4357ced71ef6553a375d44cecf898621a1c8bdd9019c98b1ef71849669c66717

Sharing

Copy URL Twitter E-mail

General

Target

4357ced71ef6553a375d44cecf898621a1c8bdd9019c98b1ef71849669c66717
Size

157KB
MD5

7d20ff76a89e3a90ab4ecec6d3eb42d9
SHA1

f9d8e9235daaa65e9ee5db005d2c7bd96b82d0ed
SHA256

4357ced71ef6553a375d44cecf898621a1c8bdd9019c98b1ef71849669c66717
SHA512

3efe27002109a0b03f9e8e30b83c1a9e8fda0dbb85ba8680f371330e03fb93ae5193aed1f40c697b250b185c969904a6f0f065ce7f582a4d8338089ff0fda44a
SSDEEP

3072:to6G2NBL0IT4Am0sdjiiMS2BvC4aaXOyx5PRgMnDHmPHjHz:tosnLt4Am5/MFp7XOULDHmPDT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e87a4702ca5a64b7c10f7ccd6ebc8bc454560e58dcbc78a0e74f15fc9a59cdc5.exe

Files

4357ced71ef6553a375d44cecf898621a1c8bdd9019c98b1ef71849669c66717
.zip

Password: infected
e87a4702ca5a64b7c10f7ccd6ebc8bc454560e58dcbc78a0e74f15fc9a59cdc5.exe
.exe windows:5 windows x86 arch:x86

726e9762c7fe116389ad1e6d6de4c6c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
LoadLibraryA
GetModuleHandleW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
UnmapViewOfFile
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
SuspendThread
SleepEx
Sleep
SizeofResource
SetThreadPriority
SetThreadLocale
SetLastError
SetErrorMode
SetCurrentDirectoryW
ResumeThread
ReleaseSemaphore
ReleaseMutex
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
PeekNamedPipe
OutputDebugStringW
MultiByteToWideChar
MulDiv
MoveFileExW
MapViewOfFile
LockResource
LocalFree
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
IsValidCodePage
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
GlobalMemoryStatus
GetVersionExW
GetVersionExA
GetVersion
GetProcAddress
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemTimeAdjustment
GetSystemTime
GetStdHandle
GetModuleHandleA
GetModuleFileNameW
GetLogicalDriveStringsW
GetLocaleInfoW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentVariableW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCPInfo
GetACP
FreeLibrary
FormatMessageW
FormatMessageA
FlushConsoleInputBuffer
FindResourceW
VirtualAlloc
CloseHandle
CopyFileW
CreateFileMappingA
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsA
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateSemaphoreW
CreateProcessW
CreateMutexW
CreateFileW

user32

GetDC
LoadIconA

gdi32

StretchDIBits
StretchBlt
StartPage
StartDocW
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
SetPixel
SetMapMode
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
RoundRect
Rectangle
RectInRegion
RealizePalette
PtInRegion
Polyline
Polygon
PolyPolygon
PolyBezier
PlayEnhMetaFile
Pie
OffsetRgn
MoveToEx
MaskBlt
LineTo
GetTextMetricsW
GetTextExtentPoint32W
GetTextExtentExPointW
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetRegionData
GetPixel
GetPaletteEntries
GetOutlineTextMetricsW
GetObjectW
GetObjectType
GetNearestPaletteIndex
GetEnhMetaFileW
GetEnhMetaFileHeader
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetClipBox
GetCharABCWidthsW
GetBkColor
CloseEnhMetaFile
DeleteMetaFile
DeleteDC
CloseFigure
EndPath
CreateSolidBrush
AbortPath
GdiFlush
CreatePatternBrush
CancelDC
CreateCompatibleDC
GdiGetBatchLimit
DeleteEnhMetaFile
CloseMetaFile
DeleteObject
CreateHalftonePalette
EndDoc
DeleteColorSpace
EndPage
FillPath
BeginPath
AbortDoc
Arc
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHatchBrush
CreateICW
CreatePalette
CreatePen
CreateRectRgn
CreateRectRgnIndirect
Ellipse
EnumFontFamiliesExW
EqualRgn
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW

comdlg32

GetFileTitleA

advapi32

RegQueryValueExW
FreeSid
GetUserNameW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource

ole32

OleInitialize

shlwapi

PathIsUNCA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ImageList_EndDrag
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
_TrackMouseEvent
ImageList_BeginDrag

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

726e9762c7fe116389ad1e6d6de4c6c4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

shlwapi

comctl32

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 78KB - Virtual size: 77KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 78KB - Virtual size: 77KB