ddff4087b9d2cae384c430432c7ab7b2

Sharing

Copy URL Twitter E-mail

General

Target

ddff4087b9d2cae384c430432c7ab7b2
Size

218KB
MD5

ddff4087b9d2cae384c430432c7ab7b2
SHA1

4201c0d135e29e8a44cd254b1c88d796394b9af1
SHA256

65a9d97031bfadbbba92276c9a3ee59ac992f7ce1fefdb0a9df2137c0afd8178
SHA512

65fec4965cda7f8369f1027acefdf064147272f4d319839aedd1013bd805c0144f8eee1e1f4c8fc066ec34c266e657b73358ff4e91dc07fd40a0068cbdfa2029
SSDEEP

6144:rdxixDWS/lHR3jMF5k9cHbc0HtcoEOhaVPgF7P:rroDlPYF5Mcg0HtDugF7P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddff4087b9d2cae384c430432c7ab7b2

Files

ddff4087b9d2cae384c430432c7ab7b2
.exe windows:5 windows x86 arch:x86

893f309cd15edfc4fe33106e589efa0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\qpgxQLssgbDImP\ioprdIWeLtf\mjaxHFqyw\mcxljoy.pdb

Imports

msvcrt

_controlfp
__set_app_type
towlower
fclose
getenv
__p__fmode
__p__commode
_amsg_exit
_initterm
_acmdln
exit
isprint
_ismbblead
_XcptFilter
_exit
towupper
isdigit
clearerr
setlocale
_cexit
__setusermatherr
vsprintf
wcscat
__getmainargs

kernel32

EnumSystemLocalesA
IsBadCodePtr
GetLongPathNameW
GetWindowsDirectoryA
GetAtomNameW
SearchPathW
GetCurrentThreadId
GetStringTypeExW
lstrlenA
GetLastError
CompareFileTime
OpenEventA
GlobalAddAtomA
WaitCommEvent
RemoveDirectoryA
FoldStringW
lstrcatW
LocalLock
IsBadStringPtrA

user32

IsWindowUnicode
GetWindowLongA
LoadCursorA
AdjustWindowRectEx
GetShellWindow
GetWindowDC
GetActiveWindow
SetCaretPos
GetMenuState
InSendMessage
CopyAcceleratorTableW
SetClassLongW
UpdateWindow
GetWindowTextLengthW
GetPropW
GetSystemMetrics
GetMenuItemCount
SetScrollRange
GetScrollRange
RegisterWindowMessageW
PostMessageW
CreateCaret
GetKeyState
IsRectEmpty
DialogBoxParamW
InvalidateRect
SendInput
MapWindowPoints
IsDialogMessageA
DrawFocusRect
SendMessageW
KillTimer
DestroyCaret
CreateIconFromResource
GetForegroundWindow
RedrawWindow
SetCursor

gdi32

ExtTextOutA
CreateDCW
RemoveFontResourceW
GetCharWidth32W
GetNearestPaletteIndex
GetNearestColor
GetTextMetricsW
AbortDoc
EnumFontsW
CreatePen
SetBkMode
CreateFontIndirectA
SelectClipRgn
EndPath
SetViewportExtEx
CreateDIBitmap

Exports

Exports

?LeaveCriticalSectionGDhkyjkjhHFJlF@@YGKEPA_WG@Z

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.div
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_y
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idat
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imul
Size: 512B - Virtual size: 243B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.plus
Size: 512B - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

893f309cd15edfc4fe33106e589efa0a

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 169KB - Virtual size: 169KB

.div Size: 2KB - Virtual size: 2KB

.diag_x Size: 512B - Virtual size: 28B

.diag_y Size: 512B - Virtual size: 76B

.data Size: 3KB - Virtual size: 2KB

.idat Size: 512B - Virtual size: 400B

.imul Size: 512B - Virtual size: 243B

.plus Size: 512B - Virtual size: 486B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 169KB - Virtual size: 169KB

.div
Size: 2KB - Virtual size: 2KB

.diag_x
Size: 512B - Virtual size: 28B

.diag_y
Size: 512B - Virtual size: 76B

.data
Size: 3KB - Virtual size: 2KB

.idat
Size: 512B - Virtual size: 400B

.imul
Size: 512B - Virtual size: 243B

.plus
Size: 512B - Virtual size: 486B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 2KB - Virtual size: 2KB