953a5ecc8c96a45b407bb6e07ca07fbcfc96d6a6502cd55007467fef8c30dbcd

Sharing

Copy URL

Twitter E-mail

General

Target

953a5ecc8c96a45b407bb6e07ca07fbcfc96d6a6502cd55007467fef8c30dbcd
Size

158KB
MD5

10f1de231c82556b92996cf6dcd24e4e
SHA1

9f61286f1d058760ad687371bfde7bf83956e8c1
SHA256

953a5ecc8c96a45b407bb6e07ca07fbcfc96d6a6502cd55007467fef8c30dbcd
SHA512

fc0595aa6da1c0a59807e4169d813abf10439439b5253ad7f59703d527c26755cb614fcb87aff62e565ca8a638c4dc0af5a33a0eec1f78971c4666f4f3d61c30
SSDEEP

3072:TMdLZAIi6d0c52/AHSRIFBWSp/iI1uR9f3brbttQhZhIO4n0MAIQhxBlLgNJ:qo6SON09UhZhIO4n0MAIQhxPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
953a5ecc8c96a45b407bb6e07ca07fbcfc96d6a6502cd55007467fef8c30dbcd

Files

953a5ecc8c96a45b407bb6e07ca07fbcfc96d6a6502cd55007467fef8c30dbcd
.exe windows:4 windows x86 arch:x86

dfa264221da71cbf1252eb9b4520dad2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\buildsvn\clients2\sc\sda\Release\PGPsda.pdb

Imports

comctl32

ord17

kernel32

HeapFree
SetEndOfFile
GetLocaleInfoA
LCMapStringW
LCMapStringA
CreateFileA
CreateFileW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSection
Sleep
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
RtlUnwind
ExitProcess
GetModuleHandleA
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
SetStdHandle
GetFileType
GetStdHandle
IsDBCSLeadByteEx
MulDiv
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesA
CreateSemaphoreA
WaitForSingleObject
CloseHandle
CreateThread
lstrcpyA
ReleaseSemaphore
GetProcAddress
FreeLibrary
lstrlenA
LoadLibraryA
GetVersionExA
SetHandleCount
VirtualAlloc
GetModuleFileNameA
GetACP
GetModuleFileNameW
lstrcmpiA
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetLastError
SetFilePointer
HeapAlloc
HeapReAlloc
CreateDirectoryW
CreateDirectoryA
DeleteFileW
DeleteFileA
RemoveDirectoryW
RemoveDirectoryA
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ReadFile
EnterCriticalSection
LeaveCriticalSection

user32

UpdateWindow
ShowWindow
CreateWindowExA
LoadStringA
MessageBoxW
MessageBoxA
LoadStringW
SetWindowPos
GetSystemMetrics
GetWindowRect
SetWindowLongW
GetFocus
GetClientRect
CallWindowProcW
SetCaretPos
DestroyCaret
CreateCaret
ShowCaret
GetWindow
FillRect
GetParent
KillTimer
IsDlgButtonChecked
CheckDlgButton
LoadIconA
SetFocus
GetKeyState
GetKeyboardLayout
DialogBoxParamA
EndDialog
IsWindowEnabled
SetForegroundWindow
SetTimer
GetDlgItem
MapWindowPoints
SetWindowTextA
SendDlgItemMessageA
ActivateKeyboardLayout
SendMessageA
GetDC
ReleaseDC
SetWindowLongA
SystemParametersInfoA
GetWindowTextA
GetWindowLongA
CallWindowProcA
IsWindowVisible
BeginPaint
DrawIcon
GetSysColor
EndPaint
InvalidateRect
RegisterClassA
DefWindowProcA

gdi32

DeleteDC
GetTextMetricsA
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectA
GetDeviceCaps
GetTextExtentPoint32W
ExtTextOutW
BitBlt
SetBkMode
TextOutW
TranslateCharsetInfo
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectA
SelectObject
SetTextColor
SetBkColor
Rectangle
ExtTextOutA

comdlg32

GetSaveFileNameA
GetSaveFileNameW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfa264221da71cbf1252eb9b4520dad2

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 31KB - Virtual size: 31KB