150abdfc503fbf266a48c822d7a9385d49b008e61293bb5fe7e1266507ba454c

Sharing

Copy URL Twitter E-mail

General

Target

150abdfc503fbf266a48c822d7a9385d49b008e61293bb5fe7e1266507ba454c
Size

3.5MB
MD5

e91db473eb8c174606985cf23f32e4ad
SHA1

0153eaa4e4f8de27735251b2f9414e5561c35e69
SHA256

150abdfc503fbf266a48c822d7a9385d49b008e61293bb5fe7e1266507ba454c
SHA512

1b0dd6c79990ebbf4b831b0638e11f4e68d877f2dc45ce6539b3a62832bd251568b1ec427afca6be532dc3e393c0ac0350a0655f57ca7b21c65bd739827845a6
SSDEEP

98304:sgdbGgo+ieO/0Q9qBoxIhSd9kAXRvYYGmWTH:sgdbGgieOXYB3hSTkAKYGFTH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
150abdfc503fbf266a48c822d7a9385d49b008e61293bb5fe7e1266507ba454c

Files

150abdfc503fbf266a48c822d7a9385d49b008e61293bb5fe7e1266507ba454c
.exe windows:4 windows x86 arch:x86

d22aa6224497e885f14c6f317d8939f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

wcschr
wcsstr
free
_wcsdup
wcslen
wcsrchr
wcscspn
gmtime
_ultoa
fclose
wcstok
ftell
fseek
_fdopen
_open_osfhandle
malloc
getc
fwrite
_wcsnicmp
wcscmp
iswalpha
fread
memset

kernel32

GetFileAttributesW
lstrlenW
lstrcpyW
lstrcatW
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
GlobalAlloc
GlobalLock
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
SystemTimeToFileTime
GetCommandLineW
SetFileTime
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrlenA
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
lstrcmpW
Sleep
GetModuleFileNameW
SearchPathW
LocalFree
FormatMessageW
GetLastError
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
DeleteFileW
SetFileAttributesW
GetExitCodeThread
WaitForSingleObject
CreateThread
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareFileTime
GetFileSize
GetFileTime
lstrcmpiA
GetCurrentProcess
GetProcAddress
GetExitCodeProcess
CreateProcessW
GetShortPathNameW
lstrcmpiW
GetCurrentThreadId
GetVersionExA
GetModuleHandleA
ExitProcess
CloseHandle

user32

DestroyIcon
wsprintfW
SendMessageA
UpdateWindow
ShowWindow
CreateDialogParamA
SetWindowPos
CreateWindowExA
PostQuitMessage
DestroyWindow
MessageBoxW
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
CallWindowProcW
GetMessageA
FindWindowW
PostMessageW
UnhookWindowsHookEx
SetWindowTextW
GetKeyState
CallNextHookEx
CheckDlgButton
GetParent
SetWindowsHookExA
CreateWindowExW
GetDesktopWindow
GetSystemMetrics
ReleaseDC
GetDC
GetWindowLongW
SetWindowLongW
GetDlgItem
SetDlgItemTextW
IsWindow
GetWindowTextW
MessageBeep
GetWindowRect
GetDlgItemTextW
IsDlgButtonChecked
DialogBoxParamA
SendMessageW
LoadStringW
LoadStringA
MessageBoxA
WaitForInputIdle
EndDialog

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW

ole32

CoTaskMemFree

comctl32

ord17

gdi32

GetTextExtentPoint32W
SelectObject

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d22aa6224497e885f14c6f317d8939f6

Headers

File Characteristics

Imports

crtdll

kernel32

user32

shell32

ole32

comctl32

gdi32

mpr

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 28KB - Virtual size: 25KB