179575df4fbc50676dda5480c77017bcdfb666bd08559a38d4fddada660b2599[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

179575df4fbc50676dda5480c77017bcdfb666bd08559a38d4fddada660b2599.exe
Size

524KB
MD5

0291049511f45ca9c80b617fb47c0ea2
SHA1

93ba120682d3eb765c09271093031175b4c3b5c3
SHA256

179575df4fbc50676dda5480c77017bcdfb666bd08559a38d4fddada660b2599
SHA512

dcde6f760ded8c98b26fbf3aa13008ebdd5750e7f93201540afa148c876b76e1ad7b4771d8a3e5adc774e06b5caf500f2e31d678db41efb7ca8c8195a7a48b34
SSDEEP

12288:iiQFqMQdIWuud/wjPNWS/z3hfaq8gsnXqVDOhgBMVyEO:iiQFmIWuud/GNWuT1aqNsnX8Kzy3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179575df4fbc50676dda5480c77017bcdfb666bd08559a38d4fddada660b2599.exe

Files

179575df4fbc50676dda5480c77017bcdfb666bd08559a38d4fddada660b2599.exe
.exe windows:4 windows x86 arch:x86

55152996bb34155ed183929a458f37db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\febaeige\frsadxe\toouos

Imports

comctl32

ImageList_Merge
InitCommonControlsEx
ImageList_SetImageCount
ImageList_SetFilter
ImageList_GetImageRect
_TrackMouseEvent
CreatePropertySheetPageA
ImageList_GetFlags
DrawStatusTextW
ImageList_SetIconSize
CreateToolbar
DrawInsert
ImageList_Add
ImageList_EndDrag
ImageList_DragLeave
ImageList_GetImageCount
GetEffectiveClientRect

kernel32

QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
MapViewOfFile
RtlUnwind
GetStringTypeExA
HeapDestroy
GetModuleHandleA
CloseHandle
GetEnvironmentVariableA
CreateMutexW
DeleteCriticalSection
TlsAlloc
SetEnvironmentVariableA
GetThreadPriority
GlobalAddAtomA
FreeEnvironmentStringsA
CompareStringA
InterlockedExchange
GetLocaleInfoA
GetProcessHeap
WriteProfileSectionW
FlushFileBuffers
VirtualFree
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
InterlockedIncrement
GetTickCount
GetStringTypeExW
InterlockedDecrement
GetModuleFileNameW
CreateFileA
WritePrivateProfileStringW
EnumTimeFormatsW
LCMapStringA
SetConsoleActiveScreenBuffer
HeapReAlloc
LeaveCriticalSection
DeleteFileA
FreeEnvironmentStringsW
GetAtomNameA
LocalReAlloc
GetTimeFormatA
SetStdHandle
GetUserDefaultLCID
GetEnvironmentStringsW
WritePrivateProfileStringA
SetConsoleCtrlHandler
GetConsoleCP
LCMapStringW
GetConsoleMode
GetProcAddress
TlsGetValue
WaitForMultipleObjects
GetStringTypeA
SetHandleCount
CompareStringW
IsBadReadPtr
GetDateFormatA
GetConsoleOutputCP
HeapLock
AddAtomA
WriteConsoleOutputAttribute
GetSystemTimeAdjustment
DeleteAtom
GetSystemDefaultLCID
IsDebuggerPresent
GetStartupInfoW
SetLastError
TerminateProcess
lstrcatA
EnumSystemLocalesA
EnumCalendarInfoW
HeapSize
CreateEventA
GetEnvironmentStrings
LoadLibraryExW
TlsFree
HeapFree
GetModuleFileNameA
GlobalFix
ReadConsoleInputW
GetOEMCP
EnumCalendarInfoA
GetCPInfo
HeapAlloc
VirtualQuery
SetFilePointer
CreateDirectoryExA
WideCharToMultiByte
GetFileType
GetCurrentThreadId
GetLocaleInfoW
GetCalendarInfoA
SetEvent
UnhandledExceptionFilter
EnumDateFormatsW
Sleep
FreeLibrary
GetCurrentProcess
OpenSemaphoreA
GetACP
VirtualAllocEx
CreateRemoteThread
LoadLibraryA
HeapCreate
GetCommandLineW
SetPriorityClass
VirtualAlloc
ReadFile
GetLastError
SetUnhandledExceptionFilter
GetFileAttributesExW
GetStdHandle
WriteConsoleW
CreateMailslotW
OpenFile
IsValidLocale
GetStartupInfoA
GetPrivateProfileSectionA
GetPrivateProfileStringA
ExitProcess
WriteFile
GetTimeZoneInformation
WriteConsoleA
GetProfileStringW
GetCurrentThread
GetSystemTimeAsFileTime
GetVersionExA
TlsSetValue
OpenFileMappingA
GetStringTypeW
CreateMutexA
SetSystemTime
IsValidCodePage
OpenMutexA

user32

MessageBoxExA
CreateWindowExW
MessageBeep
GetTitleBarInfo
MapVirtualKeyExW
ToAscii
wvsprintfW
GetWindowModuleFileNameA
DefWindowProcW
SetDlgItemTextW
FrameRect
GetWindowTextLengthA
GetSysColorBrush
GetComboBoxInfo
GetPropA
UnhookWindowsHook
RegisterClassA
FillRect
DestroyAcceleratorTable
DlgDirListComboBoxA
CharPrevW
CopyRect
EnumWindows
SetTimer
MessageBoxA
GetNextDlgGroupItem
DrawCaption
CallMsgFilterA
ChangeDisplaySettingsW
SetSysColors
DdeCmpStringHandles
GetClassInfoA
OpenWindowStationW
DdeQueryStringA
WindowFromDC
ShowWindow
DlgDirListComboBoxW
EnableWindow
GetClipboardSequenceNumber
ReleaseCapture
LoadCursorFromFileA
PostThreadMessageW
CharPrevExA
MapVirtualKeyExA
OffsetRect
DdeGetData
SetMessageExtraInfo
DlgDirSelectExW
GetCaretPos
DrawAnimatedRects
EnableMenuItem
IsClipboardFormatAvailable
GetListBoxInfo
GetMessageW
InvalidateRect
GetCursorInfo
SetUserObjectSecurity
SubtractRect
ChangeClipboardChain
SetWindowPlacement
SetMenuContextHelpId
DdeInitializeW
SendDlgItemMessageW
RegisterClassExA
SetWindowWord
DestroyWindow
GetShellWindow

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

= ��uR
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55152996bb34155ed183929a458f37db

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 268KB - Virtual size: 266KB

.data Size: 104KB - Virtual size: 120KB

.rsrc Size: 36KB - Virtual size: 34KB

= ��uR Size: 20KB - Virtual size: 20KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 268KB - Virtual size: 266KB

.data
Size: 104KB - Virtual size: 120KB

.rsrc
Size: 36KB - Virtual size: 34KB

= ��uR
Size: 20KB - Virtual size: 20KB