53ab46d0a5d670b0b56f4ec70c9ae73cdc2222dc171c685aac8f1c2b8cb2a655

Sharing

Copy URL Twitter E-mail

General

Target

53ab46d0a5d670b0b56f4ec70c9ae73cdc2222dc171c685aac8f1c2b8cb2a655
Size

3.8MB
MD5

4e13e91c3105a4ff9db1b00b77ed6674
SHA1

40cb682c96ab048502471816a5a8f0775b71fff8
SHA256

53ab46d0a5d670b0b56f4ec70c9ae73cdc2222dc171c685aac8f1c2b8cb2a655
SHA512

39529b0f0d6043832fb7eec21155ef544c5ef90043dd72b645690f3c339de4d34456c24439a3c70dc875372e83fae46fd321fb04f89fb036362b2e2f9642b86e
SSDEEP

49152:7pgfwjT0+DF92dKvHl6UTfZW48ixJH+ap+WqFvsyw2dHi1HyeYu/wP0cQvDYeKfM:7Ge7F6UjZW48+J/pRovCJY6xO91RT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53ab46d0a5d670b0b56f4ec70c9ae73cdc2222dc171c685aac8f1c2b8cb2a655

Files

53ab46d0a5d670b0b56f4ec70c9ae73cdc2222dc171c685aac8f1c2b8cb2a655
.exe windows:4 windows x86 arch:x86

7cd9b1bc3472188b643c981c260a0ea0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\MDM\Zinc3\WrapperPC\Release\WrapperPC.pdb

Imports

ddraw

DirectDrawCreate

comctl32

ord17

winmm

timeGetTime
timeBeginPeriod
timeGetDevCaps
timeKillEvent
timeEndPeriod
timeSetEvent

kernel32

GetProcAddress
LoadLibraryW
SizeofResource
LockResource
LoadResource
FindResourceW
LoadLibraryA
GetModuleHandleA
GetCurrentProcess
VirtualProtect
lstrcmpiA
lstrlenA
GetTickCount
FlushInstructionCache
VirtualAlloc
CreateFileMappingA
CreateFileA
VirtualFree
GetCurrentDirectoryA
lstrcmpA
GetUserDefaultLCID
GetSystemDefaultLCID
GetThreadLocale
lstrcpyA
lstrcpyW
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetCurrentDirectoryA
GetModuleFileNameA
IsBadCodePtr
IsBadReadPtr
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetSystemTime
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
IsBadWritePtr
HeapCreate
HeapDestroy
GetDriveTypeA
VirtualQuery
GetSystemInfo
HeapSize
TerminateProcess
QueryPerformanceCounter
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetCPInfo
HeapReAlloc
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapFree
GetVersionExA
GetStartupInfoW
HeapAlloc
GetFullPathNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
ExitProcess
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
GetTempPathW
GetCurrentProcessId
GetCurrentThreadId
CreateDirectoryW
FreeLibrary
MulDiv
GetEnvironmentVariableW
GetCommandLineW
SetEnvironmentVariableA
SetEnvironmentVariableW
OutputDebugStringA
OutputDebugStringW
LocalAlloc
LocalFree
ReadFile
CreateEventW
CreateThread
GlobalReAlloc
GetLastError
SetEvent
WaitForSingleObject
GetExitCodeThread
TerminateThread
CreateFileW
GetFileSize
MapViewOfFile
UnmapViewOfFile
CloseHandle
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GetACP
GetOEMCP
SetStdHandle
SetEndOfFile
CompareStringA
CompareStringW
SetFilePointer

user32

GetWindowLongA
FillRect
CreateAcceleratorTableA
GetParent
LookupIconIdFromDirectory
CreateIconFromResource
ReleaseDC
GetDC
UnregisterClassA
RegisterClassExA
InvalidateRgn
DefWindowProcA
LoadMenuIndirectA
SetWindowsHookExA
RegisterWindowMessageA
SendMessageA
SetTimer
KillTimer
DialogBoxParamW
GetDlgItem
EndDialog
GetDesktopWindow
GetUpdateRect
DrawTextA
GetWindow
IsChild
GetFocus
DestroyAcceleratorTable
CallWindowProcA
SetWindowLongA
UnhookWindowsHookEx
wsprintfA
CallNextHookEx
MessageBoxW
SetDlgItemTextW
SetWindowsHookExW
ClientToScreen
SetForegroundWindow
TrackPopupMenu
PostMessageW
LoadImageW
PeekMessageW
LoadIconW
LoadCursorW
RegisterClassExW
CopyRect
GetMenu
BeginPaint
EndPaint
CheckMenuItem
EnableMenuItem
DefWindowProcW
AppendMenuW
CreatePopupMenu
InsertMenuW
DeleteMenu
DrawMenuBar
DestroyWindow
GetCursorPos
SetCapture
ReleaseCapture
CallWindowProcW
SystemParametersInfoW
GetWindowTextW
GetMessageW
TranslateMessage
DispatchMessageW
GetMenuStringW
InvalidateRect
SetWindowTextW
GetSubMenu
AdjustWindowRectEx
UpdateWindow
GetClientRect
CreateMenu
SetMenu
RedrawWindow
IsWindowVisible
CreateWindowExW
MoveWindow
SetFocus
SetWindowRgn
SetRect
GetWindowLongW
SetWindowLongW
SetLayeredWindowAttributes
SendMessageW
GetWindowRect
GetSystemMetrics
ShowWindow
SetWindowPos

gdi32

EndDoc
EndPage
TextOutW
SetViewportOrgEx
StartDocW
GetTextMetricsW
CreateSolidBrush
GetStockObject
GetDeviceCaps
CreateDIBitmap
StretchBlt
CreateDCA
GetRgnBox
SelectClipRgn
CreateRectRgnIndirect
Rectangle
CreateDIBSection
ExtCreateRegion
CombineRgn
GetObjectW
DeleteDC
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetMapMode

comdlg32

PageSetupDlgW
PrintDlgW

advapi32

RegCreateKeyExW
RegFlushKey
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHFileOperationW
Shell_NotifyIconW
CommandLineToArgvW
DragQueryFileW
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
OleLockRunning
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cd9b1bc3472188b643c981c260a0ea0

Headers

File Characteristics

PDB Paths

Imports

ddraw

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 500KB - Virtual size: 500KB

.rdata Size: 112KB - Virtual size: 112KB

.data Size: 40KB - Virtual size: 52KB

.rsrc Size: 3.1MB - Virtual size: 3.1MB

.text
Size: 500KB - Virtual size: 500KB

.rdata
Size: 112KB - Virtual size: 112KB

.data
Size: 40KB - Virtual size: 52KB

.rsrc
Size: 3.1MB - Virtual size: 3.1MB