8d0192f807d3d21a0a828dac7698eb7d2718620ba6f7edd6d0389e328ebd46de

Sharing

Copy URL Twitter E-mail

General

Target

8d0192f807d3d21a0a828dac7698eb7d2718620ba6f7edd6d0389e328ebd46de
Size

876KB
MD5

80a7a169908c9480c178d85a7022acd6
SHA1

5ede92b5183f834c2b3d1f678b8a037b171ee7c3
SHA256

8d0192f807d3d21a0a828dac7698eb7d2718620ba6f7edd6d0389e328ebd46de
SHA512

691dd02ed9bf33d75be1c3c81fe21667e29d475a95dd9f0ba89abb737a145cb638d2584a3212701127261692a53d37121367d9436306d4d0025562b7bbbb28fc
SSDEEP

24576:IZ3cbYoC4mY+uDd5k9bXHLEtkxDtWI4AeFSOdf6daOhEj67obnkS:INWmY+wdyDUuSnB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d0192f807d3d21a0a828dac7698eb7d2718620ba6f7edd6d0389e328ebd46de

Files

8d0192f807d3d21a0a828dac7698eb7d2718620ba6f7edd6d0389e328ebd46de
.exe windows:4 windows x86 arch:x86

3081bdc726c5ce3115656d5f81d50d31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
mmioClose
mmioAscend
mmioSeek
mmioDescend
mmioOpenA

msacm32

acmStreamClose
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmFormatSuggest
acmStreamUnprepareHeader

imm32

ImmGetDefaultIMEWnd

d3d9

Direct3DCreate9

dsound

ord1

kernel32

GetLocaleInfoW
VirtualFree
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpiA
GlobalFree
GlobalHandle
lstrcmpA
lstrlenA
lstrcpyA
GetLocalTime
lstrcpynA
GlobalSize
CloseHandle
ReadFile
CreateFileA
GetTickCount
UnhandledExceptionFilter
WaitForSingleObject
CreateProcessA
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
InitializeCriticalSection
DeleteCriticalSection
SetFilePointer
GetFileSize
WriteFile
DeleteFileA
MoveFileA
LeaveCriticalSection
EnterCriticalSection
MulDiv
lstrcatA
SetCurrentDirectoryA
GetVersionExA
SetPriorityClass
GetCurrentProcess
GetLastError
CreateMutexA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
FreeLibrary
TerminateThread
ExitThread
SetThreadPriority
CreateThread
SetEvent
CreateEventA
ResetEvent
QueryPerformanceCounter
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
CopyFileA
GetFullPathNameA
WideCharToMultiByte
GetModuleHandleA
MapViewOfFile
CreateFileMappingA
CreateFileW
UnmapViewOfFile
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
HeapSize
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThreadId
SetLastError
TlsFree
GetUserDefaultLCID
TlsSetValue
TlsAlloc
TlsGetValue
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CompareFileTime

user32

PostThreadMessageA
FindWindowExA
LoadIconA
LoadImageA
RegisterClassExA
GetDesktopWindow
GetWindowRect
CreateWindowExA
UpdateWindow
PeekMessageA
TranslateMessage
GetMessageA
DispatchMessageA
UnregisterClassA
DestroyIcon
SetFocus
BeginPaint
EndPaint
DestroyWindow
PostQuitMessage
SetCapture
ReleaseCapture
DefWindowProcA
ShowCursor
MessageBoxA
GetClientRect
GetDC
ReleaseDC
DialogBoxParamA
ChangeDisplaySettingsA
EndDialog
GetDlgItem
GetWindowTextA
SendDlgItemMessageA
GetSystemMetrics
LoadCursorA
SetClassLongA
SetCursor
SetCursorPos
PtInRect
ClientToScreen
GetCursorPos
SetRect
CharUpperA
PostMessageA
GetWindow
ShowWindow
SetWindowTextA
SetForegroundWindow
SetWindowLongA
SetWindowPos
AdjustWindowRectEx
ClipCursor
CloseWindow
GetAsyncKeyState
wsprintfA
MsgWaitForMultipleObjects
EnumDisplayMonitors
EnumDisplayDevicesA
GetMonitorInfoA
SendMessageA
ScreenToClient

gdi32

SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
BitBlt
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetTextMetricsA
GetGlyphOutlineA
SetBkMode
GetStockObject
SetPolyFillMode

ole32

CoUninitialize
CoInitialize

vorbisfile

ov_clear
ov_read
ov_pcm_seek
ov_time_total
ov_open_callbacks
ov_test_callbacks

Sections

.text
Size: 636KB - Virtual size: 634KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3081bdc726c5ce3115656d5f81d50d31

Headers

File Characteristics

Imports

winmm

msacm32

imm32

d3d9

dsound

kernel32

user32

gdi32

ole32

vorbisfile

Sections

.text Size: 636KB - Virtual size: 634KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 32KB - Virtual size: 2.2MB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 636KB - Virtual size: 634KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 32KB - Virtual size: 2.2MB

.rsrc
Size: 100KB - Virtual size: 100KB