f6906b0df3954423a27a5d78930bbe2af9a420df67bc8299bb62be52d918ea0c

Sharing

Copy URL

Twitter E-mail

General

Target

f6906b0df3954423a27a5d78930bbe2af9a420df67bc8299bb62be52d918ea0c
Size

847KB
MD5

fbc56de95b5a81e789c187ac6036da6f
SHA1

8a8d8a997c69d12c703b4e739cf996abbd4643a4
SHA256

f6906b0df3954423a27a5d78930bbe2af9a420df67bc8299bb62be52d918ea0c
SHA512

0da01ff53267f229afd864eea39d299f9e4b24d40a78a20ccdb0148c6974b9d469504b21eb6bf4d922116ec9560ead54903d6139f8d3024b2943a1b50e9a33fd
SSDEEP

24576:gr48Kiij1bJAAe/UthC+igCJz6x5J3O40wlIWmQsx+W1MMMWMMMKq/y:gr48KiiRGo2+3PpIMMMWMMMV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6906b0df3954423a27a5d78930bbe2af9a420df67bc8299bb62be52d918ea0c

Files

f6906b0df3954423a27a5d78930bbe2af9a420df67bc8299bb62be52d918ea0c
.exe windows:5 windows x86 arch:x86

7be8cc5a2fda8b738894edd873de219b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ord17
ord6
ImageList_Destroy
ord16
ImageList_ReplaceIcon
ImageList_Create

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

PlaySoundA
timeGetTime

kernel32

GetLastError
GetFullPathNameA
FileTimeToSystemTime
CompareFileTime
lstrlenW
FileTimeToLocalFileTime
GetTickCount
SearchPathA
GetCurrentDirectoryW
SetCurrentDirectoryA
GetTempPathA
lstrcmpiA
GetSystemDefaultLangID
GetSystemInfo
GetLocaleInfoA
GlobalMemoryStatusEx
GetComputerNameA
SetErrorMode
GetDriveTypeA
DeviceIoControl
GetDiskFreeSpaceExA
GetVolumeInformationA
GetTimeZoneInformation
lstrcpyW
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentThread
GetThreadPriority
SetThreadPriority
SetThreadAffinityMask
GetCurrentProcess
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
FindFirstFileW
FindNextFileW
GetModuleFileNameW
SetCurrentDirectoryW
FormatMessageA
LocalFree
GetFileSize
CreateFileW
ExpandEnvironmentStringsA
CreateMutexA
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
IsValidCodePage
GetOEMCP
GetCPInfo
HeapCreate
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
CreateThread
ResumeThread
ExitThread
ExitProcess
GetModuleHandleW
EncodePointer
DecodePointer
HeapReAlloc
HeapFree
HeapAlloc
InterlockedCompareExchange
LCMapStringW
LCMapStringA
GetStringTypeExW
GetStringTypeExA
GetUserDefaultLCID
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
HeapSize
FreeEnvironmentStringsW
LoadLibraryW
GetCommandLineA
GetEnvironmentStringsW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
GetEnvironmentVariableA
lstrcpynA
GetSystemDirectoryA
GetWindowsDirectoryA
GetCurrentDirectoryA
Sleep
TlsGetValue
SetLocalTime
GetLocalTime
FindClose
CreateDirectoryA
SystemTimeToFileTime
GetSystemTime
RemoveDirectoryA
MoveFileA
CopyFileA
WritePrivateProfileStructA
GetPrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
GetProcAddress
GetVersionExA
SetEnvironmentVariableA
FreeLibrary
LoadLibraryA
WideCharToMultiByte
GetACP
MultiByteToWideChar
GetExitCodeProcess
OpenProcess
WaitForSingleObject
CreateProcessA
lstrcmpA
SetFilePointer
ReadFile
lstrcatA
GlobalAlloc
DeleteFileA
CloseHandle
lstrlenA
WriteFile
CreateFileA
GlobalFree
GlobalUnlock
GlobalLock
lstrcpyA
GetModuleFileNameA
SetStdHandle
FlushFileBuffers
WriteConsoleW
SetEndOfFile
GetProcessHeap
TlsAlloc

