b875e38ffae8efa738a639232252a663768229efcb7a9fa4903a875370c3b193

Sharing

Copy URL Twitter E-mail

General

Target

b875e38ffae8efa738a639232252a663768229efcb7a9fa4903a875370c3b193
Size

1.1MB
MD5

43d5c450b5bbf668b74e58112d227590
SHA1

04b18cda52565645e8f0f93ef747fc2dc38739b5
SHA256

b875e38ffae8efa738a639232252a663768229efcb7a9fa4903a875370c3b193
SHA512

9e60022a6bec9510fbdffbbc478c6c611eb96ce7e8d302b9a283ede407ba97cc6d3626a908161bf098da937248c7d5e68055a3b39451bb2dd0d9f52d5dfe4591
SSDEEP

24576:hp4C1949GKcPUf3MRyDHNIzrGvM20BZCw9uEG4L0eK8ODusalZxLGk1pYJ:ucPUf3M6HN49k/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b875e38ffae8efa738a639232252a663768229efcb7a9fa4903a875370c3b193

Files

b875e38ffae8efa738a639232252a663768229efcb7a9fa4903a875370c3b193
.exe windows:4 windows x86 arch:x86

403c2edc9877b81de3d40209ee2ac4d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

dsound

ord1

kernel32

GetModuleFileNameA
SetThreadPriority
SetPriorityClass
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersion
GetCurrentThread
WinExec
OutputDebugStringA
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
Sleep
CreateThread
lstrcpyA
MultiByteToWideChar
lstrlenA
GetProcAddress
GetCurrentProcess
FindClose
IsBadReadPtr
GetStringTypeW
SetUnhandledExceptionFilter
SetFilePointer
ReadFile
GetStringTypeA
HeapSize
WriteFile
CloseHandle
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
HeapReAlloc
VirtualAlloc
IsBadWritePtr
HeapCreate
HeapDestroy
VirtualFree
SetCurrentDirectoryA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
RemoveDirectoryA
GetLastError
TerminateProcess
MoveFileA
GetCommandLineA
GetStartupInfoA
ExitProcess
GetCurrentDirectoryA
HeapAlloc
GetFullPathNameA
InterlockedDecrement
DeleteFileA
GetWindowsDirectoryA
GetDriveTypeA
FindNextFileA
GetSystemDirectoryA
SetEnvironmentVariableA
CreateDirectoryA
CompareStringW
CompareStringA
SetEndOfFile
IsBadCodePtr
InterlockedIncrement
HeapFree
LCMapStringW
LCMapStringA
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
CreateFileA
FindFirstFileA
GetOEMCP
GetACP
GetCPInfo

user32

InvalidateRect
GetDC
MessageBoxA
ReleaseDC
SetTimer
IsWindow
PostQuitMessage
SetRect
ShowCursor
SetForegroundWindow
KillTimer
FindWindowA
LoadCursorA
CreateWindowExA
LoadIconA
RegisterClassA
LoadImageA
RegisterClassExA
IsIconic
DestroyWindow
SetWindowPos
BeginPaint
DefWindowProcA
ValidateRect
GetActiveWindow
EndPaint
GetSystemMetrics
ClientToScreen
GetWindowRect
GetClientRect
PeekMessageA
SetFocus
GetMessageA
PostMessageA
TranslateMessage
DispatchMessageA
MoveWindow
ShowWindow
SetWindowTextA
UpdateWindow

gdi32

BitBlt
GetDeviceCaps

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

winmm

timeBeginPeriod
timeEndPeriod
timeGetDevCaps
mciGetDeviceIDA
timeGetTime
auxSetVolume
auxGetNumDevs
auxGetDevCapsA
mciSendCommandA
auxGetVolume

ddraw

DirectDrawCreate
DirectDrawEnumerateA

dinput

DirectInputCreateA

Sections

.text
Size: 1024KB - Virtual size: 1022KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

403c2edc9877b81de3d40209ee2ac4d9

Headers

File Characteristics

Imports

version

dsound

kernel32

user32

gdi32

advapi32

ole32

winmm

ddraw

dinput

Sections

.text Size: 1024KB - Virtual size: 1022KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 84KB - Virtual size: 140KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 1024KB - Virtual size: 1022KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 84KB - Virtual size: 140KB

.rsrc
Size: 4KB - Virtual size: 3KB