d4375a22c0f3fb36ab788c0a9d6e0479bd19f48349f6e192b10d83047a74c9d7

Sharing

Copy URL Twitter E-mail

General

Target

d4375a22c0f3fb36ab788c0a9d6e0479bd19f48349f6e192b10d83047a74c9d7
Size

2.7MB
MD5

9d0e761f3803889dc83c180901dc7b22
SHA1

ecf9b7283fda023fa37ad7fdb15be4eadded4e06
SHA256

d4375a22c0f3fb36ab788c0a9d6e0479bd19f48349f6e192b10d83047a74c9d7
SHA512

0f0a0924d73006a907cef79035b164dcf9c55822445753f7c9f9e01e861de396db6e1146e69a3aee349fde1fbb6670ea2e098169eb91449b45839c9b5daabbd0
SSDEEP

24576:+KGclZgnG029p8tvMuXZcWnaWEXdzC2Fn2oTLpg2ZAYrG65i83LtVgKDF/egKYCf:iRG0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4375a22c0f3fb36ab788c0a9d6e0479bd19f48349f6e192b10d83047a74c9d7

Files

d4375a22c0f3fb36ab788c0a9d6e0479bd19f48349f6e192b10d83047a74c9d7
.exe windows:4 windows x86 arch:x86

89e83946fce0b29babaebfbe3723cb6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
RaiseException
RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
GetTimeZoneInformation
GetACP
lstrcmpA
HeapSize
HeapReAlloc
TerminateProcess
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentThreadId
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
lstrcatA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetFileTime
GetFileSize
GetFileAttributesA
SetLastError
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
Sleep
CreateDirectoryA
GetEnvironmentVariableA

shell32

ShellExecuteExA

comctl32

ord17

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
LoadStringA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
CharUpperA
GetSystemMetrics
EnableWindow
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
GetWindowPlacement

gdi32

SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
RestoreDC
SetBkColor
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SaveDC
GetClipBox
DeleteDC
DeleteObject
GetDeviceCaps
CreateBitmap
SetTextColor
GetObjectA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89e83946fce0b29babaebfbe3723cb6b

Headers

File Characteristics

Imports

kernel32

shell32

comctl32

user32

gdi32

winspool.drv

comdlg32

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 2.4MB - Virtual size: 2.4MB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 2.4MB - Virtual size: 2.4MB