d7381e49215e52e9d2eeadb807cdb860bc32c1b6d7b55e0861f3adf1a51e130c

Sharing

Copy URL

Twitter E-mail

General

Target

d7381e49215e52e9d2eeadb807cdb860bc32c1b6d7b55e0861f3adf1a51e130c
Size

636KB
MD5

55dfd9e36c7c251dc9f7abb88f9a4633
SHA1

8fd8fc86111eabbdfcb9fd75609c93d547128fad
SHA256

d7381e49215e52e9d2eeadb807cdb860bc32c1b6d7b55e0861f3adf1a51e130c
SHA512

d438a74c47ec39df5b3185b67d71bd09b85e97460824cb64cf9734e43a0ede1ca5e47c7d5306c0b84559209aed5878be5523e64d996be06f8c9f65c8df13eca0
SSDEEP

12288:E1ECQkwR1+GTfHikdIKrLn6g3BHCHH0HHCHH0HHCHH0HHCHH0HHCHH0dDF:7C4HtikOYnv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7381e49215e52e9d2eeadb807cdb860bc32c1b6d7b55e0861f3adf1a51e130c

Files

d7381e49215e52e9d2eeadb807cdb860bc32c1b6d7b55e0861f3adf1a51e130c
.exe windows:4 windows x86 arch:x86

b4505ce0744301027cfd7774de2b5d40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\!-ivan-!\Programming\Vc7\DesktopPanels\output\_main_.pdb

Imports

kernel32

VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualProtect
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
RtlUnwind
SetErrorMode
CreateFileA
GetFullPathNameA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
CompareStringW
CompareStringA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CloseHandle
FormatMessageA
LocalFree
MulDiv
InterlockedDecrement
GetLastError
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
IsBadWritePtr
MultiByteToWideChar
lstrcpynA
_lopen
_lread
_llseek
_lcreat
_lclose
_lwrite
MoveFileA
lstrcatA
lstrcmpiA
CopyFileA
DeleteFileA
RemoveDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
GetVersion
CreateDirectoryA
lstrcmpA
LoadLibraryA
GetModuleFileNameA
lstrlenA
lstrcpyA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetProcAddress
FreeLibrary
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetEnvironmentStrings
GetModuleHandleA

user32

GetSysColorBrush
wsprintfA
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
GetMenuCheckMarkDimensions
IsDialogMessageA
IsDlgButtonChecked
CheckDlgButton
DestroyMenu
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
SendDlgItemMessageA
GetFocus
GetWindowTextLengthA
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
MessageBoxA
TrackPopupMenu
GetMenu
GetMenuItemID
AdjustWindowRectEx
GetClassInfoA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
RegisterClassA
GetDlgCtrlID
RegisterClipboardFormatA
GetMessagePos
MoveWindow
ClientToScreen
LoadBitmapA
DeleteMenu
CheckMenuItem
GetSubMenu
InsertMenuA
LoadMenuA
SendMessageA
IsIconic
GetClientRect
SetTimer
KillTimer
GetDesktopWindow
RemovePropA
RegisterClassExA
LoadCursorA
InflateRect
CopyRect
IsWindowEnabled
SetFocus
UnregisterClassA
CreateWindowExA
DestroyWindow
EnumChildWindows
GetWindowTextA
SetWindowTextA
GetMenuItemCount
GetMenuItemInfoA
SetMenuItemInfoA
CharNextA
GetClassNameA
ReleaseCapture
RegisterHotKey
UnregisterHotKey
SetCursor
GetSysColor
SetCapture
GetCapture
EndPaint
BeginPaint
ScreenToClient
DrawEdge
FillRect
SetWindowLongA
PtInRect
LoadIconA
DefWindowProcA
EnableWindow
DestroyIcon
PostMessageA
GetCursorPos
SetForegroundWindow
GetWindowRect
GetSystemMetrics
IsZoomed
GetWindowLongA
GetForegroundWindow
ShowWindow
IsWindowVisible
FindWindowA
RegisterWindowMessageA
InvalidateRect
SetRect
LoadImageA
UpdateWindow
SetActiveWindow
GetKeyState
IsWindow
GetParent

gdi32

GetDeviceCaps
GetStockObject
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
PtVisible
SelectClipRgn
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetTextColor
GetClipBox
CreateHatchBrush
SetBkColor
RectVisible
GetPixel
StretchBlt
Rectangle
CreatePen
SelectObject
DeleteDC
DeleteObject
TextOutA
GetObjectA
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreateBrushIndirect
BitBlt

comdlg32

ChooseColorA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteValueA

shell32

Shell_NotifyIconA
SHAppBarMessage

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4505ce0744301027cfd7774de2b5d40

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 204KB - Virtual size: 200KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 368KB - Virtual size: 367KB

.text
Size: 204KB - Virtual size: 200KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 368KB - Virtual size: 367KB