user32

TranslateMessage
TranslateAcceleratorA
IsDialogMessageA
GetMessageA
GetKeyState
GetLastActivePopup
RegisterClassExA
LoadAcceleratorsA
ExitWindowsEx
SendMessageTimeoutA
GetUpdateRect
PostMessageA
GetScrollInfo
GetSystemMenu
MonitorFromRect
GetMenuStringA
SetCapture
PostQuitMessage
GetAsyncKeyState
SetForegroundWindow
AppendMenuA
InsertMenuA
DeleteMenu
CheckMenuItem
IsWindow
EndPaint
BeginPaint
SetMenuDefaultItem
DrawTextA
LoadBitmapA
WinHelpA
IsIconic
ReleaseCapture
LoadCursorA
SetCursor
ClientToScreen
GetWindowPlacement
MonitorFromPoint
FindWindowA
keybd_event
DefWindowProcA
TrackPopupMenuEx
GetCursorPos
SystemParametersInfoA
EnumDisplayMonitors
GetKeyboardType
EnumDisplayDevicesA
wsprintfW
DialogBoxIndirectParamA
SetLayeredWindowAttributes
DestroyMenu
GetSubMenu
UpdateWindow
ShowWindow
SetTimer
CheckMenuRadioItem
KillTimer
DispatchMessageA
PeekMessageA
WaitForInputIdle
GetClassNameA
LoadImageA
SetFocus
DrawMenuBar
EnableMenuItem
GetMenu
DestroyIcon
DestroyWindow
GetClientRect
GetWindowTextA
IsWindowEnabled
GetParent
SetWindowTextA
InvalidateRect
MoveWindow
ScreenToClient
GetScrollPos
GetWindowRect
EnumChildWindows
EnableScrollBar
SetScrollInfo
ShowScrollBar
SetWindowPos
GetMonitorInfoA
MonitorFromWindow
CreateWindowExA
GetSystemMetrics
LoadMenuA
SetMenu
EnableWindow
ReleaseDC
GetDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetDlgItemTextA
GetWindowTextLengthA
MessageBoxA
EndDialog
SetWindowLongA
GetWindowLongA
GetDlgItem
LoadIconA
SetDlgItemTextA
SendDlgItemMessageA
CallWindowProcA
SendMessageA
DialogBoxParamA
wsprintfA
LoadStringA
SetWindowPlacement
LoadStringW

gdi32

CreateCompatibleBitmap
SetBkColor
CreateSolidBrush
SetTextColor
SetBkMode
DeleteDC
BitBlt
GetObjectA
CreateCompatibleDC
LineTo
MoveToEx
CreatePen
Rectangle
DeleteObject
GetTextExtentPoint32A
SelectObject
CreateFontA
GetDeviceCaps
GetStockObject

comdlg32

GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA
ChooseColorA

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegFlushKey
GetUserNameA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
LookupAccountNameA
RegCloseKey

shell32

SHGetSpecialFolderLocation
ExtractIconA
DragAcceptFiles
ExtractIconExA
SHGetPathFromIDListA
SHBrowseForFolderA
DragFinish
SHFileOperationA
ShellExecuteA
DragQueryFileA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantClear
SysAllocString
VariantInit

iphlpapi

GetAdaptersInfo

wsock32

gethostbyname
htons
getservbyname
ioctlsocket
WSACleanup
closesocket
shutdown
gethostbyaddr
socket
connect
inet_ntoa
recv
send
WSAStartup

Sections

.text
Size: 565KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7be8cc5a2fda8b738894edd873de219b

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

version

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

iphlpapi

wsock32

Sections

.text Size: 565KB - Virtual size: 565KB

.rdata Size: 148KB - Virtual size: 147KB

.data Size: 21KB - Virtual size: 33KB

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 46KB - Virtual size: 45KB

.text
Size: 565KB - Virtual size: 565KB

.rdata
Size: 148KB - Virtual size: 147KB

.data
Size: 21KB - Virtual size: 33KB

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 46KB - Virtual size: 45KB