d351ac17dc0d9476ef029484a165f99e258f546bba2d619b1c6485cb8875ac7a

Resubmissions

18-04-2024 05:22

240418-f2z8nscc74 10

18-04-2024 05:22

18-04-2024 05:21

18-04-2024 05:21

18-04-2024 05:21

Sharing

Copy URL

Twitter E-mail

General

Target

d351ac17dc0d9476ef029484a165f99e258f546bba2d619b1c6485cb8875ac7a
Size

371KB
MD5

bb8cd5df2be7e8bcc5be439675b3d0a2
SHA1

627ac60f64974d5caaf81c2de8ca0977c91f4219
SHA256

d351ac17dc0d9476ef029484a165f99e258f546bba2d619b1c6485cb8875ac7a
SHA512

57031eb7d7b2c27d7ecacdc085d07065ced46a742128f9818f62c9fe6633c31aa8eb20ffc52c8415613787946060f5a6b5adf8b977d5ca4fed9656233ebd9cfa
SSDEEP

6144:tnzQnu/cmM1oSigOQT2F8U92Iu7DMVQZhWLvLRXdYX9ji+uhi2PsrhY:hzQnkM1oSiBGI8bxn5m6i+uo20tY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d351ac17dc0d9476ef029484a165f99e258f546bba2d619b1c6485cb8875ac7a

Files

d351ac17dc0d9476ef029484a165f99e258f546bba2d619b1c6485cb8875ac7a
.exe windows:5 windows x86 arch:x86

1752e252b3defa659552e474d93765b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
InitializeCriticalSectionAndSpinCount
ReadFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
LoadLibraryA
ExitProcess
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
InterlockedDecrement
GetCurrentThreadId
GetConsoleOutputCP
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
WriteConsoleW
SetStdHandle
CreateFileA
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetProcessHeap
lstrcpyW
LocalFree
GetCurrentProcessId
CloseHandle
OutputDebugStringA
CreateToolhelp32Snapshot
CreateMutexA
GetModuleHandleA
GetLocalTime
GetCurrentDirectoryW
GetLastError
MultiByteToWideChar
GetTimeZoneInformation
GetModuleFileNameW
FileTimeToSystemTime
MulDiv
HeapCreate
GetFileAttributesA
Sleep
GlobalAlloc
GetLocaleInfoA
OpenProcess
HeapFree
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetPriorityClass
GetProcessTimes
TzSpecificLocalTimeToSystemTime
GetConsoleTitleA
Process32Next
SetLastError
OpenMutexA
GetTickCount
GetLogicalDrives
Process32First
GetCurrentProcess
SystemTimeToFileTime
HeapAlloc

user32

SendMessageW
UpdateWindow
EnableWindow
DestroyMenu
FindWindowA
SetScrollInfo
GetSystemMetrics
SetDlgItemTextW
GetSysColorBrush
ShowWindow
EnumWindowStationsW
SetWindowPos
GetSysColor
DefWindowProcA
EndDialog
ScrollWindow
IsDlgButtonChecked
SetWindowTextA
FlashWindow
DefMDIChildProcA
MoveWindow
EndPaint
DestroyWindow
GetDlgItemInt
SetTimer
GetWindowRect
PostQuitMessage
SendDlgItemMessageA
FillRect
DrawTextW
KillTimer
GetSubMenu
SetForegroundWindow
LoadStringA
GetParent
LoadIconA
CallNextHookEx
wsprintfA
DrawIcon
GetClientRect
SetFocus
GetWindowTextLengthA
SendMessageA
BeginPaint
DlgDirListA
GetIconInfo
GetDC
InflateRect
GetForegroundWindow
GetWindowTextA
CreateIcon
SetWindowLongA
GetScrollInfo
MessageBoxA
InvalidateRect
LoadMenuW
GetWindowLongA
CreateWindowExA
SetScrollPos
ReleaseDC
GetDlgItem

gdi32

CreateCompatibleDC
CreateSolidBrush
GetTextExtentPoint32W
SetTextColor
CreateDIBSection
CreateFontA
GetDeviceCaps
SetBkColor
ExcludeClipRect
CreateBitmap
SetBkMode
DeleteObject
SelectObject
PolyPolyline
CreateRectRgnIndirect
CombineRgn
FillRgn
Polyline
CreatePen
GetTextMetricsA
SetROP2
RectVisible
GetPixel
GetObjectA
GetStockObject

comdlg32

ChooseFontA

advapi32

GetSecurityDescriptorDacl
OpenProcessToken
AccessCheck
GetAclInformation
RegQueryValueExW
LookupAccountNameW
LookupPrivilegeValueW
ImpersonateSelf
RegOpenKeyExW
GetFileSecurityA
RegCloseKey

shell32

DragQueryFileA
ord727
SHGetFileInfoW
SHGetPathFromIDListA

ole32

RegisterDragDrop
CoTaskMemAlloc
CoGetClassObject
CoInitialize
OleInitialize
CLSIDFromProgID
CoCreateInstance

oleaut32

OleCreateFontIndirect
OleTranslateColor
SysAllocStringByteLen
VariantInit

ws2_32

WSCEnumProtocols
inet_ntoa
connect
htons
socket
WSAGetLastError
closesocket
gethostbyname

netapi32

NetLocalGroupSetInfo

msi

ord64

winscard

SCardEstablishContext
SCardListReadersA

msimg32

GradientFill

cryptui

CryptUIWizImport

shlwapi

PathMatchSpecA

comctl32

ord16
ImageList_Remove
ImageList_Create
ImageList_Draw

rpcrt4

RpcBindingFromStringBindingA
RpcSmDestroyClientContext
RpcSmGetThreadHandle
RpcStringBindingComposeA
RpcStringFreeA
RpcSmEnableAllocate

imm32

ImmGetContext
ImmGetConversionStatus

authz

AuthzUnregisterSecurityEventSource
AuthzUninstallSecurityEventSource
AuthzInitializeResourceManager

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

1752e252b3defa659552e474d93765b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

netapi32

msi

winscard

msimg32

cryptui

shlwapi

comctl32

rpcrt4

imm32

authz

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 196KB - Virtual size: 195KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 196KB - Virtual size: 195KB