def795499e73fdf21457241e23f06852

Sharing

Copy URL Twitter E-mail

General

Target

def795499e73fdf21457241e23f06852
Size

175KB
MD5

def795499e73fdf21457241e23f06852
SHA1

a01b19fb8b7f9e9130d796062164eca1f2491145
SHA256

5b5ec9af0ec5df9da74070f9e5712057c26853ec0673cca14c30dfbf25f73fcc
SHA512

02f5e15821cfa1f2fcd039d8c542bef40bfc2f6f139d7bb8f9ebba7332aab196f80523caf4532bdca1f2658ddd83b8f8c5bd446acd7de38ce8ce2a6dbe26b23f
SSDEEP

3072:Ygf7JurKKnOtAM30da0OfBfDGdn8LuchWY/SphMdT+8Ja07bzmPhX:YRrKyOt1vfBnuCWbS08r7bKPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
def795499e73fdf21457241e23f06852

Files

def795499e73fdf21457241e23f06852
.exe windows:4 windows x86 arch:x86

7091339d380764a8396e291557863f4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

user32

UnregisterClassA
ReleaseCapture
GetWindowLongA
GetDlgItem
FindWindowA
SetWindowTextA
DestroyWindow
SetParent
ReleaseDC
EndPaint
DefWindowProcA
SetFocus
KillTimer
EqualRect
DestroyAcceleratorTable
RedrawWindow
PostThreadMessageA
ShowWindow
GetSysColor
CreateDialogParamA
GetClientRect
PostMessageA
GetClassInfoExA
SetTimer
SetWindowLongA
CopyRect
wsprintfA
FillRect
IsChild
SendNotifyMessageA
GetParent
CreateAcceleratorTableA
DrawTextA
LoadCursorA
BeginPaint
GetWindowRect
SetRect
CreateWindowExA
GetWindowTextA
GetWindowTextLengthA
SetCapture
MoveWindow
DispatchMessageA
EnumDisplayDevicesA
PeekMessageA
GetDC
CharNextA
RegisterWindowMessageA
CallWindowProcA
SendMessageTimeoutA
GetActiveWindow
GetWindow
InvalidateRgn
GetFocus
IsWindow
InvalidateRect
GetQueueStatus
GetDesktopWindow
GetClassNameA
SendMessageA
wvsprintfA
RegisterClassExA
MsgWaitForMultipleObjects
SetWindowPos

shlwapi

PathFileExistsW
PathCombineW

ole32

BindMoniker
CoUninitialize
OleLockRunning
CreateItemMoniker
StringFromGUID2
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CreateStreamOnHGlobal
CoGetClassObject
OleInitialize
OleUninitialize
CLSIDFromProgID
StgCreateDocfile
CoTaskMemRealloc
StgOpenStorage
GetRunningObjectTable
CoTaskMemFree
StgIsStorageFile
CoInitializeSecurity
CreateBindCtx
CoSetProxyBlanket
CLSIDFromString

advapi32

CryptAcquireContextA
CryptReleaseContext
CryptCreateHash
RegQueryInfoKeyA
CryptImportKey
RegSetValueExA
RegCloseKey
CryptEncrypt
RegQueryValueExA
RegEnumValueA
CryptHashData
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
CryptDestroyKey
CryptDestroyHash
CryptGetHashParam
RegCreateKeyExA
RegDeleteKeyA

kernel32

WideCharToMultiByte
GetShortPathNameW
SetFilePointer
GlobalAlloc
CreateFileW
GlobalFree
ReadFile
DisableThreadLibraryCalls
GetProcessId
Sleep
UnmapViewOfFile
LocalAlloc
CreateFileMappingA
EnumResourceTypesA
GetFileAttributesA
GetFileSize
LocalFree
CreateFileA
GetTickCount
WriteFile
MapViewOfFile
GlobalSize
CloseHandle

gdiplus

GdipDisposeImage
GdipFree
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipAlloc
GdipCloneImage

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueA

gdi32

CreateSolidBrush
StretchDIBits
ExtEscape
GetDeviceCaps
DeleteDC
GetDIBits
SetStretchBltMode
CreateFontA
CreateCompatibleDC
SelectPalette
CreateCompatibleBitmap
RealizePalette
GetObjectA
CreateDIBSection
CreateDIBitmap
GetStockObject
DeleteObject
BitBlt
SelectObject
SetBkMode

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7091339d380764a8396e291557863f4f

Headers

File Characteristics

Imports

winmm

user32

shlwapi

ole32

advapi32

kernel32

gdiplus

wininet

setupapi

shell32

version

gdi32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 69KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 69KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 92KB