8f12381b75d6ec7dbc2d64917f60ceab092d6a396ae046bd1eaf1a285871eb3a

Sharing

Copy URL

Twitter E-mail

General

Target

8f12381b75d6ec7dbc2d64917f60ceab092d6a396ae046bd1eaf1a285871eb3a
Size

129KB
MD5

bbfbb40e1caf17009f1818b26506b343
SHA1

d518458a28109dbda8b593b575f374a6b1bb8023
SHA256

8f12381b75d6ec7dbc2d64917f60ceab092d6a396ae046bd1eaf1a285871eb3a
SHA512

efc7dbb23910912b8380325817617cb6b72fef1dab14ac14e311a30321cfea7d6cfbe162f60456eaff09c0d24022737f504f129959c056aa46799e9252b06f17
SSDEEP

3072:k4tkaZgxktEdSja2qLckP+4AnrIKvOBI+huG0TG0uhSW9:k4tkqxrqLckP+xn0YOBI+AG0TG0kL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f12381b75d6ec7dbc2d64917f60ceab092d6a396ae046bd1eaf1a285871eb3a

Files

8f12381b75d6ec7dbc2d64917f60ceab092d6a396ae046bd1eaf1a285871eb3a
.exe windows:5 windows x86 arch:x86

dccff42573edbebc16f4c14991579bbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

regedit.pdb

Imports

msvcrt

__p__commode
_adjust_fdiv
__p__fmode
_initterm
__getmainargs
_acmdln
__set_app_type
_except_handler3
__setusermatherr
_controlfp
exit
_XcptFilter
_exit
_c_exit
swprintf
iswprint
wcsncpy
wcslen
wcscat
wcscpy
_purecall
iswctype
wcscmp
wcschr
wcsncmp
wcsrchr
_cexit
memmove

advapi32

RegQueryValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
RegDeleteValueW
InitializeAcl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetInheritanceSourceW
LookupAccountSidW
GetSidSubAuthorityCount
GetSidSubAuthority
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
SetSecurityInfo
SetNamedSecurityInfoW
GetNamedSecurityInfoW
MapGenericMask
RegSetValueExA
RegSetValueW
RegFlushKey
RegSaveKeyW
RegRestoreKeyW
RegConnectRegistryW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegEnumValueW
RegEnumKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW

kernel32

ReadFile
DeleteFileW
WriteFile
WideCharToMultiByte
CreateFileW
OutputDebugStringW
GetLastError
SetFilePointer
GetFileSize
SearchPathW
GetTimeFormatW
GetDateFormatW
GetSystemDefaultLCID
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
LoadLibraryW
MulDiv
lstrcpynW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
MultiByteToWideChar
lstrcmpW
FormatMessageW
GetThreadLocale
GetModuleHandleW
ExitProcess
GetCommandLineW
GetProcessHeap
lstrcatW
LocalAlloc
GetCurrentProcess
CloseHandle
LocalFree
GetComputerNameW
lstrcmpiW
lstrlenW
lstrcpyW
LocalReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcAddress
LoadLibraryA

gdi32

GetStockObject
SetAbortProc
StartDocW
StartPage
SetViewportOrgEx
EndPage
EndDoc
AbortDoc
DeleteDC
CreateBitmap
CreatePatternBrush
PatBlt
ExcludeClipRect
SelectClipRgn
DeleteObject
SetBkColor
SetTextColor
ExtTextOutW
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW

user32

SendDlgItemMessageW
SetDlgItemTextW
SetWindowLongW
DefWindowProcW
ReleaseDC
GetDC
SetScrollInfo
wsprintfW
DestroyCaret
ReleaseCapture
KillTimer
SetCaretPos
ScrollWindowEx
ShowCaret
HideCaret
InvalidateRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
WinHelpW
EndDialog
GetWindowLongW
EndPaint
BeginPaint
CreateCaret
SetTimer
SetCapture
SetFocus
CharLowerW
GetDlgItem
DestroyMenu
TrackPopupMenuEx
IsClipboardFormatAvailable
EnableMenuItem
GetSubMenu
LoadMenuW
GetKeyState
RegisterClassW
LoadCursorW
RegisterClipboardFormatW
CheckRadioButton
SendMessageW
GetWindowTextW
GetParent
GetDlgItemTextW
IsDlgButtonChecked
GetDlgCtrlID
CallWindowProcW
GetWindowTextLengthW
GetDlgItemInt
PostQuitMessage
GetWindowPlacement
SetWindowTextW
EnableWindow
GetWindowRect
DrawMenuBar
InsertMenuItemW
DeleteMenu
SetMenuItemInfoW
GetMenu
GetMenuItemInfoW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsIconic
DestroyIcon
LoadImageW
GetSysColor
SetCursor
ShowCursor
ShowWindow
SetWindowPlacement
CreateWindowExW
GetProcessDefaultLayout
GetMessageW
ScreenToClient
SetCursorPos
DispatchMessageW
ClientToScreen
GetDesktopWindow
LoadIconW
PostMessageW
SetMenuDefaultItem
InsertMenuW
GetMenuItemID
CheckMenuItem
UpdateWindow
RegisterClassExW
CharNextW
GetClientRect
DestroyWindow
CreateDialogParamW
CheckDlgButton
DrawAnimatedRects
IntersectRect
ModifyMenuW
GetMessagePos
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
FindWindowW
LoadStringW
GetWindow
IsDialogMessageW
PeekMessageW
MessageBoxW
CharUpperBuffW
CharUpperW
IsCharAlphaNumericW
GetSystemMetrics
MoveWindow
MapWindowPoints
DialogBoxParamW
SetWindowPos
MessageBeep

comctl32

ord338
ord334
ord236
ord340
InitCommonControlsEx
ord365
ord337
ImageList_SetBkColor
ImageList_Create
ImageList_Destroy
ord2
ord4
ImageList_ReplaceIcon
ord329
ord359
ord358
ord363
CreateStatusWindowW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
PrintDlgExW

shell32

ShellAboutW
DragQueryFileW
DragFinish

authz

AuthzInitializeContextFromSid
AuthzAccessCheck
AuthzFreeContext
AuthzFreeResourceManager
AuthzInitializeResourceManager

aclui

ord2

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
ReleaseStgMedium

ulib

?Resize@DSTRING@@UAEEK@Z
?Initialize@ARRAY@@QAEEKK@Z
?NewBuf@DSTRING@@UAEEK@Z
??1DSTRING@@UAE@XZ
??1OBJECT@@UAE@XZ
??0OBJECT@@IAE@XZ
?Compare@OBJECT@@UBEJPBV1@@Z
??0DSTRING@@QAE@XZ
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
??0ARRAY@@QAE@XZ
?Initialize@WSTRING@@QAEEPBGK@Z

clb

ClbAddData
ClbSetColumnWidths

ntdll

RtlFreeHeap
RtlAllocateHeap

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA

Sharing

General

Malware Config

Signatures

Files

dccff42573edbebc16f4c14991579bbc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

comctl32

comdlg32

shell32

authz

aclui

ole32

ulib

clb

ntdll

Sections

.text Size: 94KB - Virtual size: 94KB

.data Size: 1024B - Virtual size: 259KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 94KB - Virtual size: 94KB

.data
Size: 1024B - Virtual size: 259KB

.rsrc
Size: 33KB - Virtual size: 33KB