b346e2c2e5012e8efbce3e06926d95591dfd2efc88d3a30a23abfad729ca4cd7

Sharing

Copy URL Twitter E-mail

General

Target

b346e2c2e5012e8efbce3e06926d95591dfd2efc88d3a30a23abfad729ca4cd7
Size

216KB
MD5

2b53812849dc2160b4ea56359712ecf6
SHA1

6a424d51fdc4b8a6e0f8e7426f161b3a798edc8c
SHA256

b346e2c2e5012e8efbce3e06926d95591dfd2efc88d3a30a23abfad729ca4cd7
SHA512

9c542aaf84d81a877aa89543fab5123cafe5ec54719890b3b4d1d538508e111d11cf4623bba67ef6fdaccc40d11bc080c092e97dbf269296808b185fd6c82c96
SSDEEP

6144:f5g86iHCj0yQ2dz5sQ5jOCCunMUq0226y:f+8PHCj0yQ2dz5NHC6MUq0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b346e2c2e5012e8efbce3e06926d95591dfd2efc88d3a30a23abfad729ca4cd7

Files

b346e2c2e5012e8efbce3e06926d95591dfd2efc88d3a30a23abfad729ca4cd7
.exe windows:4 windows x86 arch:x86

9a20ff85dacf720a590fdfc798c3f29f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
RaiseException
RtlUnwind
GetACP
TerminateProcess
HeapReAlloc
HeapSize
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetFileType
SetStdHandle
GetFileAttributesA
UnlockFile
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
Sleep
GetFileTime
GetFileSize
GetProcessVersion
GetOEMCP
GetCPInfo
TlsSetValue
TlsGetValue
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsAlloc
LocalAlloc
LeaveCriticalSection
GlobalFlags
EnterCriticalSection
WritePrivateProfileStringA
DeleteCriticalSection
InitializeCriticalSection
MulDiv
GetPrivateProfileStringA
GetPrivateProfileIntA
SetLastError
lstrcmpA
GlobalAlloc
GetCurrentThread
lstrcpynA
GetFullPathNameA
FindClose
GetVolumeInformationA
FindFirstFileA
UnhandledExceptionFilter
SetEndOfFile
ClearCommError
FreeEnvironmentStringsA
LockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetLastError
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
FreeEnvironmentStringsW
GetEnvironmentStrings
VirtualAlloc
SetupComm
GetCommState
SetCommTimeouts
GetCommTimeouts
SetCommState
ReadFile
CreateFileA
CloseHandle
PurgeComm
BuildCommDCBA

user32

SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
ShowWindow
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
EnableMenuItem
CharUpperA
SetCursor
GetCursorPos
ValidateRect
GetMessageA
DestroyMenu
ClientToScreen
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
GetSysColorBrush
LoadCursorA
AdjustWindowRectEx
CopyRect
IsWindowVisible
SetFocus
GetTopWindow
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
LoadStringA
GetParent
IsWindowEnabled
GetWindowLongA
MessageBoxA
GetMenu
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
PostQuitMessage
LoadIconA
FindWindowA
GetLastActivePopup
SetForegroundWindow
IsIconic
PeekMessageA
DispatchMessageA
TranslateMessage
SendMessageA
EnableWindow
GetDC
ReleaseDC
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
GetCapture
WinHelpA
SetWindowsHookExA
GetWindowTextA
UnregisterClassA

gdi32

SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetClipBox

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a20ff85dacf720a590fdfc798c3f29f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 40KB - Virtual size: 38KB