8925664f7614a6074d2493fc3bc722959962c8b69b98683ecb3e70fa720e4be9[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8925664f7614a6074d2493fc3bc722959962c8b69b98683ecb3e70fa720e4be9.exe
Size

1.0MB
MD5

91cbe2b1913a456a2b150d9ca80cbbe4
SHA1

b6ece9f466d2df6ea979833a02b448c43c352e02
SHA256

8925664f7614a6074d2493fc3bc722959962c8b69b98683ecb3e70fa720e4be9
SHA512

432028f7788a2b7ed75ce92ae49f980d756f4c13490500bdf88e0f51a34d2c7924e9b264b6f4a7417c1deaf2e4b63683c5fdcaffbba7c7c88ed0f5411a343df8
SSDEEP

12288:Tm5y9cx2TenbdwlmY/MMp1ALuoNr6TJp04e/XZJbVLnv3unbblLabZlFwlSio7Ni:Tm5bdwlmYEJr630nFwlS37N2jP5piqKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8925664f7614a6074d2493fc3bc722959962c8b69b98683ecb3e70fa720e4be9.exe

Files

8925664f7614a6074d2493fc3bc722959962c8b69b98683ecb3e70fa720e4be9.exe
.exe windows:5 windows x86 arch:x86

f186af44cde7bfedef80bdfc39eb9f42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

getservbyport
ntohs
inet_addr
htonl
getservbyname
WSASetLastError
htons
WSAGetLastError
gethostbyname
ioctlsocket
gethostbyaddr
gethostname
shutdown
WSACleanup
closesocket
connect
socket
WSAStartup
send
recv
WSAAsyncSelect
inet_ntoa

winmm

waveOutGetVolume
mixerGetLineInfoA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetDevCapsA
waveOutSetVolume
mixerClose
mixerOpen
mciSendStringA
joyGetDevCapsA
joyGetPosEx

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_ReplaceIcon
ord6
InitCommonControlsEx

psapi

GetModuleBaseNameA
GetModuleFileNameExA

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetReadFileExA
InternetOpenA

kernel32

GlobalFree
GlobalUnlock
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
GetCurrentThreadId
GetEnvironmentVariableA
lstrcmpiA
GetStringTypeExA
CreateThread
SetThreadPriority
GetExitCodeThread
CloseHandle
CreateMutexA
GetLastError
MultiByteToWideChar
GetModuleHandleA
GetVersionExW
DeleteCriticalSection
GetModuleFileNameA
GetFileAttributesA
GetFullPathNameA
GetSystemTimeAsFileTime
LoadResource
LockResource
SizeofResource
GetShortPathNameA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToLocalFileTime
SetEnvironmentVariableA
Beep
MoveFileA
OutputDebugStringA
CreateProcessA
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
GetLocalTime
GetDateFormatA
GlobalAlloc
GetDiskFreeSpaceExA
SetVolumeLabelA
CreateFileA
DeviceIoControl
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceA
GetCurrentDirectoryA
CreateDirectoryA
ReadFile
GetACP
WriteFile
DeleteFileA
CopyFileA
SetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameA
GetSystemWindowsDirectoryA
GetTempPathA
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
QueryDosDeviceA
CompareStringA
GetFullPathNameW
RemoveDirectoryA
GetCurrentProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
FormatMessageA
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
WritePrivateProfileSectionA
SetEndOfFile
GetFileType
GetStdHandle
SetFilePointerEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesA
LoadLibraryExA
GlobalSize
GlobalLock
FindResourceA
SetErrorMode
InitializeCriticalSection
GetCPInfo
SetCurrentDirectoryA
Sleep
GetTickCount
MulDiv
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsAlloc
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleW
ExitProcess
HeapSize
HeapQueryInformation
TlsGetValue
TlsSetValue
TlsFree
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LoadLibraryW
RaiseException
SetHandleCount
GetStringTypeW
IsProcessorFeaturePresent
RtlUnwind
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
FlushFileBuffers
SetFilePointer
WriteConsoleW
SetStdHandle
GetProcessHeap
CreateFileW
GetTimeFormatA
VirtualQuery

user32

SetLayeredWindowAttributes
InvalidateRect
EnableWindow
GetWindowTextLengthA
EnumWindows
IsZoomed
IsIconic
EnumDisplayMonitors
RegisterWindowMessageA
GetSysColor
GetSysColorBrush
DrawIconEx
FillRect
DefWindowProcA
SetForegroundWindow
DialogBoxParamA
SendDlgItemMessageA
GetDlgItem
SetWindowTextW
SetDlgItemTextA
MessageBeep
GetCursorInfo
GetLastInputInfo
GetSystemMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuStringA
ExitWindowsEx
SetMenu
FlashWindow
GetPropA
SetPropA
RemovePropA
MapWindowPoints
RedrawWindow
SetParent
SendMessageW
GetClassInfoExA
DefDlgProcA
GetAncestor
UpdateWindow
GetMessagePos
GetClassLongA
CallWindowProcA
CheckRadioButton
IntersectRect
GetUpdateRect
PtInRect
CreateDialogIndirectParamA
CreateAcceleratorTableA
DestroyAcceleratorTable
InsertMenuItemA
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoA
IsMenu
GetMenuItemInfoA
CreateMenu
CreatePopupMenu
SetMenuInfo
AppendMenuA
DestroyMenu
TrackPopupMenuEx
CopyImage
SetWindowPos
CreateIconFromResourceEx
EnumClipboardFormats
GetWindow
BringWindowToTop
GetTopWindow
GetQueueStatus
IsWindowVisible
BlockInput
CheckMenuItem
LoadImageA
SetRect
SetClipboardViewer
LoadAcceleratorsA
EnableMenuItem
GetMenu
CreateWindowExA
RegisterClassExA
LoadCursorA
DestroyIcon
DestroyWindow
IsCharAlphaA
MapVirtualKeyA
MapVirtualKeyExA
VkKeyScanExA
GetGUIThreadInfo
GetWindowTextA
mouse_event
WindowFromPoint
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
PostMessageW
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutA
UnhookWindowsHookEx
SetWindowsHookExA
PostThreadMessageA
IsCharAlphaNumericA
IsCharUpperA
IsCharLowerA
ToAsciiEx
GetKeyboardLayout
CallNextHookEx
CharLowerA
ReleaseDC
GetDC
MessageBoxA
OpenClipboard
GetClipboardData
GetClipboardFormatNameA
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageA
FindWindowA
EndDialog
IsWindow
SetWindowRgn
SetFocus
SetActiveWindow
ClientToScreen
EnumChildWindows
MoveWindow
GetWindowRect
GetMonitorInfoA
MonitorFromPoint
GetClientRect
SystemParametersInfoA
AdjustWindowRectEx
CreateIconIndirect
DrawTextA
DispatchMessageA
TranslateMessage
ShowWindow
CountClipboardFormats
SetWindowLongA
ScreenToClient
IsDialogMessageA
SendMessageA
IsWindowEnabled
GetWindowLongA
GetKeyState
TranslateAcceleratorA
KillTimer
PeekMessageA
GetFocus
GetClassNameA
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
SetTimer
GetParent
GetDlgCtrlID
CharUpperA
IsClipboardFormatAvailable
GetIconInfo
ChangeClipboardChain
SetWindowTextA
GetAsyncKeyState

gdi32

GdiFlush
CreateDIBSection
EnumFontFamiliesExA
SetBrushOrgEx
SetBkColor
GetPixel
BitBlt
CreatePatternBrush
SetBkMode
GetCharABCWidthsA
GetClipBox
FillRgn
GetClipRgn
ExcludeClipRect
GetDeviceCaps
DeleteObject
CreateFontA
CreateSolidBrush
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectA
GetTextMetricsA
GetTextFaceA
SelectObject
GetStockObject
CreateDCA
SetTextColor

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

advapi32

GetUserNameA
LockServiceDatabase
OpenSCManagerA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
RegConnectRegistryA
UnlockServiceDatabase

shell32

DragQueryPoint
SHEmptyRecycleBinA
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathA
ShellExecuteExA
Shell_NotifyIconA
DragFinish
DragQueryFileA
ExtractIconA

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayDestroy
GetActiveObject
SysStringLen
SysFreeString
SafeArrayCreate
VariantClear
VariantChangeType
SysAllocString
SafeArrayCopy
VariantCopyInd
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayUnlock
SafeArrayAccessData

Sections

.text
Size: 654KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f186af44cde7bfedef80bdfc39eb9f42

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 654KB - Virtual size: 654KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 13KB - Virtual size: 34KB

.rsrc Size: 304KB - Virtual size: 303KB

.text
Size: 654KB - Virtual size: 654KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 13KB - Virtual size: 34KB

.rsrc
Size: 304KB - Virtual size: 303KB