22b24a9cca8279235b53622d06fc5c49d7ed3110fa5a6efc5879ba8f5243a5d7

Sharing

Copy URL Twitter E-mail

General

Target

22b24a9cca8279235b53622d06fc5c49d7ed3110fa5a6efc5879ba8f5243a5d7
Size

1.1MB
MD5

4412706f446e9015b3a4e75b1b4a3b0a
SHA1

d07b84b82fcd0254dda99dc77a9692afeb479975
SHA256

22b24a9cca8279235b53622d06fc5c49d7ed3110fa5a6efc5879ba8f5243a5d7
SHA512

b0353666170f4089b203c14e8f02ef72cb52e8c14e79a95428395a7e1872e0679ff912da98935c2874940cf5dbe6ae084a24da2933a8abedc75e88cb25a63cc5
SSDEEP

24576:/UXUlyJ0dxLEbhsY+5ePAkgF9QwwpqY5CDtbc:NI6D0nbYzD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22b24a9cca8279235b53622d06fc5c49d7ed3110fa5a6efc5879ba8f5243a5d7

Files

22b24a9cca8279235b53622d06fc5c49d7ed3110fa5a6efc5879ba8f5243a5d7
.exe windows:5 windows x86 arch:x86

3c657b3e553526c0ab85a5c180ccb550

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSACleanup
WSAStartup
WSAIoctl
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
socket
WSAGetLastError

wldap32

ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46
ord145

kernel32

VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
HeapSize
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
SetEvent
CreateTimerQueue
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
GetPrivateProfileIntA
OpenProcess
TerminateProcess
VirtualProtect
FindClose
CloseHandle
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateDirectoryA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
CopyFileA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetLastError
SetLastError
FormatMessageA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
VerSetConditionMask
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
GetTickCount
QueryPerformanceCounter
WaitForSingleObject
FreeLibrary
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
Sleep
InitializeCriticalSectionAndSpinCount
DecodePointer
SetEndOfFile
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
HeapReAlloc
GetFileAttributesExW
MoveFileExW
DeleteFileW
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
EncodePointer
IsValidLocale
HeapAlloc
HeapFree
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetACP
WriteFile
ExitProcess
SetFilePointerEx
GetModuleHandleExW
ExitThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
CreateFileW
RtlUnwind
RaiseException
DuplicateHandle
WaitForSingleObjectEx
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetCurrentThreadId
TryEnterCriticalSection

user32

MessageBoxA
SendMessageW
wsprintfW
MessageBoxW

advapi32

CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW

shell32

ShellExecuteA

xcgui

XWnd_GetBkManager
XWnd_KillTimer
XWnd_SetTimer
XWnd_ShowWindow
XWnd_SetLayoutSize
XWnd_EnableDragWindow
XWnd_EnableDragBorder
XWnd_GetHWND
XWnd_Create
_XWnd_RegEvent
XSliderBar_SetHorizon
XSliderBar_GetButton
XSliderBar_SetPos
XSliderBar_SetSpaceTwo
XSliderBar_SetButtonHeight
XSliderBar_SetButtonWidth
XSliderBar_SetRange
XSliderBar_Create
XShapeText_SetLayoutWidth
XShapeText_SetTextAlign
XShapeText_SetFont
XShapeText_SetText
XShapeText_Create
XShape_Redraw
XProgBar_SetImageLoad
XShapeText_SetTextColor
XProgBar_SetSpaceTwo
XProgBar_SetRange
XProgBar_Create
XImage_LoadMemory
XFont_Create2
XEle_GetBkManager
XEle_AddBkFill
XEle_AddBkBorder
XEle_RedrawEle
XEle_ShowEle
XEle_EnableMouseThrough
XEle_EnableBkTransparent
XEle_EnableDrawFocus
XEle_EnableFocus
_XEle_RegEvent
XEle_Create
XBkM_AddFill
XC_IsHELE
XExitXCGUI
XRunXCGUI
XInitXCGUI
XC_EnableDebugFile
XProgBar_SetPos

Sections

.text
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c657b3e553526c0ab85a5c180ccb550

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

kernel32

user32

advapi32

shell32

xcgui

Sections

.text Size: 528KB - Virtual size: 528KB

.rdata Size: 226KB - Virtual size: 226KB

.data Size: 9KB - Virtual size: 14KB

.rsrc Size: 277KB - Virtual size: 277KB

.reloc Size: 101KB - Virtual size: 104KB

.text
Size: 528KB - Virtual size: 528KB

.rdata
Size: 226KB - Virtual size: 226KB

.data
Size: 9KB - Virtual size: 14KB

.rsrc
Size: 277KB - Virtual size: 277KB

.reloc
Size: 101KB - Virtual size: 104KB