8a252e03d74753f00deb6e3505e3fdc528cb04c140e35afdae2ce23550ef1f61

Sharing

Copy URL

Twitter E-mail

General

Target

8a252e03d74753f00deb6e3505e3fdc528cb04c140e35afdae2ce23550ef1f61
Size

3.0MB
MD5

bc6fcf5d363403c9f75e828d68b87ca7
SHA1

e8ecbf12fa0e51ee400de069c791708bd95061b6
SHA256

8a252e03d74753f00deb6e3505e3fdc528cb04c140e35afdae2ce23550ef1f61
SHA512

9a40c6b96610c4a1570ab4e0942f0ca3114d57c68bbf0797134b60fb5130b84a551fb30f44907c77cb8c236c71270e241d9f06c5b51aef01622898879245b532
SSDEEP

49152:xL8zO+g39FbI0eQf/Z3CarWedoYAmXvinTMtTckbXS2e5g1WhkqN5Y:mzO19Fnf/hdoYAmBikVIrhkqN5Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a252e03d74753f00deb6e3505e3fdc528cb04c140e35afdae2ce23550ef1f61

Files

8a252e03d74753f00deb6e3505e3fdc528cb04c140e35afdae2ce23550ef1f61
.exe windows:5 windows x86 arch:x86

465d47b8fe077b6aeaced0d18fb3e1cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrcmpW
WriteProcessMemory
WriteFile
WideCharToMultiByte
WaitForMultipleObjects
VirtualQuery
VirtualProtect
TryEnterCriticalSection
TerminateThread
TerminateProcess
SystemTimeToTzSpecificLocalTime
SwitchToThread
Sleep
SetLastError
SetEvent
ReleaseSemaphore
ReadProcessMemory
QueryPerformanceCounter
OutputDebugStringW
OpenProcess
MultiByteToWideChar
MulDiv
LocalFree
LoadLibraryW
LeaveCriticalSection
IsBadReadPtr
IsBadCodePtr
InitializeCriticalSection
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalAlloc
GetWindowsDirectoryW
GetVersionExW
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetSystemDefaultLangID
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFileSize
GetFileAttributesExW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetComputerNameW
GetCommandLineW
GetCPInfo
GetACP
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FlushInstructionCache
FileTimeToSystemTime
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateSemaphoreW
CreateMutexW
CreateFileW
CreateEventW
CompareStringW
CloseHandle

user32

CreateWindowExW
ValidateRect
UpdateLayeredWindow
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
SystemParametersInfoW
ShowWindow
SetWindowRgn
SetWindowPos
SetWindowLongW
SetTimer
SetScrollInfo
SetPropW
SetClassLongW
SendMessageW
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClassW
RedrawWindow
PostMessageW
PeekMessageW
MsgWaitForMultipleObjects
MoveWindow
MessageBoxW
MapWindowPoints
LockWindowUpdate
LoadCursorW
KillTimer
IsZoomed
IsWindowVisible
IsWindow
IsIconic
InvalidateRect
InflateRect
GetWindowThreadProcessId
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetScrollRange
GetScrollPos
GetScrollInfo
GetParent
GetWindow
GetMessageW
GetIconInfo
GetDesktopWindow
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCapture
FrameRect
FindWindowW
FillRect
EnumWindows
EndPaint
DrawTextExW
DrawTextW
DrawIconEx
DrawFrameControl
DrawEdge
DispatchMessageW
DestroyWindow
DefWindowProcW
ClientToScreen
CallWindowProcW
BeginPaint
GetWindowRgnBox

gdi32

TextOutW
StretchDIBits
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixelV
SetPixel
SetDIBitsToDevice
SetDIBits
SetBkMode
SetBkColor
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
OffsetViewportOrgEx
MoveToEx
LineTo
IntersectClipRect
GetViewportOrgEx
GetTextMetricsW
GetTextExtentPoint32W
GetTextExtentExPointW
GetTextColor
GetTextAlign
GetStockObject
GetROP2
GetPixel
GetPaletteEntries
GetObjectType
GetObjectW
GetNearestPaletteIndex
GetDeviceCaps
GetDIBits
GetCurrentPositionEx
GetCurrentObject
GetClipBox
GetBkMode
GetBkColor
ExtTextOutW
ExcludeClipRect
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
BitBlt

advapi32

RevertToSelf
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
ImpersonateLoggedOnUser
GetUserNameW

shell32

ShellExecuteW
SHGetFileInfoW
CommandLineToArgvW

ole32

CoTaskMemFree

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_Draw

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

465d47b8fe077b6aeaced0d18fb3e1cc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.itext Size: 8KB - Virtual size: 12KB

.data Size: 84KB - Virtual size: 88KB

.bss Size: 292KB - Virtual size: 292KB

.idata Size: 99KB - Virtual size: 100KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 88KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.itext
Size: 8KB - Virtual size: 12KB

.data
Size: 84KB - Virtual size: 88KB

.bss
Size: 292KB - Virtual size: 292KB

.idata
Size: 99KB - Virtual size: 100KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 88KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB