b79447ae563588476cfa9be9c60e7264a944a39f448bbcbab2132fcaa726a266

Sharing

Copy URL Twitter E-mail

General

Target

b79447ae563588476cfa9be9c60e7264a944a39f448bbcbab2132fcaa726a266
Size

144KB
MD5

8e37a55af818877e0e74d5cb1ccb993a
SHA1

9ddc4b71479ef4bbdd37219721801c71efa73fc1
SHA256

b79447ae563588476cfa9be9c60e7264a944a39f448bbcbab2132fcaa726a266
SHA512

844bc873547721f99b55abf14acc7e7522150f6023a2f61880c1f44699522cdb34e2d0e84814ee569a4b3907b2c82b6dbc9bd828d277d3cbcbdbc5d04d7d2e0f
SSDEEP

3072:3BzpbXWyKG9tztQ97kguvoxGSc3yDvnF4NmHtl37V1:Rz4yBtzCqlvnbCz1TV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b79447ae563588476cfa9be9c60e7264a944a39f448bbcbab2132fcaa726a266

Files

b79447ae563588476cfa9be9c60e7264a944a39f448bbcbab2132fcaa726a266
.exe windows:4 windows x86 arch:x86

b7c27cf115a768d4f5f0eab8f23182cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

u:\Src\PatchInstaller\Release_GV\PatchInstaller.pdb

Imports

kernel32

GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
WritePrivateProfileStringA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcmpW
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
SetErrorMode
GetProcAddress
lstrcpyA
lstrcatA
FreeResource
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
CreateThread
GetCommandLineA
GetModuleHandleA
GetSystemDirectoryA
GetSystemDefaultLCID
FindFirstFileA
SetFileAttributesA
CopyFileA
GetModuleFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
WaitForSingleObject
GetExitCodeProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetConsoleTitleA
GetCurrentProcessId
GetTickCount
SetConsoleTitleA
HeapSize
Sleep

user32

BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextA
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
FindWindowA
wsprintfA
ShowWindow
EnableWindow
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
DestroyMenu
IsIconic
GetWindowPlacement
SetCursor
GetForegroundWindow
EndPaint
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
MessageBoxA
SendMessageA
EndDialog
GetNextDlgTabItem
GetDlgItem
IsWindow
GetWindowRect
CopyRect
PtInRect
GetWindow
PostMessageA
PostQuitMessage
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
LoadIconA

gdi32

DeleteDC
TextOutA
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteExA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c27cf115a768d4f5f0eab8f23182cb

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 6KB