be6e48f8ae36dde69413224a73af790a2db2ab5af02418c87c0288f61a4904a8

Sharing

Copy URL Twitter E-mail

General

Target

be6e48f8ae36dde69413224a73af790a2db2ab5af02418c87c0288f61a4904a8
Size

909KB
MD5

7b73d01721e4aecba085d5b17279de05
SHA1

d577f5cfba42be37d5a26fd062eb828f38bac512
SHA256

be6e48f8ae36dde69413224a73af790a2db2ab5af02418c87c0288f61a4904a8
SHA512

2b68a590cb266ffa4f77667584c6ede1e3a38e1d0037da529728c157f545f6050e5c9b15b86a9df7f720b1ca68fd0975219fa7b42f3edc90bfd158425cc5582a
SSDEEP

24576:pQxcFIDlKyeRFJfQx6T0ygzchurPTLuOAhHmu:PLJfQx6YygqurPWhhHl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be6e48f8ae36dde69413224a73af790a2db2ab5af02418c87c0288f61a4904a8

Files

be6e48f8ae36dde69413224a73af790a2db2ab5af02418c87c0288f61a4904a8
.exe windows:4 windows x86 arch:x86

2f667e9ffea9864719b55a2c0ee44a60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetVersionExA
FindClose
GetPrivateProfileStringA
GetModuleFileNameA
GetDriveTypeA
WinExec
SetCurrentDirectoryA
MoveFileExA
GetTempPathA
GetCurrentProcess
lstrcatA
SetFileTime
GetWindowsDirectoryA
GetSystemDirectoryA
WritePrivateProfileStringA
GetShortPathNameA
LoadLibraryA
lstrlenA
GetDiskFreeSpaceA
FreeLibrary
GlobalAlloc
GlobalLock
IsBadCodePtr
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
WideCharToMultiByte
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
CreateDirectoryA
HeapCompact
HeapSize
SetFileAttributesA
MoveFileA
DeleteFileA
HeapAlloc
GetFileAttributesA
TerminateProcess
GetLastError
ExitProcess
GlobalHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetFullPathNameA
GetProcAddress
GlobalUnlock
GlobalFree
GetEnvironmentStringsW
SetHandleCount
GetEnvironmentStrings
GetFileType
GetStringTypeA
GetStdHandle
IsBadReadPtr
CreateFileA
ReadFile
WriteFile
SetFilePointer
CloseHandle
GetStringTypeW
HeapFree

user32

SetTimer
IsWindowVisible
DestroyWindow
SendDlgItemMessageA
MessageBoxA
GetMessageA
IsDialogMessageA
CreateDialogIndirectParamA
GetDlgItemTextA
DispatchMessageA
TranslateMessage
SetWindowPos
wsprintfA
SetWindowTextA
GetDlgItem
ScreenToClient
GetWindowRect
SetFocus
EnableWindow
SetDlgItemTextA
BeginPaint
SendMessageA
EndPaint
RegisterWindowMessageA
OemToCharA
GetParent
GetDC
ReleaseDC
GetClientRect
DrawTextA
FillRect
GetWindow
GetSysColor
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
FindWindowA
GetLastActivePopup
BringWindowToTop
GetSystemMetrics
AdjustWindowRectEx
UpdateWindow
IsIconic
RedrawWindow
PostQuitMessage
DefWindowProcA
PostMessageA
GetWindowLongA
SetWindowLongA
IsDlgButtonChecked
ExitWindowsEx
ShowWindow
CheckDlgButton
KillTimer

gdi32

AddFontResourceA
ExtTextOutA
SetBkColor
GetStockObject
CreateSolidBrush
DeleteObject
CreateFontIndirectA
GetObjectA
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
StretchDIBits
RealizePalette
SelectPalette
IntersectClipRect
CreateDIBPatternBrush
SetTextColor
SetBkMode
SelectObject
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC

comdlg32

GetSaveFileNameA

advapi32

AdjustTokenPrivileges
RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoCreateInstance
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f667e9ffea9864719b55a2c0ee44a60

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

version

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB