872d31c55af7ef65984d53b590f849b6d9d361a90b474ff4456fb1d0c5fa8f76

Sharing

Copy URL

Twitter E-mail

General

Target

872d31c55af7ef65984d53b590f849b6d9d361a90b474ff4456fb1d0c5fa8f76
Size

502KB
MD5

35efa9fadf98103c184ea9bb356fe29a
SHA1

948e9ca1a9999cf4d1d32ab1792ab46d94f84472
SHA256

872d31c55af7ef65984d53b590f849b6d9d361a90b474ff4456fb1d0c5fa8f76
SHA512

278523e6cf5a1c466cd4e483a546f08b890051051f05b4ffc6cf51db9d056a2321ad07e9d10f60ef481fabb9fdbce6b074d32c8bae3ffbc9fc62d3d24a6f3078
SSDEEP

12288:u2qmYfhByyOqD9IyBsa+tFbc4N7Z84WYA97v9fhnvDI8RVF:uffTLZWkh+tdc4N7i4WY6v91btb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/86bcfce2dd342e9a1c04cfc65731d40ed1c397a4ec47bd9f5b41771297d81100.exe

Files

872d31c55af7ef65984d53b590f849b6d9d361a90b474ff4456fb1d0c5fa8f76
.zip

Password: infected
86bcfce2dd342e9a1c04cfc65731d40ed1c397a4ec47bd9f5b41771297d81100.exe
.dll windows:5 windows x64 arch:x64

a272733471032e2064bf69c66a9c775a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

FFgnji|RgnjiR.pdb

Imports

shlwapi

ChrCmpIW
UrlIsOpaqueW

gdi32

GetPolyFillMode
CreateBitmapIndirect

user32

WaitForInputIdle
GetFocus
GetParent
LookupIconIdFromDirectoryEx

advapi32

GetServiceDisplayNameW

kernel32

HeapUnlock
TerminateJobObject
DeleteTimerQueue
GetNamedPipeServerProcessId
GetConsoleFontSize
GetFileInformationByHandle
GetThreadLocale

Exports

Exports

BeginBufferedAnimation
BeginBufferedPaint
BeginPanningFeedback
BufferedPaintClear
BufferedPaintInit
BufferedPaintRenderAnimation
BufferedPaintSetAlpha
BufferedPaintStopAllAnimations
BufferedPaintUnInit
CloseThemeData
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DrawThemeBackground
DrawThemeBackgroundEx
DrawThemeEdge
DrawThemeIcon
DrawThemeParentBackground
DrawThemeParentBackgroundEx
DrawThemeText
DrawThemeTextEx
EnableThemeDialogTexture
EnableTheming
EndBufferedAnimation
EndBufferedPaint
EndPanningFeedback
GetBufferedPaintBits
GetBufferedPaintDC
GetBufferedPaintTargetDC
GetBufferedPaintTargetRect
GetColorFromPreference
GetCurrentThemeName
GetImmersiveColorFromColorSetEx
GetImmersiveUserColorSetPreference
GetThemeAnimationProperty
GetThemeAnimationTransform
GetThemeAppProperties
GetThemeBackgroundContentRect
GetThemeBackgroundExtent
GetThemeBackgroundRegion
GetThemeBitmap
GetThemeBool
GetThemeColor
GetThemeDocumentationProperty
GetThemeEnumValue
GetThemeFilename
GetThemeFont
GetThemeInt
GetThemeIntList
GetThemeMargins
GetThemeMetric
GetThemePartSize
GetThemePosition
GetThemePropertyOrigin
GetThemeRect
GetThemeStream
GetThemeString
GetThemeSysBool
GetThemeSysColor
GetThemeSysColorBrush
GetThemeSysFont
GetThemeSysInt
GetThemeSysSize
GetThemeSysString
GetThemeTextExtent
GetThemeTextMetrics
GetThemeTimingFunction
GetThemeTransitionDuration
GetUserColorPreference
GetWindowTheme
HitTestThemeBackground
IsAppThemed
IsCompositionActive
IsThemeActive
IsThemeBackgroundPartiallyTransparent
IsThemeDialogTextureEnabled
IsThemePartDefined
OpenThemeData
OpenThemeDataEx
OpenThemeDataForDpi
SetThemeAppProperties
SetWindowTheme
SetWindowThemeAttribute
ThemeInitApiHook
UpdatePanningFeedback

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 408KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.cwkw
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

a272733471032e2064bf69c66a9c775a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 264KB - Virtual size: 263KB

.rdata Size: 408KB - Virtual size: 406KB

.data Size: 76KB - Virtual size: 74KB

.pdata Size: 4KB - Virtual size: 324B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.cwkw Size: 4KB - Virtual size: 2KB

.text
Size: 264KB - Virtual size: 263KB

.rdata
Size: 408KB - Virtual size: 406KB

.data
Size: 76KB - Virtual size: 74KB

.pdata
Size: 4KB - Virtual size: 324B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.cwkw
Size: 4KB - Virtual size: 2KB