Flying Windows[.]scr

General

Target

Flying Windows.scr
Size

14KB
MD5

a354f269feac721b1d7b8b6aa40149cb
SHA1

39f4510dca055cdd15dc5a12463ed6a516797897
SHA256

c944a791eb42837576d026ab037a966ba277ff4b3bd1bbd132f6c9b2788b4e6c
SHA512

4ea83b721d2b00f3c28635d517e880036030b4f9f3fff943aa528a9a8220e7318703642bf83a6f850099cd6e404f78d2cd6348a68a55adc703c6dcc575013864
SSDEEP

192:CRyqrf82FpB/AIqeaLsagbnSySQo5NGU9g+1WwfYZW2oWEko5cEM:CRyqjrpBgsjSQo59j1WlW2oWE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Flying Windows.scr

Files

Flying Windows.scr
.exe windows:4 windows x86 arch:x86

240622b16e31c4952e624b4f9b1885fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemInt
SystemParametersInfoA
EnableWindow
EndDialog
DefWindowProcA
GetCursorPos
SetCursor
IsWindow
GetParent
PostQuitMessage
PostMessageA
SendMessageA
TranslateMessage
SetForegroundWindow
CreateWindowExA
RegisterClassA
RegisterWindowMessageA
FindWindowA
GetSystemMetrics
GetClientRect
LoadIconA
DialogBoxParamA
PeekMessageA
CharNextA
wsprintfA
SendDlgItemMessageA
LoadStringA
WinHelpA
GetMessageA
DispatchMessageA
ReleaseDC
GetDlgItem
GetForegroundWindow
SetTimer
KillTimer
GetDC
FillRect

kernel32

GetTickCount
LocalFree
WritePrivateProfileStringA
lstrcpyA
GetPrivateProfileIntA
LocalAlloc
lstrcmpiA
RtlUnwind
ExitProcess
LoadLibraryA
GetStartupInfoA
GetModuleHandleA
GetProcAddress
FreeLibrary
GetCommandLineA
UnhandledExceptionFilter
Sleep

gdi32

CreateSolidBrush
GetClipBox
GetRasterizerCaps
CreateICA
CreateFontA
GetTextFaceA
DeleteDC
SetBkColor
SetBkMode
SetTextColor
TextOutA
DeleteObject
PatBlt
SetTextAlign
CreateFontIndirectA
GetStockObject
SelectObject

comctl32

ord17

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

240622b16e31c4952e624b4f9b1885fd

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 864B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 924B

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 864B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 924B