860dcb592edc6f0956d4546950ee15ceb9116e0d298dfafac39e589f7acdd766

Sharing

Copy URL

Twitter E-mail

General

Target

860dcb592edc6f0956d4546950ee15ceb9116e0d298dfafac39e589f7acdd766
Size

565KB
MD5

fed0452f52a9f4f730603ec7f38e67e7
SHA1

86ab78b406b5f7d2ff3324c7dd8a27fb45040051
SHA256

860dcb592edc6f0956d4546950ee15ceb9116e0d298dfafac39e589f7acdd766
SHA512

7b4747858c9460bcb559cdcfd25da754c9431755553bf298ffcc93a21067271ee4ed3405888efbfd26c6c4b5d2b883610dd1beec1df0c70391957521dec205db
SSDEEP

6144:wWNZcyGSgPfDBWJSAeoTRRng0EGtrWHykUshpWYNvUSNK8CYWScUME2RCGeRkq/E:h9RbooUNvUMiE2ukq/f1K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
860dcb592edc6f0956d4546950ee15ceb9116e0d298dfafac39e589f7acdd766

Files

860dcb592edc6f0956d4546950ee15ceb9116e0d298dfafac39e589f7acdd766
.exe windows:1 windows x86 arch:x86

c4f6a6deb46371cdc5710b9fbfd1084e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateFileA
CreateProcessA
EnterCriticalSection
ExitProcess
FormatMessageA
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LocalAlloc
LocalFree
MulDiv
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

comdlg32

CommDlgExtendedError
GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

gdi32

BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
GetDeviceCaps
GetObjectA
GetStockObject
LineTo
MoveToEx
Polygon
Rectangle
RoundRect
SelectObject
SetBkMode
SetTextAlign
SetTextColor
StartDocA
StartPage
TextOutA

shell32

ShellExecuteA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CheckDlgButton
CheckRadioButton
ClientToScreen
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
DrawEdge
DrawTextA
EnableWindow
EndPaint
EnumThreadWindows
FillRect
GetClassNameA
GetClientRect
GetDC
GetDlgCtrlID
GetDlgItem
GetDlgItemTextA
GetFocus
GetKeyState
GetMessageA
GetNextDlgTabItem
GetParent
GetSysColorBrush
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowRgn
InvalidateRect
IsChild
IsDlgButtonChecked
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadImageA
LoadStringA
MessageBeep
MessageBoxA
MoveWindow
OffsetRect
PostMessageA
PostQuitMessage
PtInRect
RegisterClassExA
ReleaseDC
ScreenToClient
SendMessageA
SetActiveWindow
SetDlgItemTextA
SetFocus
SetRect
SetRectEmpty
SetTimer
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UpdateWindow
wsprintfA

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 163KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4f6a6deb46371cdc5710b9fbfd1084e

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

shell32

user32

Exports

Exports

Sections

.text Size: 344KB - Virtual size: 344KB

.data Size: 163KB - Virtual size: 172KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 24KB

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 344KB - Virtual size: 344KB

.data
Size: 163KB - Virtual size: 172KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 24KB

.reloc
Size: 28KB - Virtual size: 28KB