d6dfe7597c2f362124f531480ec62a7c

Sharing

Copy URL Twitter E-mail

General

Target

d6dfe7597c2f362124f531480ec62a7c
Size

190KB
MD5

d6dfe7597c2f362124f531480ec62a7c
SHA1

05abe5fa7a9c84ec81b8727c6387d187788facc0
SHA256

04bd683f82a53c735f814a6986fd3c48585b830e16819a2605bd593f26118a46
SHA512

ff536316a886d9005801be47aabc1f32a2aa8f1fbafb3bb9d3f43f51fcb4daf35586200a2a8a1b7354df1d4a09856e5247e2e7f814adef56d7021222d15cc7e3
SSDEEP

3072:rmz8UbNdx6Tsbfb+BIoVl5PUIDzuYeEmP3dwyVOWXcpCxWgmzu+ez79KkF+3y+eu:rmgUbNdx6wbD+66M6zuYfm/d91or6+Gs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6dfe7597c2f362124f531480ec62a7c

Files

d6dfe7597c2f362124f531480ec62a7c
.exe windows:4 windows x86 arch:x86

26e300440555c4506f36843202bdb0e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW

kernel32

GetWindowsDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
AddConsoleAliasW
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
SetHandleCount
HeapSize
GetStdHandle
FatalAppExitA
HeapCreate
HeapDestroy
IsValidCodePage
GetOEMCP
GetACP
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetLastError
FormatMessageW
GetLastError
FreeLibrary
LoadLibraryW
LocalFree
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentVariableA
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
GetVersion
CreateSemaphoreW
CloseHandle
ReleaseSemaphore
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
OpenEventW
GetModuleFileNameW
OutputDebugStringA
GetTickCount
MultiByteToWideChar
GetTempPathW
GetVersionExW
GetComputerNameExW
GetTimeZoneInformation
GetLocalTime
ReleaseMutex
LoadLibraryA
CreateMutexA
GetVersionExA
WideCharToMultiByte
GetCommandLineW
GetEnvironmentVariableW
SetErrorMode
SetHandleInformation
Sleep
ResetEvent
CreateEventA
GetWindowsDirectoryA
FormatMessageA
GetConsoleMode
GlobalFree
WaitForMultipleObjects
CreateEventW
GetProcessTimes
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateFileA
ReadFile
WriteFile
DeviceIoControl
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
SystemTimeToFileTime
LocalAlloc
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
TryEnterCriticalSection
SwitchToThread
ResumeThread
CreateThread
TerminateThread
lstrcmpA
lstrcpyA
CreateProcessA
lstrcatA
lstrlenA
IsDBCSLeadByteEx
GetStringTypeW
HeapReAlloc
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryW
DeleteFileW
DeleteFileA
MoveFileW
MoveFileA
CreateFileW
GetFileType
DuplicateHandle
ExitThread
ExitProcess
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetProcessHeap
GetCommandLineA
GetCurrentThreadId
FlushFileBuffers
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetFilePointer
SetStdHandle
GetFileAttributesA
CreatePipe
GetExitCodeProcess
SetEndOfFile
VirtualQuery
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemDirectoryA
CompareStringW
HeapAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
RaiseException
RtlUnwind
GetFullPathNameW

gdi32

DeleteObject
SelectObject
StretchBlt
GetDIBColorTable
SetDIBColorTable
GetObjectW
GetStockObject
RemoveFontMemResourceEx
CreateDIBSection
DeleteDC
Rectangle
CreateSolidBrush
SetWindowOrgEx
SetViewportOrgEx
LPtoDP
GetDeviceCaps
CreateDCW
CreateRectRgnIndirect
SetMapMode
SaveDC
RestoreDC
GdiFlush
BitBlt
GetGlyphOutlineW
CreateFontW
AddFontMemResourceEx
CreateCompatibleDC

user32

ToUnicode
GetMessageExtraInfo
ScreenToClient
TrackMouseEvent
CreateWindowExW
ShowWindow
UpdateWindow
CharNextW
UnionRect
IntersectRect
OffsetRect
RegisterClassExW
IsDialogMessageW
GetClassInfoExW
GetKeyState
IsChild
SetWindowRgn
GetWindowDC
UnregisterClassA
CallWindowProcW
GetPropW
EndDialog
DialogBoxIndirectParamW
DefWindowProcW
SystemParametersInfoW
HideCaret
GetDlgItem
GetDlgCtrlID
GetParent
IsDlgButtonChecked
WindowFromPoint
IsWindow
MsgWaitForMultipleObjects
GetMonitorInfoW
MonitorFromWindow
CheckDlgButton
EnableWindow
EndPaint
TrackPopupMenu
MapWindowPoints
GetClientRect
GetWindowRect
GetActiveWindow
EqualRect
PtInRect
MessageBoxW
GetSysColor
SetRect
ClientToScreen
DialogBoxParamW
NotifyWinEvent
UnregisterClassW
GetCaretBlinkTime
GetDoubleClickTime
GetSystemMetrics
GetFocus
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
MsgWaitForMultipleObjectsEx
ReleaseCapture
SetCapture
DestroyWindow
GetDesktopWindow
SetFocus
SetCursor
WindowFromDC
InvalidateRect
DestroyMenu
RegisterClassW
LoadCursorW
SetRectEmpty
TranslateMessage
PeekMessageW
DispatchMessageW
CharLowerBuffW
GetCursorPos
SetPropW
GetSubMenu
RemoveMenu
SetMenuItemInfoW
LoadMenuIndirectW
KillTimer
SetWindowTextW
SetTimer
BeginPaint
SetClipboardData
GetKeyboardLayout
PostMessageW
FindWindowW
RegisterWindowMessageW
PostThreadMessageW
GetWindowLongW
SetWindowLongW
GetForegroundWindow
EnumDisplayDevicesW
SendMessageW
SetWindowPos
GetDC
ReleaseDC
GetKeyboardState
RemovePropW
GetWindowTextW
GetWindow

shell32

ShellExecuteExW
ShellExecuteW
SHFileOperationW
SHGetFolderPathW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

comctl32

InitCommonControlsEx

ole32

CoCreateInstance
OleRegGetMiscStatus
OleSaveToStream
OleLoadFromStream
OleRegEnumVerbs
OleRegGetUserType
WriteClassStm
CoTaskMemRealloc
CreateOleAdviseHolder
StringFromGUID2
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CreateBindCtx
CreateStreamOnHGlobal
CoInitialize
CoGetMalloc

oleacc

LresultFromObject

pdh

PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterW
PdhMakeCounterPathW
PdhLookupPerfNameByIndexW
PdhCloseQuery
PdhOpenQueryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeGetDevCaps
timeEndPeriod
timeBeginPeriod
timeGetTime

crypt32

CertVerifyCertificateChainPolicy

setupapi

SetupIterateCabinetW

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
VarI2FromR8
SetErrorInfo

Sections

.text
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26e300440555c4506f36843202bdb0e3

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shell32

comdlg32

comctl32

ole32

oleacc

pdh

version

winmm

crypt32

setupapi

oleaut32

Sections

.text Size: 132KB - Virtual size: 136KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 46KB - Virtual size: 45KB

.reloc Size: 512B - Virtual size: 288B

.text
Size: 132KB - Virtual size: 136KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 46KB - Virtual size: 45KB

.reloc
Size: 512B - Virtual size: 288B