d15efa73868f773432595a0c4b4d467129be83df8795802257ad02e6105ef82f

Sharing

Copy URL

Twitter E-mail

General

Target

d15efa73868f773432595a0c4b4d467129be83df8795802257ad02e6105ef82f
Size

216KB
MD5

bff4c8beb078218975c3dd08780b31d5
SHA1

9e640ec99ad6dea98ad367243f97191994509ca0
SHA256

d15efa73868f773432595a0c4b4d467129be83df8795802257ad02e6105ef82f
SHA512

5923ab84e49b7d5cdf4050dc618be5ad76b14871746b9efd2863637fe86fd645a6c0ffdca86ff98f1c131f74f679bd7a6ad7c500ec032b5b7983331431bb3548
SSDEEP

3072:bAmBoNWzEM9aIeDJ09b7PonRmr75mlnNsS1Ms9BAg0Fu0DGlhrck9:bAtWuI8c7PonRmX5GNH1PAOfp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d15efa73868f773432595a0c4b4d467129be83df8795802257ad02e6105ef82f

Files

d15efa73868f773432595a0c4b4d467129be83df8795802257ad02e6105ef82f
.exe windows:4 windows x86 arch:x86

592b91fe2aca194aa83f4b4bf7906a7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent
ord17

msimg32

GradientFill

kernel32

VirtualProtect
GetCPInfo
GetOEMCP
GetACP
HeapSize
SetUnhandledExceptionFilter
WriteFile
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ReadFile
CloseHandle
LCMapStringW
LCMapStringA
SetFilePointer
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersionExA
GetStartupInfoA
GetModuleHandleA
SetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryA
GetLastError
GetFullPathNameA
GetCurrentDirectoryA
GetDriveTypeA
HeapReAlloc
RtlUnwind
RaiseException
HeapFree
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
CreateFileA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
GetLocalTime
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
GetShortPathNameA
GlobalLock
GlobalUnlock
MulDiv
GlobalAlloc
GlobalFree
GetCommandLineA
GetSystemInfo
GlobalMemoryStatus
GetVersion
GetComputerNameA
GetWindowsDirectoryA
GetSystemDirectoryA
WinExec
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetProcAddress
Sleep
GetTickCount
GetModuleFileNameA
SetEndOfFile
VirtualQuery

user32

InvalidateRect
LoadIconA
ReleaseDC
DefWindowProcA
BeginPaint
EndPaint
LoadCursorA
RegisterClassA
UnregisterClassA
AdjustWindowRectEx
FillRect
TabbedTextOutA
GetSysColor
MoveWindow
GetActiveWindow
GetClassLongA
SetClassLongA
SetWindowLongA
IsWindowEnabled
EnableWindow
SetFocus
GetFocus
GetWindowLongA
GetClientRect
InflateRect
DrawFocusRect
DrawTextA
PostMessageA
SetWindowTextA
GetDlgItemTextA
GetDlgCtrlID
IsDlgButtonChecked
CallWindowProcA
FindWindowA
MsgWaitForMultipleObjects
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
MapVirtualKeyA
GetWindowRect
SetActiveWindow
SetWindowPos
GetAsyncKeyState
GetCursorPos
SetCursorPos
ShowCursor
MessageBoxA
EnumDisplaySettingsA
ChangeDisplaySettingsA
CreateWindowExA
ShowWindow
SendMessageA
DestroyWindow
GetDC
GetSystemMetrics

gdi32

CreateDIBSection
CreateCompatibleDC
Rectangle
DeleteDC
SetStretchBltMode
StretchBlt
Ellipse
MoveToEx
LineTo
SetPixel
GetPixel
GetTextExtentPoint32A
SetDIBColorTable
CreatePalette
CreateSolidBrush
CreatePen
GetTextMetricsA
SelectPalette
RealizePalette
BitBlt
SelectObject
SetBkMode
SetTextColor
GetStockObject
CreateFontIndirectA
DeleteObject
GetDeviceCaps

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA

advapi32

GetUserNameA

shell32

ShellExecuteExA
SHGetSpecialFolderPathA
ShellExecuteA

ole32

OleInitialize
CoCreateInstance
IIDFromString
CoUninitialize
CreateStreamOnHGlobal
OleUninitialize
CoInitializeEx
CLSIDFromProgID

oleaut32

SafeArrayGetElement
OleLoadPicture
SafeArrayPutElement
SafeArrayCopy
SafeArrayGetVartype
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocString
VariantCopy
VariantCopyInd
VariantChangeType
SysAllocStringByteLen
SysFreeString
SafeArrayCreate
SafeArrayUnaccessData
VariantClear
VariantInit
SafeArrayAccessData
SafeArrayGetDim

winmm

sndPlaySoundA
mciSendStringA
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
timeGetTime

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

592b91fe2aca194aa83f4b4bf7906a7f

Headers

File Characteristics

Imports

comctl32

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winmm

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 2KB