a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666

Sharing

Copy URL

Twitter E-mail

General

Target

a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666
Size

584KB
MD5

25b1052f544cdf4c57ae8b90d83df1ac
SHA1

2b1d50060504fd8ec7cbeea25ac4774128ca014e
SHA256

a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666
SHA512

bc438cdcf7d7a8a74f57265f9bdc625373a6c0eb11ff9eac431ccf86abab4b6f18ee268108e1ef2053ca367c79385a159da80c7fa837cdf580e945c2e82cb584
SSDEEP

6144:V8+i1XKDBMZkRhJEHEkVsWqTWVHXJTuEeJhtqJPdk8hZZx:+9KDBnRhiEAqKV30d0Pdk8n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666

Files

a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666
.exe windows:4 windows x86 arch:x86

39527421e19653ad02e31fcf8b625df3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
SetErrorMode
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
HeapAlloc
GetTimeZoneInformation
GetLocalTime
GetACP
SetStdHandle
GetFileType
TerminateProcess
CreateThread
ExitThread
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SystemTimeToFileTime
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetProcessVersion
FindResourceExA
MulDiv
GetVolumeInformationA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
GetCurrentProcess
DuplicateHandle
CreateEventA
SuspendThread
SetThreadPriority
GlobalAlloc
GetCurrentThread
SetLastError
GetModuleFileNameA
FileTimeToLocalFileTime
GetDiskFreeSpaceA
SetFileTime
lstrcpynA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GetFileAttributesA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
LockResource
GlobalFree
FileTimeToSystemTime
GetSystemTime
FlushFileBuffers
CreatePipe
CreateProcessA
WriteFile
WaitForMultipleObjects
GetLastError
GetTempPathA
GetTempFileNameA
ResetEvent
ResumeThread
lstrcmpA
FindFirstFileA
FindNextFileA
SetFilePointer
CreateFileA
GetFileSize
GetFileTime
ReadFile
GetExitCodeThread
SetEvent
WaitForSingleObject
CloseHandle
lstrcpyA
CreateDirectoryA
FreeLibrary
VirtualFree
VirtualAlloc
LoadLibraryA
GetProcAddress
GetFullPathNameA
UnhandledExceptionFilter

user32

LoadStringA
PostQuitMessage
ShowOwnedPopups
SetCursor
ValidateRect
TranslateMessage
GetMessageA
CharUpperA
InvalidateRect
ReleaseDC
GetDC
DestroyMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
GetDesktopWindow
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsZoomed
LoadCursorA
GetSysColorBrush
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
InflateRect
WindowFromPoint
SetRect
GetDCEx
LockWindowUpdate
SetCapture
SetParent
CheckMenuItem
EnableMenuItem
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
wvsprintfA
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowRect
MapDialogRect
SetWindowPos
ShowWindow
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
GetParent
PostMessageA
KillTimer
SetTimer
ScreenToClient
LoadMenuA
GetSubMenu
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
EqualRect
SetMenuItemBitmaps
GetCursorPos
wsprintfA
GetWindowLongA
SetWindowLongA
SendMessageA
EnableWindow
UnregisterClassA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
CreateRectRgn
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetRectRgn
CombineRgn
RestoreDC
SaveDC
DeleteDC
EnumFontFamiliesExA
GetStockObject
GetDeviceCaps
CreateFontIndirectA
DeleteObject
GetTextMetricsA
SelectObject
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA

shell32

DragFinish
ShellExecuteA
DragQueryFileA

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
ord17
ImageList_Destroy
PropertySheetA
ImageList_LoadImageA

wsock32

htons
WSAGetLastError
listen
shutdown
WSASetLastError
inet_addr
ntohs
getpeername
ioctlsocket
bind
accept
htonl
closesocket
recv
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
connect

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39527421e19653ad02e31fcf8b625df3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 296KB - Virtual size: 309KB

.rsrc Size: 60KB - Virtual size: 58KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 296KB - Virtual size: 309KB

.rsrc
Size: 60KB - Virtual size: 58KB