c658eed226ce49105ca19dd6983e60566061ab3d0de5a0cfc9ce47392fb517e3

Sharing

Copy URL Twitter E-mail

General

Target

c658eed226ce49105ca19dd6983e60566061ab3d0de5a0cfc9ce47392fb517e3
Size

4.1MB
MD5

86a7f888c6f89e32cb2a30ffbf5e90a8
SHA1

ed0b403c60c75c69a2ac56da6959a55706c09bc7
SHA256

c658eed226ce49105ca19dd6983e60566061ab3d0de5a0cfc9ce47392fb517e3
SHA512

efd99bcf65ce709770022dad22045eba2550dc6af1f12e6b9d771733e025f560ea2843dc8a554738c39fc92e3cc8048a8e4411ebbbba0565890fa239113414ac
SSDEEP

98304:4ffaQGoUSO/7a3cxZSZOfHPVD53+IF45svBiMAB8X:+SQGoU2MxYOHVV3dFKsU8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c658eed226ce49105ca19dd6983e60566061ab3d0de5a0cfc9ce47392fb517e3

Files

c658eed226ce49105ca19dd6983e60566061ab3d0de5a0cfc9ce47392fb517e3
.exe windows:4 windows x86 arch:x86

b3c420dafaf7e5924db4e6cfc8e67ffe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetStartupInfoW
ClearCommError
CloseHandle
CompareStringA
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
EnumCalendarInfoA
EscapeCommFunction
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindNextChangeNotification
FindNextFileA
FindResourceA
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsA
FreeResource
GetACP
GetCommModemStatus
GetCommState
GetComputerNameA
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOverlappedResult
GetPrivateProfileStringA
GetProcAddress
GetProfileIntA
GetProfileStringA
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetSystemDirectoryA
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetCommandLineA
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LoadLibraryExA
LoadResource
LocalFree
LockResource
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
MoveFileA
MulDiv
MultiByteToWideChar
PurgeComm
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
SetCommMask
SetCommState
SetCommTimeouts
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetThreadLocale
SetThreadPriority
SetupComm
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitCommEvent
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
WriteProcessMemory
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
LocalAlloc
GetCommandLineW
GetConsoleMode
CreateEventW
GetTimeZoneInformation

user32

GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardType
GetKeyNameTextA
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetTopWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaNumericA
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
OemToCharA
FrameRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageTimeoutA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowsHookExA
SetWindowTextA
ShowCaret
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
VkKeyScanA
WaitMessage
WindowFromPoint
WinHelpA
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
FillRect
FindWindowA
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EndPaint
DestroyMenu
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
OffsetRect
DestroyWindow
CheckMenuItem
CharUpperBuffA
CharToOemA
CharNextA
CharLowerBuffA
CharLowerA
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout
EnableWindow

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegFlushKey
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

shell32

CommandLineToArgvW

oleaut32

VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
SafeArrayAccessData
GetErrorInfo
GetActiveObject
VariantInit

msvcrt

_exit
_except_handler3
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_media_1
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_stat_1
Size: 799KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b3c420dafaf7e5924db4e6cfc8e67ffe

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

shell32

oleaut32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

_media_1 Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

_stat_1 Size: 799KB - Virtual size: 800KB

.text
Size: 2.3MB - Virtual size: 2.3MB

_media_1
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

_stat_1
Size: 799KB - Virtual size: 800KB