065b15af0e2e66a01762514ddbb20b1f58ad00b0ddfe02306ba2407bef95f27a

Sharing

Copy URL Twitter E-mail

General

Target

065b15af0e2e66a01762514ddbb20b1f58ad00b0ddfe02306ba2407bef95f27a
Size

12.8MB
MD5

0907e209d241b6cac0571987478bb131
SHA1

cdaeb9593d3cb8927e7d6cc01ccded1e74707f2c
SHA256

065b15af0e2e66a01762514ddbb20b1f58ad00b0ddfe02306ba2407bef95f27a
SHA512

a73f6371e1aad2128dae1bbfc9af2d2768781614349b77e08040ab9f1993c17c04cd30d8287002bef98d422d05c5859306aa94c7cf1c2e9eb1466282b9c411e7
SSDEEP

393216:KDJoh5P1ahNbp4a6tHxUOmYbDMnkNaO16hB2NO:oU5PU2DMAchcNO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
065b15af0e2e66a01762514ddbb20b1f58ad00b0ddfe02306ba2407bef95f27a

Files

065b15af0e2e66a01762514ddbb20b1f58ad00b0ddfe02306ba2407bef95f27a
.exe windows:5 windows x86 arch:x86

1fb5e086bafd1783c2521a7a03be72de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\code\T-Asd\trunk\PackSp\output\TGUnPack\[{Win32}-{Release}-{v90}]\TGUnPack.pdb

Imports

kernel32

GetVolumeInformationA
GetFullPathNameA
GetFileAttributesExA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileSizeEx
GetFileTime
GetModuleHandleW
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WritePrivateProfileStringA
GetCurrentDirectoryA
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentProcess
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
Sleep
ExitProcess
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedDecrement
GetModuleFileNameW
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GlobalAddAtomA
GetCurrentProcessId
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GetFileAttributesA
CreateFileA
GetModuleFileNameA
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
SetErrorMode
WideCharToMultiByte

user32

TabbedTextOutA
LoadCursorA
GetSysColorBrush
CharUpperA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ReleaseDC
GetDC
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
EnableWindow
SendMessageA
IsWindowVisible
IsWindow
GetWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
UnregisterClassA
DestroyMenu
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
PostMessageA
PostQuitMessage
GetMenuState

advapi32

RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHCreateDirectoryExA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
ExtTextOutA
ScaleWindowExtEx
SaveDC
RestoreDC
SetMapMode
SetWindowExtEx
DeleteDC
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
TextOutA
RectVisible
PtVisible
DeleteObject
Escape

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fb5e086bafd1783c2521a7a03be72de

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

shlwapi

oleacc

gdi32

winspool.drv

comdlg32

oleaut32

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 13KB - Virtual size: 27KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 13KB - Virtual size: 27KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB