4611e10664c03d145e3f8afba3cfb5de

Sharing

Copy URL Twitter E-mail

General

Target

4611e10664c03d145e3f8afba3cfb5de
Size

5.3MB
MD5

4611e10664c03d145e3f8afba3cfb5de
SHA1

d7037306a7f1be52832278acaddc2e74b9e26197
SHA256

94c48cfa5b41549d85dd2cfd3a0624a31ca5203f78c5fc6e1e4e7de241520956
SHA512

e6b2123899200b837a0c5cd0ff98a957ef92ecc1600e24a6bfc14c1e363cb1d477242ad0073d363bb41be1a218ab62ca052f1f6641df43fc980f98974faf0807
SSDEEP

98304:1JHzwURZcmte8nBU8MB+MpnHtvHSu2OVnWJYqFv4rD/F:1z06JyLt5tvxclN4Xd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4611e10664c03d145e3f8afba3cfb5de

Files

4611e10664c03d145e3f8afba3cfb5de
.exe windows:4 windows x86 arch:x86

5809e3fa9c8dead11c8d6594b8e47c9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
Rectangle
SetBkMode
SetTextColor
GetTextExtentPoint32A
CreateSolidBrush
GetStockObject

comdlg32

GetFileTitleA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA

crypt32

CertFreeCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertOpenSystemStoreA
CertGetCertificateContextProperty
CertAddEncodedCertificateToStore
CertGetSubjectCertificateFromStore
CertFindCertificateInStore
CertDeleteCertificateFromStore
CertAddEncodedCRLToStore
CertFreeCRLContext
CertGetCRLFromStore
CertDeleteCRLFromStore
CertSetCertificateContextProperty

kernel32

lstrcpyA
GetLogicalDrives
GetModuleFileNameA
GetTempPathA
WideCharToMultiByte
SystemTimeToFileTime
GetSystemTime
CompareFileTime
FreeLibrary
GetCommandLineA
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
WriteProfileStringA
GetCurrentProcess
SetCurrentDirectoryA
CreateDirectoryA
DeleteFileA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetTempFileNameA
CreateFileA
GetStdHandle
ReadFile
WriteFile
CloseHandle
SetEndOfFile
SetFilePointer
GetShortPathNameA
GetVersionExA
SetFileAttributesA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
SetVolumeLabelA
FindFirstFileA
FindNextFileA
FindClose
GetLastError
GetTickCount
GetVolumeInformationA
GetDriveTypeA
FlushInstructionCache
GetLocaleInfoA
SetLastError
DeleteCriticalSection
LoadLibraryA
QueryPerformanceCounter
GetLocalTime
GetProcessTimes
GetThreadTimes
GetCurrentThread
GlobalMemoryStatus
GetProcessWorkingSetSize
GetCurrentProcessId
GetStartupInfoA
HeapFree
RtlUnwind
HeapAlloc
RaiseException
ExitProcess
TerminateProcess
GetTimeZoneInformation
MoveFileA
GetVersion
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetFileType
HeapSize
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrcatA
GetFullPathNameA
GetFileAttributesA
DeviceIoControl
SetHandleCount
WaitForSingleObject
CreateMutexA
ReleaseMutex

user32

DialogBoxParamA
SendDlgItemMessageA
DestroyMenu
TrackPopupMenu
CreatePopupMenu
SendMessageA
DispatchMessageA
GetMessageA
RegisterClassA
LoadStringA
LoadIconA
UpdateWindow
PostQuitMessage
DefWindowProcA
IsWindow
ClientToScreen
GetCursorPos
ReleaseCapture
SetCursor
SetCapture
CallWindowProcA
MessageBoxA
IsWindowEnabled
GetSysColor
InvalidateRect
EndPaint
DrawTextA
BeginPaint
IsDlgButtonChecked
CheckDlgButton
DdeInitializeA
DdeUninitialize
DdeFreeStringHandle
GetWindow
TranslateMessage
IsDialogMessageA
PeekMessageA
DdeGetLastError
DdeClientTransaction
CharToOemBuffA
OemToCharBuffA
GetMessageTime
GetQueueStatus
GetCaretPos
GetMessagePos
GetOpenClipboardWindow
GetFocus
GetClipboardViewer
GetClipboardOwner
GetCapture
GetActiveWindow
EndDialog
GetWindowTextA
SetWindowTextA
GetWindowRect
ScreenToClient
ShowWindow
PostMessageA
GetDlgItem
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
GetWindowLongA
GetParent
SystemParametersInfoA
SetDlgItemTextA
GetClientRect
MapWindowPoints
SetWindowPos
CreateWindowExA
SetWindowLongA
EnableWindow
SetFocus
GetDlgItemTextA
DdeConnect
DdeCreateStringHandleA
DdeDisconnect

advapi32

RegCloseKey
RegDeleteKeyA
RegQueryValueA
CryptExportKey
RegCreateKeyA
RegSetValueA
RegOpenKeyExA
RegEnumKeyExA
CryptGetKeyParam
CryptGetUserKey
RegQueryValueExA
CryptImportKey
CryptDestroyKey
CryptGetProvParam
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree

Exports

Exports

IsdGetCapability
IsdGetRandomNumber
IsdGetStatistic
IsdTestRandomGenerator

Sections

.text
Size: - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 336KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5809e3fa9c8dead11c8d6594b8e47c9e

Headers

File Characteristics

Imports

gdi32

comdlg32

shell32

crypt32

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: - Virtual size: 611KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: - Virtual size: 104KB

.data1 Size: - Virtual size: 2KB

.rsrc Size: 36KB - Virtual size: 43KB

.pklstb Size: 336KB - Virtual size: 352KB

.relo2 Size: 4KB - Virtual size: 60B

.text
Size: - Virtual size: 611KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: - Virtual size: 104KB

.data1
Size: - Virtual size: 2KB

.rsrc
Size: 36KB - Virtual size: 43KB

.pklstb
Size: 336KB - Virtual size: 352KB

.relo2
Size: 4KB - Virtual size: 60B