663a17541ced3efac31240e85dcfdd08d527a233ae2c6ee866188271efe05052

Sharing

Copy URL Twitter E-mail

General

Target

663a17541ced3efac31240e85dcfdd08d527a233ae2c6ee866188271efe05052
Size

451KB
MD5

af7b2f52d7c46e07bcce357527e4e1c5
SHA1

a3b7c37788292d2929ab68c3abd3bb851c3a9758
SHA256

663a17541ced3efac31240e85dcfdd08d527a233ae2c6ee866188271efe05052
SHA512

8e9c0add60fa815a33b0ff363291ea73a73fee3ea586c12b11e5d97969008b0cea744dad30a02188922b96e6161d03b5a2f6419ef853b9efba039d352ae4509b
SSDEEP

6144:J6Ftwu36De1CfM5iV5WzE+mOxFGYAK821DTYL51lJO7t7t:J6N0e1bYV5Wz2OQ2NYLCd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
663a17541ced3efac31240e85dcfdd08d527a233ae2c6ee866188271efe05052

Files

663a17541ced3efac31240e85dcfdd08d527a233ae2c6ee866188271efe05052
.exe windows:5 windows x86 arch:x86

9057fcbd39bac084b9d6bea6876fd365

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Moon\Debug\XX.pdb

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetModuleFileNameW
VirtualQuery
FreeLibrary
GetACP
GetLastError
LoadLibraryA
GetLocaleInfoA
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetComputerNameA
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesA
GetTickCount
QueryPerformanceCounter
DecodePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcAddress
lstrlenA
RaiseException
MultiByteToWideChar
IsDebuggerPresent
WideCharToMultiByte
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
EncodePointer
LoadLibraryW
GetLocalTime
IsProcessorFeaturePresent

user32

GetSystemMetrics
IsClipboardFormatAvailable
DestroyWindow
ShowWindow
GetParent
GetForegroundWindow
PostMessageA
GetClipboardOwner
GetWindow
MapWindowPoints
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
PeekMessageA
SystemParametersInfoA
GetCursorPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ReleaseDC
GetDC
SetActiveWindow
MessageBeep
GetSysColor
SetForegroundWindow
WindowFromPoint
MessageBoxA
PostThreadMessageA
FillRect
GetClipboardData
SetWindowRgn
IsIconic
OpenIcon
BringWindowToTop
CopyIcon
CreateIconIndirect
DestroyIcon
SetWindowTextW
KillTimer
DefWindowProcA
RegisterClassExA
SetTimer
ClientToScreen
SetCapture
ReleaseCapture
GetUpdateRgn
ValidateRgn
SetFocus
GetAsyncKeyState
GetKeyState
SetCursor
InvalidateRect
DefWindowProcW
LoadIconA
LoadCursorA
RegisterClassExW
RegisterWindowMessageW
CreateWindowExW
GetWindowRect
SetWindowLongA
SetWindowPos
GetWindowLongA
AdjustWindowRectEx
GetKeyboardLayout
IsWindow
ChangeClipboardChain
CreateWindowExA
SendMessageA
SetClipboardViewer
SetRect

msvcr100d

_fmode
isalnum
acos
ceil
sqrt
fabs
floor
sin
cos
isspace
strncmp
fwrite
fputc
fprintf
fgets
strcspn
fclose
wcscpy
memmove
isdigit
atoi
_time64
rand
getenv
_putenv
sscanf
log
pow
memcmp
strrchr
_wrename
_wrmdir
_wmkdir
_wunlink
_wgetcwd
_wstat64i32
_waccess
_wchmod
_wexecvp
_wsystem
_wfopen
?_wopen@@YAHPB_WHH@Z
_wgetenv
wcstombs
localeconv
strcpy
strcat
strchr
_purecall
sprintf
atof
_strdup
abs
strcmp
wcslen
atol
raise
realloc
isalpha
isupper
tolower
toupper
malloc
free
memcpy
strtol
strncpy
_stricmp
qsort
calloc
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
_invoke_watson
_controlfp_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
_initterm_e
_initterm
_CrtDbgReportW
_CrtSetCheckCount
__initenv
exit
_cexit
_XcptFilter
_exit
__getmainargs
_amsg_exit
__set_app_type
_ftime64
_commode
__setusermatherr
_configthreadlocale
_CRT_RTC_INITW
memset
__CxxFrameHandler3
sprintf_s
??2@YAPAXI@Z
_CrtDumpMemoryLeaks
??3@YAXPAX@Z
strlen
isxdigit

comctl32

_TrackMouseEvent

gdi32

StretchDIBits
Pie
Arc
PolyPolygon
Polyline
ExtCreatePen
SetTextColor
TextOutW
GetCharacterPlacementW
GetGlyphOutlineW
GetTextExtentPoint32W
CreateFontA
GetTextMetricsA
CombineRgn
RealizePalette
CreateSolidBrush
GetStockObject
CreatePen
CreateDCA
SelectPalette
CreateCompatibleDC
BitBlt
GetDIBits
EqualRgn
GetRgnBox
DPtoLP
RectInRegion
SelectClipRgn
SelectObject
Polygon
SetPixel
MoveToEx
CreatePalette
GdiFlush
PlayEnhMetaFile
GetDeviceCaps
GetEnhMetaFileHeader
DeleteDC
RestoreDC
SetDIBitsToDevice
SaveDC
CreateCompatibleBitmap
UpdateColors
CreateRectRgn
CreateBitmap
DeleteObject
CreateDIBSection
SetBkMode
SetTextAlign
CreatePolygonRgn
LPtoDP
ExtCreateRegion
LineTo

advapi32

RegQueryValueExW
RegOpenKeyW
RegCloseKey

shell32

DragQueryFileW

ole32

DoDragDrop
OleUninitialize
RegisterDragDrop
OleInitialize
ReleaseStgMedium

Sections

.textbss
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9057fcbd39bac084b9d6bea6876fd365

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcr100d

comctl32

gdi32

advapi32

shell32

ole32

Sections

.textbss Size: - Virtual size: 166KB

.text Size: 362KB - Virtual size: 361KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 11KB - Virtual size: 28KB

.idata Size: 9KB - Virtual size: 8KB

.reloc Size: 18KB - Virtual size: 18KB

.textbss
Size: - Virtual size: 166KB

.text
Size: 362KB - Virtual size: 361KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 11KB - Virtual size: 28KB

.idata
Size: 9KB - Virtual size: 8KB

.reloc
Size: 18KB - Virtual size: 18KB