464c0d7e8da7737a77282b8a040ff537bfb082728494c8e0a3fa7179272e1bf9

Sharing

Copy URL Twitter E-mail

General

Target

464c0d7e8da7737a77282b8a040ff537bfb082728494c8e0a3fa7179272e1bf9
Size

554KB
MD5

3cdddbf499bd408985d29b59cfbb0d81
SHA1

15bd195793cffb33d6196be6f8556e1d9daab584
SHA256

464c0d7e8da7737a77282b8a040ff537bfb082728494c8e0a3fa7179272e1bf9
SHA512

baa52d64261ac89f3c02e8854a3e1bb763ef17973d558a5df5ed41a7aa4034f23042ccd40e5ce55eb16567f8273bf4db7f9e98dcd687a26896e8cd4925a2ed8f
SSDEEP

12288:iczWvvvKxLJgmAfcvbpgPhGB2bVTpgP9pgPzK:svve+dabpp0hpcpE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
464c0d7e8da7737a77282b8a040ff537bfb082728494c8e0a3fa7179272e1bf9

Files

464c0d7e8da7737a77282b8a040ff537bfb082728494c8e0a3fa7179272e1bf9
.exe windows:6 windows x86 arch:x86

cb851914eb37a760c1efe376a1fec890

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
DecodePointer
DeleteCriticalSection
GetModuleHandleW
WideCharToMultiByte
CreateThread
Sleep
OutputDebugStringW
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryW
LoadResource
FreeLibrary
FlushFileBuffers
CreateFileW
GetStringTypeW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
RaiseException
LockResource
GetLastError
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetProcAddress
SizeofResource
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
HeapSize
GetConsoleOutputCP
CloseHandle
LCMapStringW
GetFileType
GetConsoleMode
SetFilePointerEx
HeapAlloc
HeapFree
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
WriteConsoleW
FindNextFileW
FindFirstFileExW
FindClose
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
SetLastError
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW

user32

MessageBoxW
MessageBoxA
DestroyWindow
SetParent
MoveWindow

xcgui

XTree_GetParentItem
XTree_InsertItemText
XTree_EnableExpand
XTree_CreateAdapter
XC_itoa
XWnd_GetHWND
_XWnd_RegEvent
_XEle_RegEvent
_XWnd_RemoveEvent
_XEle_RemoveEvent
XC_CallUiThread
XC_GetObjectType
XWnd_Show
XTree_GetItemText
XList_RefreshData
XEle_AdjustLayout
XList_DeleteItemAll
XList_SetItemHeight
XList_SetItemText
XList_AddItemText
XList_AddColumnText
XList_EnableFixedRowHeight
XList_EnableTemplateReuse
XList_CreateAdapter
XList_CreateAdapterHeader
XC_GetObjectByName
XC_LoadLayoutZipMemEx
XC_EnableDPI
XC_EnableAutoDPI
XWnd_GetButton
XWnd_SetWindowPos
XWnd_GetRect
XInitXCGUI
XWnd_AdjustLayout
XRunXCGUI
XExitXCGUI
XEle_Redraw
XC_LoadResource

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb851914eb37a760c1efe376a1fec890

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

xcgui

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 37KB

.gfids Size: 512B - Virtual size: 304B

.rsrc Size: 381KB - Virtual size: 381KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 37KB

.gfids
Size: 512B - Virtual size: 304B

.rsrc
Size: 381KB - Virtual size: 381KB

.reloc
Size: 7KB - Virtual size: 7KB