle
BeginDeferWindowPos
ShowCursor
DialogBoxParamA
RemoveMenu
InflateRect
GetWindowDC
CharToOemA
GetDoubleClickTime
DdeClientTransaction
AppendMenuA
GetMenuItemID
GetCapture
LockWindowUpdate
DdeConnect
CharPrevA
keybd_event
GetWindowTextA
GetUpdateRgn
InvalidateRgn
DestroyCursor
GetWindowRect
LoadAcceleratorsA
GetPropA
SetMenuItemInfoA
PostQuitMessage
MapWindowPoints
HideCaret
FindWindowW
GetCaretBlinkTime
SetTimer
EqualRect
GetMenuStringA
InsertMenuA
DdeSetUserHandle
DdeGetLastError
SendMessageA
DdeCreateStringHandleA
SystemParametersInfoA
GetClassNameA
IsZoomed
GetClassInfoExA
GetClipboardData
ReleaseCapture
DispatchMessageA
SetCaretPos
GetKeyState
DdeGetData
DdePostAdvise
GetScrollPos
GetParent
GetSubMenu
IsChild
PeekMessageW
PostMessageA
GetWindowThreadProcessId
ClipCursor
GetSystemMenu
TabbedTextOutA
SetScrollInfo
IsClipboardFormatAvailable
IsWindowVisible
DestroyMenu
GetMenuState
IsIconic
SetKeyboardState
IntersectRect
GetAsyncKeyState
BeginPaint
DrawIcon
PostMessageW
GetWindow
GetClipboardFormatNameA
GetMenu
CharUpperA
IsCharAlphaA
DrawTextA
MoveWindow
RegisterClassExA
MessageBoxIndirectA
TranslateMDISysAccel
CreateMenu
DdeUninitialize
CharLowerBuffW
LoadIconA
ToAscii
GetCursorPos
LoadBitmapA
GetDCEx
EmptyClipboard
GetKeyboardLayout
GetWindowLongA
GetWindowRgn

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29a6be4a70b4732ea4571432415c1750

Headers

File Characteristics

Imports

ole32

ddraw

advapi32

samlib

ws2_32

kernel32

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 1.0MB

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 33KB - Virtual size: 32KB

.rdata Size: 457KB - Virtual size: 456KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 1.0MB

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 33KB - Virtual size: 32KB

.rdata
Size: 457KB - Virtual size: 456KB