95f7d613f3282e16ca311b5e70595dd8d050ddabaccace4c50f639a79dc41d0f

Sharing

Copy URL Twitter E-mail

General

Target

95f7d613f3282e16ca311b5e70595dd8d050ddabaccace4c50f639a79dc41d0f
Size

164KB
MD5

a1aab5e9494d4e91739010dcb5d9ed4b
SHA1

20d3ef47e3fe59f41125420e9531de43cbe65f3f
SHA256

95f7d613f3282e16ca311b5e70595dd8d050ddabaccace4c50f639a79dc41d0f
SHA512

5d9a943494d54e000c1fea549e00a41951cf359ad28ef8127af4ca69b74d8093b7629585bf913523cd30e12e408e7862e1ff2a0e217073f085b72688e37c24b3
SSDEEP

1536:f3N9GfCtO7VxxdXc4zhtf80pnaK7pfHi0nz2LD460jjj200l9:7GfCqxxdMIza6ZC0nz2v4bjjj200n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f7d613f3282e16ca311b5e70595dd8d050ddabaccace4c50f639a79dc41d0f

Files

95f7d613f3282e16ca311b5e70595dd8d050ddabaccace4c50f639a79dc41d0f
.exe windows:4 windows x86 arch:x86

ba8a1074722302228c8cb1ef7f671c49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
OutputDebugStringA
GetStringTypeExA
HeapFree
GetProcessHeap
MulDiv
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
GetExitCodeThread
UnmapViewOfFile
CloseHandle
CreateFileMappingA
MapViewOfFile
GetCurrentProcessId
CreateThread
OpenProcess
GetExitCodeProcess
Sleep
FindFirstFileA
lstrcmpA
SetLastError
GetFullPathNameA
lstrcpyA
LoadLibraryA
GetProcAddress
GetCommandLineA
ExpandEnvironmentStringsA
EnterCriticalSection
SetEnvironmentVariableA
WaitForSingleObject
SetCurrentDirectoryA
CreateDirectoryA
GetCurrentProcess
FlushInstructionCache
HeapAlloc
CompareStringA
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
lstrcatA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
ExitProcess
HeapReAlloc
HeapSize
RaiseException
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleFileNameA
GetLastError
GetModuleHandleA
lstrlenW
WideCharToMultiByte
lstrlenA
RtlUnwind
MultiByteToWideChar
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
lstrcpynA
lstrcmpiA
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetSystemDefaultLCID
SetThreadLocale
GlobalMemoryStatus
FreeLibrary

user32

ScreenToClient
GetCursorPos
GetDlgCtrlID
ReleaseCapture
GetCapture
SetCapture
SetFocus
SetCursor
PtInRect
DrawFocusRect
GetFocus
DrawTextA
GetSysColor
IsWindowEnabled
FillRect
MessageBoxA
GetWindowDC
CallWindowProcA
DispatchMessageA
TranslateMessage
UpdateWindow
GetClassNameA
DestroyCursor
GetActiveWindow
OffsetRect
RegisterWindowMessageA
PostThreadMessageA
EndPaint
BeginPaint
GetSystemMetrics
LoadCursorA
wsprintfA
RegisterClassExA
SetWindowLongA
SetWindowPos
InvalidateRect
RedrawWindow
IsWindowVisible
ShowWindow
MapWindowPoints
GetWindowRect
CreateWindowExA
IsWindow
GetClientRect
CreateCursor
GetWindowTextLengthA
GetWindowTextA
GetDC
PeekMessageA
ReleaseDC
DefWindowProcA
LoadStringA
DestroyWindow
UnregisterClassA
CharNextA
wvsprintfA
SetRectEmpty
EnableWindow
GetMessageA
DialogBoxParamA
GetWindowLongA
EndDialog
SendMessageA
GetWindow
SystemParametersInfoA
GetParent
LoadIconA
SetWindowTextA
GetDlgItem
GetClassInfoExA

gdi32

GetWindowExtEx
GetViewportExtEx
SetMapMode
GetMapMode
GetDeviceCaps
SetBkMode
SetTextColor
GetStockObject
CreateFontIndirectA
GetObjectA
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC

advapi32

RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr
OleLoadPicture

comctl32

InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba8a1074722302228c8cb1ef7f671c49

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 92KB - Virtual size: 90KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 92KB - Virtual size: 90KB