dd55d04e834999844e9f9ab0c7dd7e8f9fed478f3ae5462a58ba4b968a09fea2

Sharing

Copy URL Twitter E-mail

General

Target

dd55d04e834999844e9f9ab0c7dd7e8f9fed478f3ae5462a58ba4b968a09fea2
Size

192KB
MD5

c98c33d178244f91acc50f7f83fb2602
SHA1

a88631df9ec6b1b0371d04fce146490d23a46bbc
SHA256

dd55d04e834999844e9f9ab0c7dd7e8f9fed478f3ae5462a58ba4b968a09fea2
SHA512

997268b09eecff3c2105b46da1f4c1135700aac3a5f3f309677387fb44e560682d77ea20e363ee625ed85b39a7cf38725caac6a08806d0b7dc59f846a6a86c7d
SSDEEP

3072:exAcwyEOmQK+bjRCINyVIZVPIthMz1MMK2r:vyEUK+bb9smOMKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd55d04e834999844e9f9ab0c7dd7e8f9fed478f3ae5462a58ba4b968a09fea2

Files

dd55d04e834999844e9f9ab0c7dd7e8f9fed478f3ae5462a58ba4b968a09fea2
.exe windows:4 windows x86 arch:x86

fa46556b7feaf23a318fb5db449617e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

FreeLibrary
LoadLibraryW
WaitForSingleObject
CreateProcessW
OutputDebugStringW
WriteFile
GetStringTypeExW
GetThreadLocale
GetLastError
CreateDirectoryW
GetProcAddress
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
DeleteFileW
lstrlenA
InterlockedIncrement
CopyFileW
GetSystemDirectoryW
SetCurrentDirectoryW
TlsAlloc
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
SetLastError
LoadLibraryExW
GetModuleFileNameW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetEndOfFile
IsValidCodePage
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
RtlUnwind
ExitProcess
HeapSize
HeapCreate
HeapDestroy
CreateFileA
TlsFree
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStartupInfoA
GetFileType
FindFirstFileW
FindClose
CreateFileW
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
SetFileAttributesW
GetTickCount
TlsSetValue
TlsGetValue
GetStdHandle
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
InterlockedDecrement
lstrlenW
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
SetHandleCount
Sleep
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
FlushFileBuffers
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
EnterCriticalSection
RaiseException
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
ReadFile
GetConsoleCP
GetConsoleMode
SetFilePointer
HeapReAlloc

user32

GetActiveWindow
GetWindowTextLengthW
LoadIconW
UnregisterClassA
EndPaint
CallWindowProcW
DefWindowProcW
LoadBitmapW
DestroyWindow
OffsetRect
SystemParametersInfoW
MapWindowPoints
BeginPaint
ShowWindow
ScreenToClient
GetClientRect
GetWindowRect
MoveWindow
GetWindowLongW
IsWindow
GetWindow
GetWindowTextW
SetWindowTextW
CharNextW
LoadStringW
MessageBoxW
GetDlgItem
EnableWindow
KillTimer
SetTimer
SendMessageW
GetParent
SetWindowLongW
SetWindowPos

gdi32

DeleteDC
CreateFontIndirectW
DeleteObject
CreateCompatibleDC
SetBkColor
ExtTextOutW
TextOutW
BitBlt
SetBkMode
SelectObject
GetObjectW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryInfoKeyW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
SHCreateDirectoryExW

ole32

CoTaskMemRealloc
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx
PropertySheetW
CreatePropertySheetPageW
DestroyPropertySheetPage

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa46556b7feaf23a318fb5db449617e5

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 60KB - Virtual size: 58KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 60KB - Virtual size: 58KB