df310a89db5777bb31828df5dcbe9805

Sharing

Copy URL Twitter E-mail

General

Target

df310a89db5777bb31828df5dcbe9805
Size

444KB
MD5

df310a89db5777bb31828df5dcbe9805
SHA1

0550a40991a962bc70dab6ddc5cafb5f28213ccc
SHA256

1147c8ae026b40b6ebf68acfe0c0f8c17727cefd10e2360f590484d55bcdee9e
SHA512

fc4cebcea120cf6ce20b0b30f6df5239b8d5486026f487e7c6049b3de8d7ccf30e26e94ba86b1a61fb670552476ada6124dd53189323882073446b7ca1756464
SSDEEP

12288:z3DO6HqWyJKhKhvNrbgKGoSC/r8caFuhmHzl6U:1H3yshKhFAKXYM8zlT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df310a89db5777bb31828df5dcbe9805

Files

df310a89db5777bb31828df5dcbe9805
.exe windows:4 windows x86 arch:x86

b590f46aea5522454e91d20f7b551c80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\gbwyaye\ot

Imports

comctl32

ImageList_SetIconSize
ImageList_EndDrag
ImageList_DrawIndirect
DrawInsert
ImageList_LoadImageA
CreateStatusWindowA
ImageList_DragLeave
InitCommonControlsEx
ImageList_AddMasked
ImageList_DrawEx
CreatePropertySheetPage
ImageList_GetImageRect
ImageList_SetBkColor
ImageList_Add
CreateStatusWindow
ImageList_Merge
ImageList_Create
ImageList_Destroy

kernel32

FillConsoleOutputAttribute
VirtualFree
ExitProcess
GetStdHandle
TlsSetValue
RemoveDirectoryW
GetFileType
ExpandEnvironmentStringsA
SetLocalTime
AddAtomW
GetModuleHandleA
IsBadWritePtr
GetProfileIntW
GetStringTypeW
GetOEMCP
UnhandledExceptionFilter
GetCurrentProcess
FlushFileBuffers
EnumSystemLocalesA
DebugActiveProcess
GetCurrentThreadId
CreateDirectoryA
OpenProcess
TlsGetValue
EnumResourceTypesW
VirtualAlloc
ReadConsoleA
FreeEnvironmentStringsA
VirtualFreeEx
CreateWaitableTimerW
IsValidLocale
WriteProfileSectionW
HeapReAlloc
GetTempPathW
GetExitCodeThread
GetProcessHeap
GetModuleFileNameA
GetACP
LoadLibraryA
GetConsoleMode
SetLastError
WriteFile
EnumTimeFormatsA
LCMapStringW
EnumSystemLocalesW
GetDateFormatA
SystemTimeToTzSpecificLocalTime
ReadFile
LocalSize
SetEnvironmentVariableA
CreateToolhelp32Snapshot
WriteConsoleW
GetTimeZoneInformation
TerminateProcess
DeleteFileA
WriteConsoleA
ReadConsoleOutputCharacterW
GetStringTypeA
VirtualQuery
WaitForSingleObjectEx
EnumDateFormatsA
GetConsoleCP
CreateMutexW
LocalAlloc
GetVersionExA
DebugBreak
FreeLibrary
GetCPInfo
HeapAlloc
CreateFileW
GetCommandLineA
MultiByteToWideChar
SetHandleCount
SetThreadPriority
TlsAlloc
LCMapStringA
GetLocaleInfoW
SetUnhandledExceptionFilter
LoadModule
SetConsoleActiveScreenBuffer
CompareStringW
GetConsoleOutputCP
HeapDestroy
GetEnvironmentStringsW
LocalFlags
CreateMutexA
LocalLock
GlobalFindAtomA
SetComputerNameW
QueryPerformanceCounter
TlsFree
WideCharToMultiByte
GetCurrentProcessId
EnumDateFormatsExW
IsValidCodePage
GetSystemTimeAsFileTime
EnumDateFormatsExA
LocalReAlloc
InterlockedIncrement
SetConsoleCtrlHandler
GetDriveTypeW
lstrcatW
CreateEventA
GetUserDefaultLCID
EnterCriticalSection
FindResourceW
GetStartupInfoA
GlobalReAlloc
FoldStringW
WriteProfileSectionA
WriteConsoleOutputA
TryEnterCriticalSection
SetStdHandle
InterlockedDecrement
SetFilePointer
GetLocaleInfoA
GetTimeFormatA
WritePrivateProfileStringW
DeleteCriticalSection
GetCurrentThread
OutputDebugStringW
CreateFileA
InterlockedExchange
GetThreadLocale
LeaveCriticalSection
GetTickCount
HeapSize
GetLastError
CompareStringA
GetEnvironmentStrings
HeapCreate
GetFileAttributesW
ReadFileEx
Sleep
RtlUnwind
GetNamedPipeInfo
OpenSemaphoreW
GetProcAddress
HeapFree
WaitNamedPipeW
OutputDebugStringA
FreeEnvironmentStringsW
CreateProcessW
InitializeCriticalSection
SetEnvironmentVariableW
CloseHandle
OpenMutexA
SetThreadIdealProcessor
IsDebuggerPresent

advapi32

RegQueryValueW
GetUserNameA
CryptGenKey
CryptDestroyHash
LookupPrivilegeNameA
RegOpenKeyExA
RegDeleteValueW
CryptDecrypt

shell32

SHQueryRecycleBinW

comdlg32

FindTextA
ChooseFontW

user32

EndMenu
MessageBoxA
IsCharAlphaW
LoadBitmapA
IsDialogMessage
CharNextW
SetDlgItemTextW
GetCursor
GetWindow
ChangeDisplaySettingsExA
OemToCharBuffW
SetMessageExtraInfo
GetCursorPos
PostMessageW
EnumDisplayMonitors
SetUserObjectSecurity
SetMenuInfo
CreateAcceleratorTableA
DefWindowProcA
SystemParametersInfoW
DragDetect
EnumDisplaySettingsExW
AnyPopup
OpenDesktopA
RegisterClassA
SetDlgItemTextA
VkKeyScanExW
WINNLSGetIMEHotkey
SetProcessDefaultLayout
GetAltTabInfo
RegisterClassExA
GetGUIThreadInfo
SetScrollInfo
ScrollWindow
SetCaretBlinkTime
GetListBoxInfo
GetMessageTime
ActivateKeyboardLayout
SetMenu
EnumDisplayDevicesA
CreateMDIWindowA
EnumDisplaySettingsW
SetWindowContextHelpId
GetComboBoxInfo
CharToOemA
MsgWaitForMultipleObjects
ShowWindow
LoadCursorFromFileA
GetClipboardFormatNameA
CreateWindowExW
GetMenuItemInfoW
AppendMenuA
BroadcastSystemMessageA
EnumDesktopsA
DestroyWindow
LoadCursorA
EnumWindowStationsW
WaitForInputIdle
GetCapture
CloseWindowStation

wininet

InternetTimeFromSystemTime
InternetCreateUrlW
FindFirstUrlCacheContainerA
InternetSetOptionW
InternetGoOnlineW

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b590f46aea5522454e91d20f7b551c80

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

advapi32

shell32

comdlg32

user32

wininet

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 96KB - Virtual size: 116KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 96KB - Virtual size: 116KB

.rsrc
Size: 40KB - Virtual size: 37KB