80603843d6355f990cf9e14da4a2b169123a2253e2472ccfaf6305f885fa1e12

Sharing

Copy URL

Twitter E-mail

General

Target

80603843d6355f990cf9e14da4a2b169123a2253e2472ccfaf6305f885fa1e12
Size

51KB
MD5

31377f104da27eecdddc051e9f32085f
SHA1

688f6c81865b6ffaea20f105944b0f121f7e98bb
SHA256

80603843d6355f990cf9e14da4a2b169123a2253e2472ccfaf6305f885fa1e12
SHA512

79f171fe0bc8d3b4f55fe9557eb821545ac2743d8f490f7f6bad3b72515d381a58a8875e145d333223fb5a82f5a67e6c5737bedc72d96290f5211125c8105a02
SSDEEP

768:E1cLhhLJuE+1LsBG6AbAV07D3bLsQiyWJUZ4Ceh2VTqM:E2LKLKv0AVCD3b/762R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
80603843d6355f990cf9e14da4a2b169123a2253e2472ccfaf6305f885fa1e12

Files

80603843d6355f990cf9e14da4a2b169123a2253e2472ccfaf6305f885fa1e12
.exe windows:5 windows x86 arch:x86

26af74e73a5684352073e779a4eb0c18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\uejxdtlinki\NRgodjotUP\ugaxEgzR.pdb

Imports

comctl32

ImageList_LoadImageW
ImageList_GetIcon
CreateStatusWindowW
ImageList_AddMasked
ImageList_Write
ImageList_GetIconSize

kernel32

FindResourceW
CallNamedPipeW
FileTimeToLocalFileTime
OpenFileMappingA
GlobalAlloc
GetCommandLineW
GetLongPathNameW
CreateNamedPipeA
SetLocalTime
FreeResource
SetUnhandledExceptionFilter
LocalLock
MoveFileA
GetUserDefaultLangID
GetCommandLineA
DisconnectNamedPipe
GetShortPathNameA
Sleep
GetBinaryTypeA
EnterCriticalSection
GetSystemWindowsDirectoryA
GetSystemTimeAsFileTime
LoadLibraryExA
SetFileTime
EscapeCommFunction
SetThreadPriority
TlsGetValue
GetLocaleInfoW
GlobalMemoryStatus
lstrcatA
OpenFileMappingW
ExitThread
CreateDirectoryA
SleepEx
GlobalMemoryStatusEx
GetNumberFormatA
EnumResourceNamesW
GlobalGetAtomNameA
SetLastError
TerminateThread
IsValidLanguageGroup
CompareStringW
LocalSize
GlobalFlags
IsBadCodePtr
SetErrorMode
CompareStringA
UnlockFile
LoadLibraryA
lstrlenA
IsBadReadPtr
FindNextChangeNotification
EnumResourceNamesA
LoadResource
WaitForMultipleObjects

shlwapi

StrToIntW

msvcrt

clearerr
iswspace
strcspn
iswdigit
fprintf
strcpy
isalnum
sprintf
swscanf
putchar
_controlfp
iswxdigit
atol
strerror
system
__set_app_type
__p__fmode
malloc
wcslen
wcsrchr
wcstod
strtol
__p__commode
_amsg_exit
iswctype
strtok
fread
strcoll
fgets
wcsncpy
_initterm
wcstok
_ismbblead
printf
setlocale
_XcptFilter
qsort
isalpha
tolower
gets
_exit
_cexit
__setusermatherr
__getmainargs
fclose
wcstombs
wcstoul

user32

IsWindowUnicode
OpenIcon
GetWindowDC
ReplyMessage
InSendMessage
DrawFocusRect
GetDlgCtrlID
FindWindowW
ShowWindow
SetMenu
RegisterHotKey
CharLowerW
GetMenuStringW
GetMenuItemCount
GetMenuItemRect
CreateCaret
BeginDeferWindowPos
GetClassInfoExW
RegisterWindowMessageA
LockWindowUpdate
IsWindowEnabled
LoadAcceleratorsA
CharToOemBuffA
FindWindowExA
SetParent
TileWindows
DispatchMessageA
OffsetRect
AttachThreadInput
GetClassInfoExA
MonitorFromPoint
RedrawWindow
CloseDesktop
ShowCursor
SetTimer
TranslateAcceleratorA
GetWindowTextA
GetSystemMetrics
SetRect
CharLowerA
AppendMenuA
CheckRadioButton
LoadImageA
FrameRect
SetSysColors
CreateDialogIndirectParamW
MessageBoxW
DefDlgProcW
CharPrevW
SwitchToThisWindow
CreatePopupMenu
SendDlgItemMessageW
ClientToScreen
InsertMenuW
AdjustWindowRect
EnableScrollBar
KillTimer
CreateIconFromResource
SetWindowLongW
GetKeyboardLayoutNameW
DrawFrameControl
EqualRect
GetScrollRange
CreateIconIndirect
GetMonitorInfoW
CreateWindowExA
GetMessageW
ExitWindowsEx
DestroyWindow
WaitMessage
DestroyCursor
VkKeyScanW
LoadStringA
SendMessageW
GetMessageTime
LookupIconIdFromDirectory
GetNextDlgGroupItem
GetCaretPos
GetMessageExtraInfo
DrawMenuBar
ReleaseDC
InSendMessageEx
GetCursorPos
InflateRect
GetAsyncKeyState
SendMessageA
ChildWindowFromPoint
RegisterClassExW
UpdateWindow
GetMenuItemInfoW
LoadCursorW
CharToOemA
ShowWindowAsync
IsChild
GetScrollPos
IsIconic
GetWindowTextW
GetClassNameW
DrawStateA
GetMenuStringA
ActivateKeyboardLayout
wvsprintfA
CreateCursor
SetDlgItemTextA
GetUpdateRect
GetKeyboardType
CopyAcceleratorTableW
wsprintfA
EnumThreadWindows
DeleteMenu
SendMessageTimeoutW
ChangeMenuW
SetActiveWindow
wsprintfW
IsCharAlphaW
ShowOwnedPopups
WaitForInputIdle

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.insec
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inmin
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26af74e73a5684352073e779a4eb0c18

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

shlwapi

msvcrt

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.bit Size: 1KB - Virtual size: 1KB

.insec Size: 6KB - Virtual size: 5KB

.inmin Size: 512B - Virtual size: 86B

.wall Size: 512B - Virtual size: 444B

.zdata Size: 12KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.bit
Size: 1KB - Virtual size: 1KB

.insec
Size: 6KB - Virtual size: 5KB

.inmin
Size: 512B - Virtual size: 86B

.wall
Size: 512B - Virtual size: 444B

.zdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 1KB - Virtual size: 1KB