d66108a747390eb421e865b014f7665b5096323a3dfcf15360298c2679ee9df9

Sharing

Copy URL Twitter E-mail

General

Target

d66108a747390eb421e865b014f7665b5096323a3dfcf15360298c2679ee9df9
Size

10.6MB
MD5

fb77a1b371da98d35536e8605b8a4510
SHA1

609c32a9775080eb64de2e5c74ab8e598ea76c39
SHA256

d66108a747390eb421e865b014f7665b5096323a3dfcf15360298c2679ee9df9
SHA512

512d43a52d63896dbe3cc451117b168057c19660a40a9d047ef9561312c3ca7db9d82044598a34ae8bef006963ef098b67d630023b76f7d369eff9b5c9543c4a
SSDEEP

49152:a4VvQFNfn43aWVkK8UEztA4rbDwYC+/RzhEiv+bqvMZU18NnApN+1r0ret6xrtgg:dVvQFNfOfr74/Abaa4rs8QNEUN9hE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d66108a747390eb421e865b014f7665b5096323a3dfcf15360298c2679ee9df9

Files

d66108a747390eb421e865b014f7665b5096323a3dfcf15360298c2679ee9df9
.exe windows:6 windows x86 arch:x86

4465f6aceddbdc0758959a8607d5a547

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

gdi32

CreateSolidBrush

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateIoCompletionPort
CreateThread
CreateWaitableTimerExW
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
FreeLibrary
GetConsoleMode
GetCurrentThreadId
GetEnvironmentStringsW
GetErrorMode
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadContext
GlobalAlloc
GlobalFree
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
PostQueuedCompletionStatus
RaiseFailFastException
ResumeThread
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetThreadContext
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WerGetFlags
WerSetFlags
WideCharToMultiByte
WriteConsoleW
WriteFile

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_beginthread
_cexit
_errno
_initterm
_iob
_lock
_onexit
_strtoi64
_strtoui64
_unlock
abort
atoi
calloc
exit
fprintf
fputc
free
fwrite
getc
isspace
isxdigit
localeconv
malloc
memcpy
memset
realloc
setlocale
signal
strchr
strerror
strlen
strncmp
strncpy
strtol
strtoul
tolower
ungetc
vfprintf
wcscmp
wcslen

ole32

CoCreateInstance
CoGetClassObject
CoTaskMemFree
OleInitialize
OleSetContainedObject
OleUninitialize

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy
SysAllocString
SysFreeString
VariantClear
VariantInit

user32

AdjustWindowRect
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetClientRect
GetDesktopWindow
GetMessageA
GetMonitorInfoA
GetWindowLongA
GetWindowRect
MessageBoxA
MonitorFromWindow
PeekMessageA
PostMessageW
PostQuitMessage
RegisterClassExA
SetClassLongA
SetFocus
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow

Exports

Exports

_cgo_dummy_export
_webviewDispatchGoCallback
_webviewExternalInvokeCallback

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 720KB - Virtual size: 719KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 318KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4465f6aceddbdc0758959a8607d5a547

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 5.0MB - Virtual size: 5.0MB

.data Size: 720KB - Virtual size: 719KB

.rdata Size: 4.5MB - Virtual size: 4.5MB

.eh_fram Size: 12KB - Virtual size: 11KB

.bss Size: - Virtual size: 318KB

.edata Size: 512B - Virtual size: 156B

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 256KB - Virtual size: 256KB

.text
Size: 5.0MB - Virtual size: 5.0MB

.data
Size: 720KB - Virtual size: 719KB

.rdata
Size: 4.5MB - Virtual size: 4.5MB

.eh_fram
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 318KB

.edata
Size: 512B - Virtual size: 156B

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 256KB - Virtual size: 256KB