90acbb230e26b43cf950822373160d0a216edf237cf2563792d11dd82470e529

Sharing

Copy URL

Twitter E-mail

General

Target

90acbb230e26b43cf950822373160d0a216edf237cf2563792d11dd82470e529
Size

309KB
MD5

1cfd3c8e2a03605e221db18e1f2dfa9d
SHA1

43bb8ca32516f289e8712e6577eceadfa9e43e8a
SHA256

90acbb230e26b43cf950822373160d0a216edf237cf2563792d11dd82470e529
SHA512

3f6cae2e1887d82a16a37d252aed8588f17864ae176208894d1cb592a40baca49dce1c2af0692a8c9c3e7fdd33067a7aded92e260367812461ec1ab4409f4d76
SSDEEP

6144:Sk8KfQlEeA7qKmKBidQRZ66z+n4VZbd8g79pgrXNgRnVLjyzhbkidNN2nF:SA6EZO7KUQRZ66z24VZbdrpgrXN2LWzM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90acbb230e26b43cf950822373160d0a216edf237cf2563792d11dd82470e529

Files

90acbb230e26b43cf950822373160d0a216edf237cf2563792d11dd82470e529
.exe windows:10 windows x86 arch:x86

5eadfa1daf16ba4d74c085f91f544d0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

regedit.pdb

Imports

advapi32

RegOpenKeyW
RegDeleteValueW
RegCreateKeyW
RegGetValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegLoadKeyW
RegUnLoadKeyW
RegDeleteKeyW
RegQueryInfoKeyW
RegRenameKey
GetSecurityInfo
RegQueryValueExW
OpenProcessToken
RegSetKeySecurity
GetSecurityDescriptorControl
AdjustTokenPrivileges
LookupPrivilegeValueW
RegConnectRegistryW
GetInheritanceSourceW
RegEnumValueW
LookupAccountSidW
MapGenericMask
SetSecurityInfo
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegFlushKey
GetSidSubAuthority
GetSecurityDescriptorGroup
GetSidSubAuthorityCount
SetSecurityDescriptorOwner
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
RegSetValueW
RegRestoreKeyW
RegSetValueExA
RegSaveKeyW
SetSecurityDescriptorGroup
RegCloseKey

kernel32

GetDateFormatW
FreeLibrary
GetTimeFormatW
FileTimeToLocalFileTime
LoadLibraryW
FileTimeToSystemTime
lstrcmpW
WideCharToMultiByte
GetFileSize
DeleteFileW
OutputDebugStringW
MultiByteToWideChar
CreateFileW
SetFilePointer
GlobalLock
LocalReAlloc
GlobalUnlock
SetLastError
CompareStringOrdinal
GetLastError
LocalFree
GetComputerNameW
GetModuleHandleW
MulDiv
WriteFile
SearchPathW
ReadFile
CloseHandle
GetCurrentProcess
RegisterApplicationRestart
LocalAlloc
lstrcmpiW
FormatMessageW
GetProcessHeap
GetCommandLineW
GetLongPathNameW
GetThreadLocale
HeapSetInformation
Sleep
GetStartupInfoW
UnhandledExceptionFilter
ExitProcess
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
ResolveDelayLoadedAPI
DelayLoadFailureHook
GlobalAlloc

gdi32

GetStockObject
GetTextExtentPoint32W
StartPage
AbortDoc
EndDoc
DeleteDC
SetViewportOrgEx
SetAbortProc
StartDocW
EndPage
CreatePatternBrush
CreateBitmap
PatBlt
SelectClipRgn
GetObjectW
ExtTextOutW
CreateFontIndirectW
DeleteObject
SetBkColor
SetTextColor
GetTextMetricsW
GetDeviceCaps
SelectObject
ExcludeClipRect

user32

ShowCursor
LoadImageW
UpdateWindow
DialogBoxParamW
PostQuitMessage
CheckMenuItem
GetKeyState
SetCursor
InsertMenuW
EndDeferWindowPos
DrawMenuBar
GetProcessDefaultLayout
LoadIconW
GetSysColor
SetThreadDpiAwarenessContext
SetMenuDefaultItem
SetWindowPlacement
SetMenuItemInfoW
ClientToScreen
DestroyIcon
DispatchMessageW
BeginDeferWindowPos
ShowWindow
LoadStringW
GetWindowPlacement
RegisterClassExW
SetWindowTextW
ScreenToClient
DeleteMenu
CreateWindowExW
GetDpiForWindow
InsertMenuItemW
GetMenu
GetMenuItemID
PostMessageW
GetMenuItemInfoW
DeferWindowPos
GetMessageW
GetClientRect
CharNextW
DestroyWindow
CreateDialogParamW
CheckDlgButton
IntersectRect
GetDpiForSystem
ModifyMenuW
DrawAnimatedRects
SetForegroundWindow
FindWindowW
TranslateMessage
TranslateAcceleratorW
BringWindowToTop
LoadAcceleratorsW
GetLastActivePopup
PeekMessageW
IsDialogMessageW
GetWindow
CharUpperBuffW
IsCharAlphaNumericW
CharUpperW
CharLowerW
LoadMenuW
GetWindowRect
GetDC
SetWindowPos
HideCaret
EndDialog
GetSystemMetrics
MessageBeep
SetCaretPos
OpenClipboard
SetTimer
CloseClipboard
EmptyClipboard
CreateCaret
SetDlgItemTextW
RegisterClassW
MapWindowPoints
SendDlgItemMessageW
MoveWindow
DestroyMenu
IsIconic
SetCursorPos
EnableWindow
GetWindowTextLengthW
CallWindowProcW
GetDlgItemInt
CheckRadioButton
SendMessageW
SetFocus
GetClipboardData
ScrollWindowEx
LoadCursorW
DestroyCaret
SetCapture
SetClipboardData
SetWindowLongW
TrackPopupMenuEx
GetDlgItemTextW
IsDlgButtonChecked
GetParent
GetWindowTextW
GetWindowLongW
SetScrollInfo
RegisterClipboardFormatW
GetMessagePos
GetDlgItem
IsClipboardFormatAvailable
ShowCaret
KillTimer
EnableMenuItem
ReleaseCapture
InvalidateRect
ReleaseDC
BeginPaint
EndPaint
DefWindowProcW
GetSystemMetricsForDpi
GetSubMenu

msvcrt

?terminate@@YAXXZ
_except_handler4_common
_acmdln
_initterm
__setusermatherr
_ismbblead
__p__fmode
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
__p__commode
iswprint
_resetstkoflw
_vsnwprintf
memmove
atoi
memcpy_s
wcschr
free
isspace
_wcsnicmp
wcsrchr
wcsncmp
malloc
_purecall
memset
_controlfp
memcpy
_XcptFilter

api-ms-win-core-path-l1-1-0

PathCchAddBackslash

shlwapi

StrChrW
StrRChrW
ord388
ord219
StrToIntW
StrChrIW
StrStrIW

comctl32

ImageList_SetBkColor
ImageList_ReplaceIcon
ord410
ord384
ord337
ord236
InitCommonControlsEx
ImageList_Create
ord4
ImageList_Destroy
ord2
ord334
ord340
ord413
ord338
ord329

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW
PrintDlgExW

shell32

DragFinish
DragQueryFileW
SHGetStockIconInfo
ord6
ShellAboutW

authz

AuthzInitializeContextFromSid
AuthzFreeContext
AuthzFreeResourceManager
AuthzAccessCheck
AuthzInitializeResourceManager

aclui

ord2

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc

ulib

?SPrintfAppend@DSTRING@@UAAEPBGZZ
?NewBuf@DSTRING@@UAEEK@Z
?DebugDump@OBJECT@@UBEXE@Z
?Resize@DSTRING@@UAEEK@Z
?Initialize@WSTRING@@QAEEPBGK@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
??0DSTRING@@QAE@XZ
??1DSTRING@@UAE@XZ
?SPrintf@DSTRING@@UAAEPBGZZ
?Initialize@ARRAY@@QAEEKK@Z
??1OBJECT@@UAE@XZ
??0OBJECT@@IAE@XZ
??0ARRAY@@QAE@XZ
?Compare@OBJECT@@UBEJPBV1@@Z

clb

ClbSetColumnWidths
ClbAddData

ntdll

RtlFreeHeap
RtlAllocateHeap
RtlCreateUnicodeString
RtlInitUnicodeString
RtlFreeUnicodeString
RtlCmDecodeMemIoResource
RtlIoDecodeMemIoResource

uxtheme

SetWindowTheme

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5eadfa1daf16ba4d74c085f91f544d0e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

msvcrt

api-ms-win-core-path-l1-1-0

shlwapi

comctl32

comdlg32

shell32

authz

aclui

ole32

ulib

clb

ntdll

uxtheme

Sections

.text Size: 101KB - Virtual size: 101KB

.data Size: 512B - Virtual size: 268KB

.idata Size: 9KB - Virtual size: 9KB

.didat Size: 512B - Virtual size: 8B

.rsrc Size: 187KB - Virtual size: 186KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 101KB - Virtual size: 101KB

.data
Size: 512B - Virtual size: 268KB

.idata
Size: 9KB - Virtual size: 9KB

.didat
Size: 512B - Virtual size: 8B

.rsrc
Size: 187KB - Virtual size: 186KB

.reloc
Size: 9KB - Virtual size: 8KB