b79a827f6721211dc51c856f6a34664ebc2bcbc17aa8b189f36a3301d466d7c8

Sharing

Copy URL

Twitter E-mail

General

Target

b79a827f6721211dc51c856f6a34664ebc2bcbc17aa8b189f36a3301d466d7c8
Size

808KB
MD5

c9239f5fb81fe194c419fef10ceed6c1
SHA1

df2d5fafa2e40432b6963fb48dc5d7f4b17030c5
SHA256

b79a827f6721211dc51c856f6a34664ebc2bcbc17aa8b189f36a3301d466d7c8
SHA512

e9505fa3fb5203c31e2bcf996ea4c6b478de6dfea67b85032430aa57862128fbb1f9d5584a5db6d78c2253e90a2add3657cc0462b41affca70fed402fff815f6
SSDEEP

12288:BYDyDXOBTpjueimSuAZP8Dsl+c1ikZ0Mz:yGDXOBTpH2uAZQsl+E/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b79a827f6721211dc51c856f6a34664ebc2bcbc17aa8b189f36a3301d466d7c8

Files

b79a827f6721211dc51c856f6a34664ebc2bcbc17aa8b189f36a3301d466d7c8
.exe windows:4 windows x86 arch:x86

5c545828cdbf0a82c4ca5904a6acc0a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

d3d8

Direct3DCreate8

kernel32

GetStartupInfoA
GetCommandLineA
RaiseException
TerminateProcess
ExitProcess
HeapAlloc
HeapSize
HeapReAlloc
GetACP
HeapFree
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapCreate
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateProcessA
WaitForSingleObject
CloseHandle
GetExitCodeProcess
OpenMutexA
CreateMutexA
HeapDestroy
GlobalFree
WideCharToMultiByte
GlobalAlloc
MulDiv
lstrcpyA
SetEndOfFile
SetFilePointer
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
SetErrorMode
GetCurrentProcess
WritePrivateProfileStringA
GetCPInfo
GetOEMCP
TlsSetValue
TlsGetValue
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
LocalAlloc
TlsAlloc
LocalFree
EnterCriticalSection
GetProcessVersion
FindResourceExA
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
GlobalFlags
GetModuleHandleA
SetUnhandledExceptionFilter
FindResourceA
VirtualAlloc
InterlockedIncrement
SizeofResource
MultiByteToWideChar
InterlockedDecrement
FreeLibrary
GetCurrentThread
LoadLibraryA
GlobalGetAtomNameA
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
GlobalLock
GetProcAddress
SetLastError
lstrcmpA
CreateDirectoryA
lstrcpynA
lstrcatA
IsBadWritePtr
lstrlenA
LCMapStringA
GetVersionExA
LoadResource
OutputDebugStringA
lstrcmpiA
GetModuleFileNameA
RemoveDirectoryA
GetLastError
DeleteFileA
LockResource
GetProfileStringA

user32

GetMenuCheckMarkDimensions
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
SetWindowTextA
PostQuitMessage
SetCursor
GetCursorPos
GetMenuState
ValidateRect
GetMessageA
CreateDialogIndirectParamA
EndDialog
LoadStringA
DestroyMenu
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
TranslateMessage
IsDialogMessageA
InflateRect
CopyRect
IsWindowVisible
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
ShowWindow
GetCapture
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GetActiveWindow
GetWindowTextA
InvalidateRect
KillTimer
GetParent
PostMessageA
SetTimer
GetWindowRect
WaitForInputIdle
MessageBoxA
SetWindowPos
GetTopWindow
IsWindow
GetWindow
GetWindowLongA
AdjustWindowRectEx
OffsetRect
ReleaseDC
GetDC
wsprintfA
LoadBitmapA
IsIconic
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
GetSystemMetrics
GetClientRect
DrawIcon
DispatchMessageA
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
EnableWindow
GetPropA
GetLastActivePopup
CallNextHookEx
DefDlgProcA
IsWindowUnicode
ShowCaret
UnregisterClassA
HideCaret
DrawFocusRect
CharNextA
ExcludeUpdateRgn

gdi32

BitBlt
DeleteObject
GetObjectA
GetDeviceCaps
DeleteDC
SelectObject
SaveDC
RestoreDC
SetBkColor
GetStockObject
SetBkMode
SetTextColor
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
GetClipBox
ScaleWindowExtEx
IntersectClipRect
CreateSolidBrush
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA
PatBlt
CreateBitmap
EnumFontFamiliesExA
GetTextExtentPointA
CreateDIBitmap
SetWindowExtEx
CreateCompatibleDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegFlushKey

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

comctl32

CreatePropertySheetPageA
PropertySheetA
DestroyPropertySheetPage
ord17

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 648KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c545828cdbf0a82c4ca5904a6acc0a2

Headers

File Characteristics

Imports

dinput8

d3d8

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 16KB - Virtual size: 82KB

.rsrc Size: 648KB - Virtual size: 647KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 16KB - Virtual size: 82KB

.rsrc
Size: 648KB - Virtual size: 647KB