d6911dd8ad1059e6b8076c01d96b3a488cf00a009460cb138bf1a6559bb89ff1

Sharing

Copy URL Twitter E-mail

General

Target

d6911dd8ad1059e6b8076c01d96b3a488cf00a009460cb138bf1a6559bb89ff1
Size

187KB
MD5

cf51be65f7388bdc0a7eb9fd6dbaee5a
SHA1

d389a9f4aa26ad85859ef8cf755958a339b82578
SHA256

d6911dd8ad1059e6b8076c01d96b3a488cf00a009460cb138bf1a6559bb89ff1
SHA512

e7a4858bf6fdb9c9dd6451d39fcbae67d09374e243d3a1186df5d030bcc3693c27848d7fb5fa2673aa0cf6c0a8a16b54952adf6a0002fb734e077b9af4b0f15d
SSDEEP

3072:MMf6ftKwmKgMkR1ykY9uN0Kpg9P8cNM0T7RdEjRCj+NrcH0w:MMLwxhuhcP8cf4jgWjw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6911dd8ad1059e6b8076c01d96b3a488cf00a009460cb138bf1a6559bb89ff1

Files

d6911dd8ad1059e6b8076c01d96b3a488cf00a009460cb138bf1a6559bb89ff1
.exe windows:4 windows x86 arch:x86

4f53f6228d0927a38a9930791bdf30e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapReAlloc
HeapSize
GetCPInfo
GetACP
HeapAlloc
GetOEMCP
GetTimeZoneInformation
UnhandledExceptionFilter
HeapFree
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
TerminateProcess
ExitProcess
GlobalUnlock
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetPrivateProfileIntA
GetCurrentThreadId
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
CloseHandle
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetLastError
SetLastError
lstrlenA
WritePrivateProfileStringA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetProcessVersion
GetVersion
GlobalFlags
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetDiskFreeSpaceA
GetTempFileNameA
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcatA
WinExec
GlobalGetAtomNameA
GlobalAddAtomA
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
IsBadWritePtr
IsBadCodePtr

user32

AdjustWindowRectEx
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
DeferWindowPos
IsDialogMessageA
SetWindowTextA
GetClassNameA
PtInRect
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyIcon
GetTopWindow
IsChild
RegisterClassA
GetWindowTextA
DefWindowProcA
CreateWindowExA
SetPropA
UnhookWindowsHookEx
GetForegroundWindow
SetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindowRect
EndDeferWindowPos
GetClientRect
CreateDialogIndirectParamA
DestroyWindow
GetLastActivePopup
BringWindowToTop
IsIconic
EqualRect
CopyRect
SetWindowLongA
InvalidateRect
GetDlgItem
GetSubMenu
GetMenuItemCount
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
GetWindowLongA
ShowWindow
IsWindow
GetDesktopWindow
IsWindowEnabled
GetWindow
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GetSystemMetrics
CharUpperA
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
SendMessageA
PostMessageA
PostQuitMessage
EnableWindow
BeginDeferWindowPos
RegisterWindowMessageA
ScreenToClient
EndDialog
GetDlgCtrlID
SetWindowPos
SetActiveWindow
UpdateWindow
WindowFromPoint
UnregisterClassA

gdi32

GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
CreateBitmap
SetTextColor
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkColor
DeleteObject

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegSetValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f53f6228d0927a38a9930791bdf30e9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 10KB - Virtual size: 22KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 10KB - Virtual size: 22KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 18KB - Virtual size: 18KB