68da74efdf1097aedf9df787cb9d507d7abb244e84fda1504b82f59ad9a2d959

Sharing

Copy URL Twitter E-mail

General

Target

68da74efdf1097aedf9df787cb9d507d7abb244e84fda1504b82f59ad9a2d959
Size

312KB
MD5

6b7fbe8b9a63f183a8d5ce35c28341b4
SHA1

89ede776b227d255b7a7b490f3ef470479aaa86c
SHA256

68da74efdf1097aedf9df787cb9d507d7abb244e84fda1504b82f59ad9a2d959
SHA512

b9dd6bf46f6c7e42140b0bfbe3d86e2f62df749db9e2f77bfab037480424c83d13131df4f2f90f1feba3590842946909391d7c0aade9c89bccbb134bad9f1e0b
SSDEEP

6144:u2uMyZJey2NIiY5+Ulc/kNrjqX8rcbvk37uCa:udMyZE59Ulc/irdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68da74efdf1097aedf9df787cb9d507d7abb244e84fda1504b82f59ad9a2d959

Files

68da74efdf1097aedf9df787cb9d507d7abb244e84fda1504b82f59ad9a2d959
.exe windows:4 windows x86 arch:x86

c3ebbf141fa9d6ad77a75f721b0e3dae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
GetPrivateProfileStringW
GetFileAttributesW
GetUserDefaultLangID
lstrcatW
InitializeCriticalSection
lstrcmpW
CreateMutexW
GetLocaleInfoW
FormatMessageW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
TerminateThread
SetEnvironmentVariableA
GetOEMCP
GetACP
SetEndOfFile
LCMapStringW
LCMapStringA
LoadLibraryA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetLogicalDriveStringsW
DeleteFileW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
CompareStringW
CompareStringA
HeapSize
GetTimeZoneInformation
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
DeleteCriticalSection
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
GetVersion
GetStartupInfoW
GetModuleHandleA
GetSystemTimeAsFileTime
TerminateProcess
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
GetDriveTypeW
RemoveDirectoryW
GetTempPathW
CreateDirectoryW
SetFileAttributesW
CopyFileW
GetLocalTime
GetModuleHandleW
GlobalReAlloc
FindResourceW
SizeofResource
LoadResource
LockResource
FreeLibrary
FlushInstructionCache
GetCurrentThreadId
MulDiv
IsDBCSLeadByte
LocalFree
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
lstrcpynW
GetLastError
SetLastError
WriteFile
CreateFileW
GetFileSize
ReadFile
CloseHandle
OutputDebugStringW
GlobalSize
lstrcpyW
lstrcmpiW
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedIncrement
MultiByteToWideChar
lstrlenA
InterlockedDecrement
Sleep
GetModuleFileNameW
lstrlenW
InterlockedExchange
CreateThread
ExitProcess
OutputDebugStringA
LoadLibraryW
GetProcAddress
GetCommandLineW
GetCurrentProcess

user32

EnableMenuItem
CreateDialogParamW
GetActiveWindow
GetWindowTextLengthW
GetDlgItemTextW
CallNextHookEx
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
SetForegroundWindow
SetActiveWindow
CreatePopupMenu
AppendMenuW
TrackPopupMenu
KillTimer
MapVirtualKeyW
keybd_event
MessageBeep
PostMessageW
GetSubMenu
LoadIconW
LoadAcceleratorsW
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
CharLowerW
EnumWindows
SendMessageTimeoutW
RegisterWindowMessageW
EnableWindow
LoadImageW
DialogBoxParamW
GetCursorPos
GetWindowTextW
IsCharLowerW
SetWindowsHookExW
UnhookWindowsHookEx
CheckMenuItem
GetKeyboardState
IsWindow
GetSysColorBrush
GetClassNameW
TrackPopupMenuEx
DestroyMenu
GetIconInfo
CreateIconIndirect
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatW
DrawAnimatedRects
FindWindowExW
SetTimer
DestroyIcon
GetDlgCtrlID
SetWindowTextW
GetSystemMetrics
GetWindowDC
OffsetRect
CallWindowProcW
GetClipboardData
GetClipboardFormatNameW
EnumClipboardFormats
ReleaseDC
GetDC
CharNextW
LoadStringW
DefWindowProcW
SetParent
CreateWindowExW
ShowWindow
GetDlgItem
SetWindowPos
PtInRect
SetCapture
MapWindowPoints
GetClientRect
GetCapture
SetCursor
GetMessagePos
ScreenToClient
DrawEdge
DrawTextW
SetRect
ReleaseCapture
UpdateWindow
SetRectEmpty
RedrawWindow
PostQuitMessage
EndDialog
GetFocus
FrameRect
EnableScrollBar
SetScrollInfo
BeginPaint
FillRect
EndPaint
SendMessageW
InvalidateRect
SetWindowLongW
GetSysColor
DestroyWindow
GetKeyState
GetScrollInfo
SetScrollPos
ScrollWindowEx
SetFocus
RegisterClassW
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
GetWindowLongW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
SetDlgItemTextW

gdi32

SetBkMode
CreatePen
PatBlt
CreatePatternBrush
CreateBitmap
LineTo
MoveToEx
RealizePalette
SelectPalette
GetStockObject
CreateEnhMetaFileW
CreateDCW
CreateDIBSection
SetViewportOrgEx
SetPixel
GetPixel
ExtTextOutW
GetCurrentObject
GetDeviceCaps
CreateFontIndirectW
SetBkColor
SetTextColor
TextOutW
BitBlt
SelectObject
DeleteObject
CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC
CreateSolidBrush
GetTextMetricsW
CloseEnhMetaFile
GetDIBits
GetObjectW

comdlg32

GetOpenFileNameW

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegOpenKeyW

shell32

SHAppBarMessage
Shell_NotifyIconW
SHGetDesktopFolder
ord190
ord18
ord17
ord16
ord155
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

OleInitialize
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysAllocStringLen

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
ord17
ImageList_Draw

gdiplus

GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipDisposeImage
GdipGetImageWidth
GdipDrawImageRectI
GdipDeleteGraphics
GdiplusStartup
GdipGetImageHeight
GdipCloneImage
GdipCreateFromHDC

imm32

ImmAssociateContext

winmm

timeGetTime

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3ebbf141fa9d6ad77a75f721b0e3dae

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

imm32

winmm

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 68KB - Virtual size: 213KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 68KB - Virtual size: 213KB

.rsrc
Size: 52KB - Virtual size: 48KB