8c166fc640dfe315be1bde98660b85aa486d2c0da2f519d0b8aaa4ebda0f8819

Sharing

Copy URL Twitter E-mail

General

Target

8c166fc640dfe315be1bde98660b85aa486d2c0da2f519d0b8aaa4ebda0f8819
Size

1.2MB
MD5

fa25df376fe8f7a31b9b586ff1e4b775
SHA1

2c633742fb5304a105205900b60f7f193998a30f
SHA256

8c166fc640dfe315be1bde98660b85aa486d2c0da2f519d0b8aaa4ebda0f8819
SHA512

d94f33f333530e8dab738cba0ec387e5e8edb1a9f2352f55383af54fb18c883899f1c1880e2507c781feaaa2ba6853fe4371a745e2aa75153477a7e4ee8ebee3
SSDEEP

12288:7bSqAI3Y1CGCxk3obbyF2ZBhnZQ0xw/F7fetjGBIjy+S5hq/aTIH:7bSLIT6oKanS0xw/F+GBIjfS5hq/aEH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c166fc640dfe315be1bde98660b85aa486d2c0da2f519d0b8aaa4ebda0f8819

Files

8c166fc640dfe315be1bde98660b85aa486d2c0da2f519d0b8aaa4ebda0f8819
.exe windows:4 windows x86 arch:x86

ca692d6779f182a144d9c2f30b0a2da9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertDeleteCertificateFromStore
CryptDecodeObjectEx
CertOpenSystemStoreA
CertCreateCertificateContext
CertCloseStore
CertSetCertificateContextProperty
CertFreeCertificateContext
CertAddCertificateContextToStore

winscard

SCardTransmit
SCardEstablishContext
SCardGetStatusChangeA
SCardDisconnect
SCardReleaseContext
SCardConnectA

kernel32

HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GetVersionExA
GetVersion
lstrlenA
lstrlenW
GetCPInfo
LockResource
LoadResource
FindResourceA
lstrcmpiA
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
LocalFree
InterlockedDecrement
SetStdHandle
MultiByteToWideChar
CreateDirectoryA
GetFileAttributesA
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetProcAddress
LoadLibraryA
SetLastError
LocalAlloc
GlobalFree
GlobalUnlock
GlobalLock
FindClose
FindFirstFileA
Sleep
GetLastError
GetPrivateProfileStringA
OutputDebugStringA
GetTempPathA
GetModuleFileNameA
Process32Next
Process32First
CreateToolhelp32Snapshot
WideCharToMultiByte
GetWindowsDirectoryA
FindNextFileA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
WriteFile
SetFilePointer
GetFileSize
CreateFileA
WinExec
CopyFileA
GlobalAlloc
ReadFile
FreeLibrary
GetCurrentThreadId
GetFileType
GetStdHandle
FlushConsoleInputBuffer
GetCurrentProcessId
GlobalMemoryStatus
QueryPerformanceCounter
GetTickCount
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
MulDiv
InterlockedIncrement
FormatMessageA
GetACP
HeapSize
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
RaiseException
HeapAlloc
HeapFree
RtlUnwind
WritePrivateProfileStringA
SetErrorMode
GetFileTime
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetCurrentThread
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
lstrcmpA
lstrcpynA

user32

GetDCEx
ReleaseCapture
LoadCursorA
GetClassNameA
MapDialogRect
SetWindowContextHelpId
CharUpperA
wvsprintfA
LoadStringA
PtInRect
SetRectEmpty
GetMessageA
TranslateMessage
ValidateRect
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
IsWindowVisible
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SendMessageA
EnableWindow
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
LockWindowUpdate
SetCapture
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
SetParent
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
IntersectRect
GetWindowPlacement
EndDialog
SetActiveWindow
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
CopyRect
GetSysColor
SystemParametersInfoA
DestroyIcon
DrawIconEx
ReleaseDC
DrawTextA
GetDC
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
LoadBitmapA
RemoveMenu
GetSubMenu
TabbedTextOutA
GrayStringA
DestroyCursor
GetWindowLongA
IsMenu
GetNextDlgTabItem
GetParent
SetCursor
RegisterClipboardFormatA
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetProcessWindowStation
GetUserObjectInformationW
PeekMessageA
PostQuitMessage
IsIconic
DrawIcon
GetSystemMenu
RegisterDeviceNotificationA
SetForegroundWindow
MessageBoxA
LoadIconA
RegisterWindowMessageA
LoadMenuA
GetCursorPos
SetMenuDefaultItem
TrackPopupMenu
KillTimer
SetTimer
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
FrameRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
InvalidateRect
GetActiveWindow
PostThreadMessageA

gdi32

GetClipBox
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
CreateRectRgnIndirect
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetCharWidthA
GetTextMetricsA
GetTextColor
GetBkColor
LPtoDP
CreatePalette
SetStretchBltMode
StretchDIBits
SelectPalette
RealizePalette
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
Escape
CreateFontA
GetDeviceCaps
GetBkMode
CreatePen
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetTextExtentPoint32W
GetTextExtentPoint32A
Ellipse
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
SetPixel
GetPixel
GetObjectA
PatBlt
PtVisible
GetTextExtentPointA
CreateDIBitmap
RectVisible
TextOutA
ExtTextOutA

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
EnumServicesStatusA
OpenSCManagerA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegEnumValueA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteExA

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_Add
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromString
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
VariantCopy
VariantClear
SysFreeString
GetErrorInfo
SysAllocString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

PlaySoundA

shlwapi

PathFileExistsA

wininet

InternetCheckConnectionA
DeleteUrlCacheEntry
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenA
InternetCloseHandle
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetGetLastResponseInfoA

msvcrt

abort
_getch
_fileno
strstr
sprintf
signal
fputs
strtoul
getenv
sscanf
tolower
fgets
fseek
ftell
fflush
fwrite
fread
fclose
fopen
_errno
__mb_cur_max
_isctype
_pctype
time
memchr
strncmp
fprintf
qsort
_iob
vfprintf
_vsnprintf
strncpy
wcsstr
strchr
_setmode

Sections

.text
Size: 528KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca692d6779f182a144d9c2f30b0a2da9

Headers

File Characteristics

Imports

crypt32

winscard

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

winmm

shlwapi

wininet

msvcrt

Sections

.text Size: 528KB - Virtual size: 524KB

.rdata Size: 144KB - Virtual size: 142KB

.data Size: 112KB - Virtual size: 187KB

.rsrc Size: 436KB - Virtual size: 435KB

.text
Size: 528KB - Virtual size: 524KB

.rdata
Size: 144KB - Virtual size: 142KB

.data
Size: 112KB - Virtual size: 187KB

.rsrc
Size: 436KB - Virtual size: 435KB