74af7b13c36a7e0e81d51eee211c4ded77fad403520e60eae77f43491fbaa8a1

Sharing

Copy URL Twitter E-mail

General

Target

74af7b13c36a7e0e81d51eee211c4ded77fad403520e60eae77f43491fbaa8a1
Size

1.4MB
MD5

505585dc1b6d1fed07dffe4d55dcb316
SHA1

a4e74e731253b00bf77632a23a4af7fdd7754a11
SHA256

74af7b13c36a7e0e81d51eee211c4ded77fad403520e60eae77f43491fbaa8a1
SHA512

39fad4eefbe74453935af2e6538739292b5d182114739a7a133fc12764799bd63dcedbf81950531c212e45ecc39548dec471118a6c4ba6bd7502d02149966236
SSDEEP

24576:uu7v13FjGeGr3kouO8LSe4aRn+UUXecr9PEd9UfNPeJWbgIkALCp49hL9udLEqvb:EezY9E9UmcgeLCpehhupEtYuE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74af7b13c36a7e0e81d51eee211c4ded77fad403520e60eae77f43491fbaa8a1

Files

74af7b13c36a7e0e81d51eee211c4ded77fad403520e60eae77f43491fbaa8a1
.exe windows:5 windows x86 arch:x86

396857373534369711b8d2398975e99d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
SetCurrentDirectoryW
GetDateFormatW
FlushFileBuffers
GetLocalTime
CreateSemaphoreW
GetCurrentThreadId
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
VirtualFree
GetCurrentProcess
VirtualAlloc
InterlockedExchange
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetTickCount
GetVersionExW
CreateThread
SetEndOfFile
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleHandleA
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCurrentDirectoryA
CreateFileA
CreateMutexW
GetFileInformationByHandle
GetFullPathNameA
GetStringTypeA
GetModuleFileNameA
HeapSize
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetStringTypeW
LCMapStringW
LCMapStringA
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
LocalFree
FormatMessageW
WideCharToMultiByte
lstrcmpiW
lstrlenW
WriteFile
lstrcpynA
lstrlenA
GetFileSize
FindNextFileW
FindClose
GetFileSizeEx
MultiByteToWideChar
GetProcessHeap
HeapFree
HeapAlloc
FindFirstFileW
OutputDebugStringW
QueryPerformanceCounter
ReadFile
CreateEventW
CreateFileW
SetFilePointer
ReleaseSemaphore
MulDiv
lstrcmpW
Sleep
GetModuleHandleW
lstrcpyW
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCPInfo
HeapReAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitThread
DeleteFileW
GetProcAddress
LoadLibraryW
InterlockedCompareExchange
FreeLibrary
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
QueryPerformanceFrequency
ResetEvent
GetLastError
SetEvent
WaitForSingleObject
CreateDirectoryW
PeekNamedPipe
SetEnvironmentVariableA

user32

wsprintfW
GetSystemMetrics
IsWindowVisible
SetWindowPos
SystemParametersInfoW
GetWindowRect
DispatchMessageW
DefWindowProcW
SetWindowTextW
LoadIconW
TranslateMessage
BeginPaint
DeleteMenu
PostMessageW
PostQuitMessage
GetMessageW
ShowCursor
EndPaint
EnumDisplaySettingsW
GetMonitorInfoW
AdjustWindowRect
UpdateWindow
CreateWindowExW
ShowWindow
GetCursorPos
GetAsyncKeyState
InvalidateRect
PeekMessageW
GetDesktopWindow
RedrawWindow
SetWindowLongW
MonitorFromWindow
ReleaseDC
GetClassNameW
SetCursorPos
MessageBoxW
SendMessageW
GetSystemMenu
RegisterWindowMessageW
MsgWaitForMultipleObjects
GetQueueStatus
PostThreadMessageW
GetMessageExtraInfo
ClientToScreen
ScreenToClient
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
SetForegroundWindow
LoadCursorW
FindWindowW
GetClientRect
EnumWindows
GetDC
RegisterClassExW
SetRect

gdi32

SelectObject
DeleteObject
DeleteDC
GetGlyphOutlineW
GetObjectW
GetDeviceCaps
StretchDIBits
GetStockObject
GetTextMetricsW
SetTextColor
CreateFontIndirectW
SetBkColor
SetBkMode
CreateCompatibleDC
SetMapMode
AddFontResourceExW
RemoveFontResourceExW

comdlg32

GetSaveFileNameW

advapi32

CryptReleaseContext
RegCloseKey
CryptGetHashParam
CryptAcquireContextW
RegOpenKeyExW
CryptCreateHash
CryptDestroyHash
CryptHashData
RegQueryValueExW

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoCreateInstance

dsound

ord11

winmm

timeKillEvent
timeBeginPeriod
timeEndPeriod
timeGetTime
timeSetEvent

ogg

ogg_page_eos
ogg_sync_buffer
ogg_stream_pagein
ogg_stream_packetout
ogg_page_serialno
ogg_sync_wrote
ogg_sync_init
ogg_stream_clear
ogg_sync_clear
ogg_sync_pageout
ogg_stream_init
ogg_page_granulepos

vorbis

vorbis_synthesis_read
vorbis_synthesis_blockin
vorbis_synthesis_pcmout
vorbis_comment_clear
vorbis_synthesis_headerin
vorbis_info_init
vorbis_block_clear
vorbis_dsp_clear
vorbis_info_clear
vorbis_synthesis_init
vorbis_synthesis
vorbis_comment_init
vorbis_block_init

imm32

ImmSetOpenStatus
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext

canvas

?ResizeWindow@Canvas@@QAEJHH@Z
?Draw@Canvas@@QAE_NHHHPBE@Z
?Render@Canvas@@QAE_NAAUtagRECT@@@Z
??0Canvas@@QAE@PAUHWND__@@PAVULog@@HHHH_N@Z
??1Canvas@@QAE@XZ
?ResizeScreen@Canvas@@QAEJHH@Z

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

-�C?�u@
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

396857373534369711b8d2398975e99d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

dsound

winmm

ogg

vorbis

imm32

canvas

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 149KB - Virtual size: 149KB

.data Size: 12KB - Virtual size: 46KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 54KB - Virtual size: 53KB

-�C?�u@ Size: 16KB - Virtual size: 20KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 149KB - Virtual size: 149KB

.data
Size: 12KB - Virtual size: 46KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 54KB - Virtual size: 53KB

-�C?�u@
Size: 16KB - Virtual size: 20KB