384ffb912493477f83fa12efd2422a858c4e18d5b9f0d3fb310625746ca2c410

Sharing

Copy URL

Twitter E-mail

General

Target

384ffb912493477f83fa12efd2422a858c4e18d5b9f0d3fb310625746ca2c410
Size

4.8MB
MD5

0c8f5b08e16e602f0a4cf24dde88316b
SHA1

141fe46e8c978496a7a432a935243556d9bf8a78
SHA256

384ffb912493477f83fa12efd2422a858c4e18d5b9f0d3fb310625746ca2c410
SHA512

a8532f077cf87043e871cd13d5c5459a037472e079955362d53c3119d65ea3b1be04c2ecb843327a41da9b308197c818ae1c5151e44d2be1bb921300ed2e14da
SSDEEP

98304:sDPn1hUa4I7qCBlO5gqSZQkztu6PGnfahe5cBmirfK6MsLNlQ/58oI1ktftRINx6:E1Z4I7tZQmtu67eCPDM+C58J+tMx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
384ffb912493477f83fa12efd2422a858c4e18d5b9f0d3fb310625746ca2c410

Files

384ffb912493477f83fa12efd2422a858c4e18d5b9f0d3fb310625746ca2c410
.exe windows:4 windows x86 arch:x86

e85494f910b0958f60f118ce10b3a110

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\svn\apd5\513\code\installer\makepackage\bin32\release\PackageStub.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

GetLastError
FindResourceA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
Sleep
CreateProcessA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
GetTempPathA
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
IsDBCSLeadByte
CreateEventA
FreeLibrary
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
FlushInstructionCache
GetCurrentProcess
SetLastError
LoadResource
CreateThread
GetProcAddress
LoadLibraryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
SetEndOfFile
GetTimeZoneInformation
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
SizeofResource
LockResource
FreeResource
FindFirstFileA
SetFileAttributesA
MoveFileExA
FindNextFileA
FindClose
SetEvent
RtlUnwind
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
HeapCreate
SetConsoleCtrlHandler
FatalAppExitA
GetStdHandle
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
ExitProcess
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
WriteFile
HeapDestroy

user32

MapWindowPoints
SetForegroundWindow
EnumThreadWindows
CharNextA
DestroyWindow
LoadStringA
CreateDialogParamA
GetSystemMetrics
LoadImageA
PostQuitMessage
IsDialogMessageA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
UnregisterClassA
SetWindowPos
GetDlgItem
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
ShowWindow
SetWindowTextA
PostMessageA
GetWindowLongA
SetWindowLongA

advapi32

RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA

shell32

SHCreateDirectoryExA
SHFileOperationA

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysFreeString
VarUI4FromStr

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51.6MB - Virtual size: 51.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e85494f910b0958f60f118ce10b3a110

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 51.6MB - Virtual size: 51.6MB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 51.6MB - Virtual size: 51.6MB