4d8869d738b7e852fbe780cd1dbaa4b846d420bff1ec197f37627c3e57277537

Sharing

Copy URL Twitter E-mail

General

Target

4d8869d738b7e852fbe780cd1dbaa4b846d420bff1ec197f37627c3e57277537
Size

355KB
MD5

adb8bc4fb42e196b9248545a0171d910
SHA1

cef016f764fcd0b27eca0bdc02509da9e6ff7eee
SHA256

4d8869d738b7e852fbe780cd1dbaa4b846d420bff1ec197f37627c3e57277537
SHA512

095397603ecf68911e540fb6ed309b29529da6297c2c2ae1260d904b871716db445449e2612481d4a8a40717ab058713ba2ab588ac445fb780ed9fbb669703b7
SSDEEP

6144:lG9P5zqnHU/y4iSQ6W5v2FE9kV4LWqvL4iimK+W2NebNyTglsbr:lG9tI4i0hVbqvUzWNg+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d8869d738b7e852fbe780cd1dbaa4b846d420bff1ec197f37627c3e57277537

Files

4d8869d738b7e852fbe780cd1dbaa4b846d420bff1ec197f37627c3e57277537
.exe windows:5 windows x86 arch:x86

d172ee3f4bb60d038c7518e38454c517

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work_SVN\Popup\Release\Popup.pdb

Imports

kernel32

GetFileSizeEx
SetErrorMode
GetStartupInfoW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalFlags
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
WaitForSingleObject
GetModuleHandleA
GetCurrentProcessId
FreeResource
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
lstrcmpW
FormatMessageW
LocalFree
MulDiv
InterlockedDecrement
InterlockedIncrement
WriteFile
SetThreadPriority
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
GetCurrentThread
CreateProcessW
CompareStringW
lstrlenA
FreeLibrary
LoadLibraryW
SetLastError
GetSystemInfo
GetModuleHandleW
GetProcAddress
GetVersionExW
GlobalHandle
GlobalUnlock
GlobalAlloc
GlobalLock
GetCommandLineW
GetModuleFileNameW
WritePrivateProfileStringW
MultiByteToWideChar
FindClose
FindFirstFileW
GetVolumeInformationW
GetTickCount
GetTempPathW
GetFileTime
CreateDirectoryW
GlobalFree
GetFileAttributesW
GetLastError
GetFileSize
CloseHandle
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
lstrlenW
GetSystemDefaultUILanguage
DeleteFileW
FindResourceW
LoadResource
LockResource
VirtualFree
SizeofResource

user32

UnregisterClassW
CharUpperW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
ShowWindow
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
GetMenu
SystemParametersInfoA
DestroyMenu
SetFocus
UnhookWindowsHookEx
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
IsWindowVisible
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetSysColor
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetLastActivePopup
MessageBoxW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CallWindowProcW
RemovePropW
GetPropW
SetPropW
GetParent
PostMessageW
SetForegroundWindow
GetWindowThreadProcessId
GetForegroundWindow
SetWindowLongW
PostThreadMessageW
RegisterClipboardFormatW
GetWindowTextW
ClientToScreen
ScreenToClient
GetWindowPlacement
DispatchMessageW
TranslateMessage
PeekMessageW
SetWindowPos
GetWindowLongW
MoveWindow
EqualRect
OffsetRect
IntersectRect
CopyRect
RegisterWindowMessageW
CharNextW
GetWindowRect
GetCursorPos
GetDC
EnableWindow
LoadBitmapW
KillTimer
SetDlgItemTextW
SetTimer
PtInRect
InvalidateRect
ReleaseDC
GetWindowDC
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SetWindowRgn
SetWindowTextW
SendMessageW
LoadIconW
GetKeyState

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetMapMode
GetRgnBox
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetWindowExtEx
CreateRoundRectRgn
GetClipBox
SetMapMode
SetTextColor
RestoreDC
SaveDC
GetDeviceCaps
SetBkMode
DeleteObject
ExtTextOutW
SetBkColor
GetObjectW
CreateFontW
GetStockObject
StretchBlt
BitBlt
SelectObject
CreateCompatibleDC
GetViewportExtEx

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleInitialize
OleUninitialize
CoTaskMemFree
OleCreate
OleSetContainedObject
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocStringLen
SysStringLen
SafeArrayDestroy
VariantClear
VariantInit
SysFreeString
SysAllocString

uxtheme

SetWindowTheme

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoW
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d172ee3f4bb60d038c7518e38454c517

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

uxtheme

wininet

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 18KB - Virtual size: 33KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 39KB - Virtual size: 38KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 18KB - Virtual size: 33KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 39KB - Virtual size: 38KB