d613153b1c9545065355394dc401695cdc1a9a4503abc843a8bcd99f3468f095

Sharing

Copy URL Twitter E-mail

General

Target

d613153b1c9545065355394dc401695cdc1a9a4503abc843a8bcd99f3468f095
Size

528KB
MD5

daa7d5d31551d21d8ba724af6b24ac99
SHA1

0feaabef8fc91c5ddbb9a9ea79c39df6b9c54da8
SHA256

d613153b1c9545065355394dc401695cdc1a9a4503abc843a8bcd99f3468f095
SHA512

8f6103553cc8ff71913aa3524ef87cb08f63c8072b43f8fb2a382269b3198d8fef36e8b1684d9cc44eb08ea42c6ab8ff12e0eda5de15e6435a394cac9494f4bd
SSDEEP

12288:FglI6IQlBE/B4/EWb1gxtRkY723L5mpT77pVzcjEkg:8I6q/BERgem0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d613153b1c9545065355394dc401695cdc1a9a4503abc843a8bcd99f3468f095

Files

d613153b1c9545065355394dc401695cdc1a9a4503abc843a8bcd99f3468f095
.exe windows:6 windows

4a8a3e6e111b3497a2697f1e21a2d84b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

gdi32

DeleteObject
CreateFontIndirectW

oleaut32

SysAllocStringLen
SysStringByteLen
VariantCopy
VariantClear
SysAllocString
SysStringLen

ole32

CoCreateInstance
OleInitialize
CoInitialize
CoTaskMemFree
CoUninitialize

user32

SetCursor
KillTimer
SetTimer
CheckDlgButton
PostMessageW
EnableWindow
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
SetDlgItemTextW
GetKeyState
EndDialog
SetWindowTextW
InvalidateRect
MessageBoxW
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoW
MapDialogRect
LoadCursorW
SetWindowLongW
GetWindowLongW
ScreenToClient
GetWindowRect
GetDlgItem
DialogBoxParamW
MoveWindow
ShowWindow
GetWindowTextLengthW
GetWindowTextW
SendMessageW
LoadStringW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CharUpperW
IsWindowEnabled
SetDlgItemTextA
GetFocus
SetFocus
LoadIconW
GetParent

advapi32

RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExA
GetFileSecurityW
SetFileSecurityW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetPathFromIDListEx
SHGetFileInfoW

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStringTypeW
HeapFree
HeapAlloc
GetFileType
TerminateProcess
ExitProcess
GetModuleHandleExW
FreeEnvironmentStringsW
ExitThread
CreateThread
InitializeCriticalSectionEx
EncodePointer
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
SetUnhandledExceptionFilter
RaiseException
LoadLibraryExA
ExpandEnvironmentStringsA
SetThreadAffinityMask
ResumeThread
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
SetFilePointerEx
GetEnvironmentStringsW
GetProcessHeap
FreeLibraryAndExitThread
SetStdHandle
InitializeCriticalSectionAndSpinCount
CreateEventW
WaitForSingleObject
SetEvent
InitializeCriticalSection
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GlobalUnlock
GlobalLock
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
LocalFree
FormatMessageW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
SetFileTime
GetTempPathW
CloseHandle
SetLastError
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
MoveFileW
CreateHardLinkW
GetStdHandle
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileInformationByHandle
GetLogicalDriveStringsW
FindFirstStreamW
FindNextStreamW
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
DeviceIoControl
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDriveTypeW
GlobalAlloc
GlobalFree
GetCurrentProcess
GetModuleHandleW
GetProcAddress
CompareFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
GetSystemInfo
GetModuleHandleA
GlobalMemoryStatus
GetProcessAffinityMask
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
FileTimeToDosDateTime
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetProcessAffinityMask
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcessTimes
GetUserDefaultLangID
GetSystemDefaultLangID
Sleep
WaitForMultipleObjects
SetPriorityClass
lstrcatW
GetCommandLineW
GetVersionExW
VirtualAlloc
VirtualFree
GetLargePageMinimum
GetVersion
WriteConsoleW

Sections

.text
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a8a3e6e111b3497a2697f1e21a2d84b

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

gdi32

oleaut32

ole32

user32

advapi32

shell32

kernel32

Sections

.text Size: 320KB - Virtual size: 319KB

.rdata Size: 152KB - Virtual size: 151KB

.data Size: 3KB - Virtual size: 18KB

.pdata Size: 15KB - Virtual size: 14KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 320KB - Virtual size: 319KB

.rdata
Size: 152KB - Virtual size: 151KB

.data
Size: 3KB - Virtual size: 18KB

.pdata
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 10KB - Virtual size: 9KB