dd38de329181a24adce7ffc48fd93bf555beb6d29e333b38f08a5c4207282fbd

Sharing

Copy URL Twitter E-mail

General

Target

dd38de329181a24adce7ffc48fd93bf555beb6d29e333b38f08a5c4207282fbd
Size

7.5MB
MD5

7fd353cc1a823661083da4ea7bae430f
SHA1

5ac03a31771c9ca8be5f768b66fb0d8f0315ef8a
SHA256

dd38de329181a24adce7ffc48fd93bf555beb6d29e333b38f08a5c4207282fbd
SHA512

b6c9f941a0ec5428f46f9d85c9dbb886d64fd9f57fa3530eaf90609b05c5c3cd905dd01fa3165e9ccf6f439f2b5769c9abc8e2c5e266ef6abaa19a6a91ef4c72
SSDEEP

98304:XOId7uj06ewenkqCRUp3S1XGlY9DvYst5iI+xrn04ZWra1ZfIoiHXZ6HQ7Gi:lIY3wok5RUp3la9DbtoV44ZWbocYwv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd38de329181a24adce7ffc48fd93bf555beb6d29e333b38f08a5c4207282fbd

Files

dd38de329181a24adce7ffc48fd93bf555beb6d29e333b38f08a5c4207282fbd
.exe windows:4 windows x86 arch:x86

a85f8290ae7bab2f003d491b7dbb8973

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

winmm

timeGetTime

comctl32

ord17

kernel32

CreateFileA
GetTempFileNameA
GetTempPathA
OutputDebugStringA
GetSystemInfo
IsProcessorFeaturePresent
LoadLibraryA
GetModuleHandleA
GetLastError
MapViewOfFile
GetFileSize
CreateFileMappingA
GetVersionExA
UnmapViewOfFile
FindResourceA
EnterCriticalSection
InterlockedExchange
InitializeCriticalSection
InterlockedCompareExchange
DeleteCriticalSection
LeaveCriticalSection
GetFullPathNameA
lstrcmpiA
CompareStringA
FreeResource
DeleteFileW
SetFilePointer
VirtualFree
VirtualAlloc
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
SetEndOfFile
ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
HeapFree
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FreeLibrary
ReadFile
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
LCMapStringW
LCMapStringA
HeapSize
GetModuleFileNameA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
RaiseException
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapReAlloc
IsValidLocale
GetLocalTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
FindFirstFileW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
DeleteFileA
InterlockedDecrement
InterlockedIncrement
GetTempPathW
CloseHandle
QueryPerformanceFrequency
MultiByteToWideChar
CreateFileW
WideCharToMultiByte
QueryPerformanceCounter
GetFullPathNameW
WriteFile
LockResource
SizeofResource
LoadResource
FindResourceW
GetModuleFileNameW
CreateProcessW
lstrcpyW
lstrcatW
GetProcAddress
SetThreadPriority
GetVersionExW
LoadLibraryW
Sleep
GetCommandLineW
GetCurrentThread
GetLocaleInfoW
GetDriveTypeA
CompareStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetTimeZoneInformation
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFileAttributesA
VirtualQuery
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetCurrentProcess
TerminateProcess

user32

EndPaint
SetCursor
EnumDisplayDevicesW
SetTimer
ScreenToClient
GetMessageW
PostQuitMessage
FillRect
DrawTextW
KillTimer
DialogBoxParamW
LoadCursorW
GetClientRect
SetRectEmpty
BeginPaint
wsprintfW
TranslateMessage
LoadIconW
SetRect
UnionRect
InvalidateRect
GetWindowTextW
SystemParametersInfoW
PeekMessageW
MonitorFromWindow
GetDlgItem
EndDialog
SetWindowPos
LoadStringW
CheckDlgButton
ShowWindow
FrameRect
IsDlgButtonChecked
CreateWindowExW
CheckRadioButton
MessageBoxW
RegisterClassW
SendMessageW
UpdateWindow
EnableWindow
AdjustWindowRect
SetWindowTextW
GetMonitorInfoW
DefWindowProcW
EnumDisplaySettingsW
MonitorFromRect
DispatchMessageW
PostMessageW

gdi32

DeleteObject
ExcludeClipRect
GetStockObject

advapi32

RegQueryValueExA
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyA

shell32

ShellExecuteW

ole32

CoCreateGuid
CoCreateInstance
CoInitialize
StringFromGUID2
CLSIDFromString

oleaut32

SysFreeString
SysAllocString

gdiplus

GdiplusStartup

shlwapi

PathFileExistsW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a85f8290ae7bab2f003d491b7dbb8973

Headers

File Characteristics

Imports

d3d9

winmm

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

gdiplus

shlwapi

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 68KB - Virtual size: 105KB

.rsrc Size: 5.7MB - Virtual size: 5.7MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 68KB - Virtual size: 105KB

.rsrc
Size: 5.7MB - Virtual size: 5.7MB