c87622867b175d6211120feac104456731afc81bec78b74c1036cecafa278ae8

Sharing

Copy URL Twitter E-mail

General

Target

c87622867b175d6211120feac104456731afc81bec78b74c1036cecafa278ae8
Size

351KB
MD5

587ab0de711450b981fbb1ab8f716c35
SHA1

2df0bd17e736d6ae58a266aab7ff2bb6f0e723b4
SHA256

c87622867b175d6211120feac104456731afc81bec78b74c1036cecafa278ae8
SHA512

30525b642c4f4533a7020b94c1aee0b5a402f80bac2eb991f1756dd96184499c7b36b94c676b76006079ec626a452be014059d0cf99cdf9813b48a3eeccbfae4
SSDEEP

6144:SrWGq34o5TV1hyY9G14tW8S2dN5nhmzrMk04U52/s+/ftC4BGDt01vO+:SaGqosn04tW81dDnhurMk04U5yCEwp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c87622867b175d6211120feac104456731afc81bec78b74c1036cecafa278ae8

Files

c87622867b175d6211120feac104456731afc81bec78b74c1036cecafa278ae8
.exe windows:5 windows x86 arch:x86

eaa55bf31c4fcda1f0b3b02ef9934ea7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ImageList_ReplaceIcon

gdi32

DeleteObject
GetBkMode
SetBkMode
SelectObject
CreateFontA
GetDeviceCaps
SetBkColor
CreateSolidBrush

kernel32

GetWindowsDirectoryW
WideCharToMultiByte
GlobalFree
GlobalAlloc
WaitForSingleObject
CreateSemaphoreA
CreateProcessW
GetPrivateProfileStringA
ReleaseSemaphore
GetComputerNameA
GetComputerNameW
CreateNamedPipeW
CreateEventA
GetOverlappedResult
ConnectNamedPipe
GetCurrentProcess
GetCurrentProcessId
FlushFileBuffers
LoadLibraryExA
LoadLibraryExW
OutputDebugStringA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
WriteFile
CreateFileA
GetFileSize
FormatMessageW
CreateFileW
CreateDirectoryW
CreateDirectoryExW
GetFileAttributesExW
GetFileAttributesW
GetModuleHandleA
FindFirstFileW
CopyFileW
SetFileAttributesW
DeleteFileW
MoveFileExW
RemoveDirectoryW
GetTempPathW
InitializeCriticalSection
GetLocaleInfoA
GetExitCodeProcess
SetHandleInformation
GetProcessId
ResumeThread
GetCommandLineW
GetModuleHandleW
GetFileAttributesA
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetVersion
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
HeapCreate
HeapReAlloc
HeapSize
ExitProcess
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
SetStdHandle
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetModuleFileNameW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
MulDiv
GetSystemDirectoryA
FindClose
GetVersionExA
GetModuleFileNameA
GetProcAddress
FreeLibrary
GetLastError
LocalFree
SetLastError
LoadLibraryA
TerminateThread
CreateThread
SetFilePointer
GetSystemTime
ReadFile
CloseHandle
FindNextFileW
DeleteCriticalSection
VirtualFree
VirtualAlloc
Sleep
EnterCriticalSection
GetCurrentThreadId
GetStartupInfoA
LeaveCriticalSection

user32

PeekMessageA
GetWindowTextLengthW
GetWindowTextW
SetWindowLongW
GetWindowLongW
MessageBoxW
GetDesktopWindow
EnumWindows
GetWindowThreadProcessId
PostQuitMessage
FlashWindowEx
LoadStringA
LoadStringW
BeginPaint
EndPaint
DrawIcon
SetFocus
IsIconic
MoveWindow
GetSystemMetrics
IsWindow
DialogBoxIndirectParamW
DialogBoxParamA
GetParent
CallWindowProcW
PostMessageA
EnableWindow
LoadImageA
LoadIconA
SendMessageA
GetDlgItem
GetSysColorBrush
GetClientRect
GetWindowLongA
GetDC
ReleaseDC
SetWindowTextW
GetSysColor
GetWindowRect
MapWindowPoints
SetWindowPos
FillRect
EndDialog
ExitWindowsEx
DestroyWindow
CreateWindowExA
DialogBoxParamW
RegisterClassA
DefWindowProcA
ScreenToClient
MessageBoxA
SendMessageW
ShowWindow

advapi32

RegDeleteValueW
RegQueryValueExW
SetThreadToken
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyA
RegQueryInfoKeyA
RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegFlushKey
RegOpenKeyA
AdjustTokenPrivileges
RegEnumKeyExW
RegDeleteKeyW
LookupPrivilegeValueA
OpenProcessToken

shell32

ShellExecuteExW

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaa55bf31c4fcda1f0b3b02ef9934ea7

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdi32

kernel32

user32

advapi32

shell32

Sections

.text Size: 194KB - Virtual size: 194KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 6KB - Virtual size: 19KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 118KB - Virtual size: 118KB

.text
Size: 194KB - Virtual size: 194KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 6KB - Virtual size: 19KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 118KB - Virtual size: 118KB