d005a2fae4ddb1d599c8afa244bbd5f1fc87f77297a49a8a7a6baa42b706daef

Sharing

Copy URL Twitter E-mail

General

Target

d005a2fae4ddb1d599c8afa244bbd5f1fc87f77297a49a8a7a6baa42b706daef
Size

4.8MB
MD5

88959693db70f3e04ac329d5e69ca5ef
SHA1

b87de9cbafdbab873a47ca90a559b9be68b811a0
SHA256

d005a2fae4ddb1d599c8afa244bbd5f1fc87f77297a49a8a7a6baa42b706daef
SHA512

957c1c428db85695db4a1ad1367f826d4e552bd9a010efc35ce6aef0a7057fa343a1555433b467f3e5567837fa7ceac47a94e9b18f3ef67f3f0494db3b29c972
SSDEEP

98304:/QzTxIT8uQP7ocWILaqi4LZRWNeA4yimALJAOlXwF/766GibPX/aPD4j6W7eI3x:/kuE7Hh2qiSzWNLiHArPCSX7J3x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d005a2fae4ddb1d599c8afa244bbd5f1fc87f77297a49a8a7a6baa42b706daef

Files

d005a2fae4ddb1d599c8afa244bbd5f1fc87f77297a49a8a7a6baa42b706daef
.exe windows:5 windows x86 arch:x86

55ed480ad2ae0bebfd7867eee7ef81ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

d3d8

Direct3DCreate8

kernel32

GetLastError
CreateMutexA
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcmpiA
IsDBCSLeadByte
SetLastError
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleFileNameA
Sleep
GetCommandLineA
TerminateThread
CreateThread
GetExitCodeThread
ResumeThread
ExitThread
QueryPerformanceCounter
QueryPerformanceFrequency
IsProcessorFeaturePresent
WriteFile
CreateFileA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetSystemTimeAsFileTime
LoadLibraryA
GetTickCount
GetEnvironmentStringsW
GetLocalTime
GetEnvironmentStrings
DebugBreak
SetStdHandle
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
HeapSize
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
GetStdHandle
SetHandleCount
HeapReAlloc
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
ReadFile
ExitProcess
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FreeLibrary
CloseHandle
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrcpyA
GetModuleHandleA
GetProcAddress
GetCurrentProcessId
GetVersionExA
GetThreadLocale
GetStringTypeExA
InterlockedIncrement
lstrcmpA
lstrlenA
InterlockedDecrement
FreeEnvironmentStringsW
OutputDebugStringA
RtlUnwind
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
VirtualAlloc
VirtualFree
HeapAlloc
FreeEnvironmentStringsA
InterlockedCompareExchange
HeapFree
GetProcessHeap

user32

ShowWindow
UnregisterClassA
SetCursor
PostMessageA
MessageBoxA
SetForegroundWindow
GetActiveWindow
MsgWaitForMultipleObjects
DialogBoxParamA
EndDialog
GetParent
GetWindow
MapWindowPoints
SetWindowPos
SendMessageA
GetDlgItem
EnableWindow
SetWindowTextA
GetWindowLongA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
SetWindowLongA
SystemParametersInfoA
GetWindowRect
GetClientRect
wsprintfA
ChangeDisplaySettingsA
EnumDisplaySettingsA
GetSystemMetrics
GetDC
ReleaseDC
CharNextA
wvsprintfA
LoadCursorA
RegisterClassExA
GetClassInfoExA
CreateWindowExA
ShowCursor
GetCursorPos
DefWindowProcA
IsWindow
DestroyWindow
LoadImageA
UpdateWindow

gdi32

DeleteObject
BitBlt
CreateCompatibleDC
SelectObject
SetStretchBltMode
StretchDIBits
DeleteDC
CreateDIBSection
GetStockObject

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoInitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55ed480ad2ae0bebfd7867eee7ef81ac

Headers

DLL Characteristics

File Characteristics

Imports

winmm

d3d8

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 401KB - Virtual size: 400KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 80KB - Virtual size: 92KB

.data1 Size: 2KB - Virtual size: 2KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 401KB - Virtual size: 400KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 80KB - Virtual size: 92KB

.data1
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 29KB - Virtual size: 28KB