46fcdcb8da047b59ee0c3879adcac22829be30d7b8a2a9b451c69d5c1a6e247f

Sharing

Copy URL Twitter E-mail

General

Target

46fcdcb8da047b59ee0c3879adcac22829be30d7b8a2a9b451c69d5c1a6e247f
Size

7.0MB
MD5

5ab56bc415610602ab9283b5af290090
SHA1

3011a18161defab49d296873e7640b4ca4f9df9f
SHA256

46fcdcb8da047b59ee0c3879adcac22829be30d7b8a2a9b451c69d5c1a6e247f
SHA512

f7715b7a292c559e5fea93bfb55838af18fa287bb0f2fb8cf01c95f99a1f2ab76414ce327c7ae50a706b438f910e101239ea2dc40a58432e2bc92db7427cc15c
SSDEEP

98304:Q3FcTPxItvoKLKcLzTDKYs2Gw0eU/BA4krU+hj8zL0KNK6HQ7bKsj/skRW0:GF6ayKLXA2GXKszLVTw/Ko/sa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46fcdcb8da047b59ee0c3879adcac22829be30d7b8a2a9b451c69d5c1a6e247f

Files

46fcdcb8da047b59ee0c3879adcac22829be30d7b8a2a9b451c69d5c1a6e247f
.exe windows:4 windows x86 arch:x86

b222c944abaf957384b378901394ff32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioSeek
mmioStringToFOURCCW
mmioDescend
mmioOpenW
mmioRead

comctl32

ord17

uxtheme

EnableThemeDialogTexture

dsound

ord11

kernel32

HeapFree
GetProcessHeap
GetLocaleInfoW
lstrlenW
LoadLibraryA
CompareStringA
GetFullPathNameW
QueryPerformanceCounter
GetFileAttributesW
CompareStringW
QueryPerformanceFrequency
WriteFile
GetCurrentProcess
GetTempPathW
OutputDebugStringA
GetVersionExA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileA
ReadFile
CreateFileA
GetTempFileNameA
GetTempPathA
GetModuleHandleA
VirtualFree
VirtualAlloc
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceA
GetSystemInfo
IsProcessorFeaturePresent
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
FreeResource
DeleteFileW
SetFilePointer
lstrcmpiA
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
SetEndOfFile
ExpandEnvironmentStringsA
HeapAlloc
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
FindFirstFileW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
RaiseException
GetThreadLocale
GetLocaleInfoA
GetACP
GetStdHandle
GetFileType
HeapCreate
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetOEMCP
IsValidCodePage
GetModuleFileNameA
GetTimeZoneInformation
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
VirtualQuery
DeleteCriticalSection
EnterCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
GetVersionExW
LoadLibraryW
GetSystemDirectoryW
InitializeCriticalSection
FreeLibrary
GetCommandLineW
MultiByteToWideChar
GetModuleFileNameW
Sleep
lstrcpynW
GetModuleHandleW
FindResourceExW
LockResource
GlobalFree
GlobalUnlock
SizeofResource
GlobalAlloc
GlobalLock
LoadResource
FindResourceW
lstrcpyW
WriteProcessMemory
CloseHandle
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
OpenProcess
CreateProcessW
GetSystemDefaultLangID
GetFileAttributesA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
GetCurrentThreadId
SetHandleCount

user32

GetDC
ReleaseDC
SetCapture
PtInRect
OffsetRect
GetKeyboardLayout
UnregisterClassA
GetIconInfo
ReleaseCapture
GetKeyboardLayoutList
SetCursor
IsIconic
UnregisterClassW
LoadCursorW
CallWindowProcW
ValidateRgn
IsWindowVisible
FillRect
CallNextHookEx
GetClientRect
GetClassLongW
GetMenu
GetAsyncKeyState
SetRect
GetWindowLongW
GetWindowTextW
SystemParametersInfoW
MonitorFromWindow
SetWindowLongW
RegisterClassExW
EnumDisplayMonitors
SetMenu
ClipCursor
SetWindowsHookExW
RegisterClassW
GetSystemMetrics
AdjustWindowRect
DestroyMenu
GetMonitorInfoW
EnumDisplaySettingsW
InvalidateRect
ScreenToClient
GetDlgItem
PostMessageW
TranslateMessage
PeekMessageW
CreateWindowExW
DispatchMessageW
LoadMenuIndirectW
CreateDialogIndirectParamW
DestroyWindow
EndDialog
SetWindowTextW
EndPaint
SetTimer
GetWindowRect
PostQuitMessage
TrackPopupMenu
GetSubMenu
GetParent
FindWindowW
BeginPaint
LoadIconW
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
CreateDialogParamW
GetMenuItemCount
IsWindow
FindWindowExW
MessageBoxW
SendMessageW
DefWindowProcW
CheckMenuItem
GetWindowThreadProcessId
GetWindow
GetWindowPlacement

gdi32

DeleteObject
GetDIBits
DeleteDC
CreateSolidBrush
SelectObject
CreateDIBSection
GetObjectA
GetTextMetricsA
GetGlyphOutlineA
GetObjectW
GdiFlush
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
ExtTextOutA
MoveToEx
ExtTextOutW
GetCharacterPlacementW
CreateCompatibleDC
GetStockObject
BitBlt
GetCharacterPlacementA

advapi32

RegQueryValueExA
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyA

shell32

SHGetDesktopFolder
ExtractIconW
Shell_NotifyIconW

ole32

CreateStreamOnHGlobal
OleUninitialize
OleInitialize
RegisterDragDrop
StringFromGUID2
CoCreateGuid
CLSIDFromString
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

shlwapi

PathFileExistsW

gdiplus

GdipAlloc
GdipDrawImageRectI
GdipDisposeImage
GdipGetImageHeight
GdipFree
GdipLoadImageFromStream
GdipCloneImage
GdipGetImageWidth
GdipCreateFromHWND
GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b222c944abaf957384b378901394ff32

Headers

File Characteristics

Imports

winmm

comctl32

uxtheme

dsound

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 288KB - Virtual size: 287KB

.data Size: 76KB - Virtual size: 125KB

.rsrc Size: 5.0MB - Virtual size: 5.0MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 288KB - Virtual size: 287KB

.data
Size: 76KB - Virtual size: 125KB

.rsrc
Size: 5.0MB - Virtual size: 5.0MB