a33df53734cf4b6ac1907b3453bb90ccf960c23f6f71d4e2968ffef157706e63

Sharing

Copy URL Twitter E-mail

General

Target

a33df53734cf4b6ac1907b3453bb90ccf960c23f6f71d4e2968ffef157706e63
Size

232KB
MD5

cd2609da2b2d62084f65f9af53c357e7
SHA1

0d1b66a8c29251a1d712e440e7da342ee2f19bb1
SHA256

a33df53734cf4b6ac1907b3453bb90ccf960c23f6f71d4e2968ffef157706e63
SHA512

3e6f580d1afde21ffad477357357316e816c3a2ac388edf3c3cc9bc1fb9c5e191ede3234e0948dbfda32e56d90e7063a7d300b0288f8272671f466aa0b15cdfd
SSDEEP

3072:f+3CFrhb5/eNRj8jg7dqMhdKVFnaz63VUxz0TynDeFjuZ66Hq4UFo0KddS9nTQc:f2NRj8jg7Lhvz62xz0TyDm06kqhMMTQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a33df53734cf4b6ac1907b3453bb90ccf960c23f6f71d4e2968ffef157706e63

Files

a33df53734cf4b6ac1907b3453bb90ccf960c23f6f71d4e2968ffef157706e63
.exe windows:4 windows x86 arch:x86

b485deeb1b22c05b4d162abe9401d235

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

connect
htons
ioctlsocket
send
setsockopt
shutdown
socket
gethostbyname
closesocket
WSACleanup
recv
WSAStartup
WSAGetLastError

kernel32

SetLastError
lstrcmpA
GlobalAlloc
GlobalFree
GlobalFlags
DuplicateHandle
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
GetVersion
LocalAlloc
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
FileTimeToLocalFileTime
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
RtlUnwind
ExitThread
HeapAlloc
HeapReAlloc
HeapFree
GetStartupInfoA
ExitProcess
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
SetStdHandle
GetFileType
HeapSize
GetACP
TerminateProcess
UnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
GlobalLock
GlobalUnlock
GetCommTimeouts
SetCommTimeouts
PurgeComm
FlushFileBuffers
SetCommState
GetCommState
WriteFile
ReadFile
CreateFileA
LocalFree
lstrcatA
LoadLibraryA
GetProcAddress
IsDBCSLeadByte
lstrcpynA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleHandleA
GetShortPathNameA
MultiByteToWideChar
lstrlenW
CreateThread
GetModuleFileNameA
lstrlenA
CreateMutexA
GetLastError
GetCommandLineA
lstrcmpiA
SetUnhandledExceptionFilter
GetVersionExA
GetCurrentProcess
FormatMessageA
InterlockedDecrement
lstrcpyA
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
TerminateThread
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
SetEvent
WaitForSingleObject
InterlockedIncrement
ResetEvent
InterlockedExchange
Sleep
GlobalDeleteAtom

user32

GetClientRect
AdjustWindowRectEx
PeekMessageA
MapWindowPoints
PostMessageA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowPos
SetWindowLongA
GetDlgItem
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
GetSystemMetrics
CharUpperA
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetFocus
GetFocus
GetParent
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
PtInRect
GetWindowLongA
GetClassNameA
GetMenuItemCount
GetMenuState
GetMenuItemID
GetWindowTextA
LoadIconA
LoadMenuA
GetSubMenu
MessageBoxA
LoadStringA
GetMessageA
DispatchMessageA
DestroyMenu
DestroyIcon
PostThreadMessageA
SendMessageA
CharNextA
SetForegroundWindow
GetCursorPos
TrackPopupMenu
ShowWindow
CopyRect
DialogBoxParamA
GetDlgItemInt
IsDlgButtonChecked
GetWindowRect
MoveWindow
SetDlgItemInt
CheckDlgButton
EndDialog

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
CreateBitmap
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetClipBox
ScaleWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
StartServiceCtrlDispatcherA
ControlService
DeleteService
CreateServiceA
RegDeleteValueA
CloseServiceHandle
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
SetServiceStatus
RegisterServiceCtrlHandlerA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
OpenSCManagerA
OpenServiceA

shell32

Shell_NotifyIconA

comctl32

ord17

ole32

CoDisconnectObject
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoInitialize
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysAllocStringByteLen
SysAllocStringLen

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 11.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b485deeb1b22c05b4d162abe9401d235

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 56KB - Virtual size: 11.2MB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 56KB - Virtual size: 11.2MB

.rsrc
Size: 12KB - Virtual size: 8KB