c397b4c837fb54da986ebc5e82ff28cff37326fc36d6655f4269b59d3f378d18

Sharing

Copy URL Twitter E-mail

General

Target

c397b4c837fb54da986ebc5e82ff28cff37326fc36d6655f4269b59d3f378d18
Size

700KB
MD5

1c0f2d35a530b4c778f20a0bb74cc7da
SHA1

b677d515134a17e132e82832ef8ec1703b1b2e09
SHA256

c397b4c837fb54da986ebc5e82ff28cff37326fc36d6655f4269b59d3f378d18
SHA512

ce43c33060807cd7da7b8f82fd2358d487c10e1ed626ad2f5a8cfcc0f2dc9349f1f50ad9c19073dfc74f202b02f9e37984e7d9d3388a451314a8b8c3b8d9c680
SSDEEP

12288:8kFEyiVAXYpk7Ha4Lrp8G6JRWhozBA8J31:8kFEtPkrFrp8G6JOozBA8J31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c397b4c837fb54da986ebc5e82ff28cff37326fc36d6655f4269b59d3f378d18

Files

c397b4c837fb54da986ebc5e82ff28cff37326fc36d6655f4269b59d3f378d18
.exe windows:4 windows x86 arch:x86

19330d02c738f11a0cdaa8fbad5bed05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CreateFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FormatMessageW
GetCommandLineW
GetCurrentDirectoryW
GetDateFormatW
GetDiskFreeSpaceExW
GetDriveTypeW
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetLogicalDriveStringsW
GetModuleHandleW
GetNumberFormatW
GetProcAddress
GetStartupInfoW
GetTimeFormatW
GetVolumeInformationW
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
LocalFree
MulDiv
MultiByteToWideChar
SetCurrentDirectoryW
SetErrorMode
lstrcmpW
lstrcmpiW

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegSetValueExW

comctl32

CreateStatusWindowW
CreateToolbarEx
ImageList_Destroy
ImageList_DrawEx
ImageList_LoadImageW
InitCommonControlsEx

comdlg32

ChooseFontW
CommDlgExtendedError

gdi32

CreateFontIndirectW
CreateFontW
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteObject
ExtSelectClipRgn
GetClipRgn
GetDeviceCaps
GetObjectW
GetStockObject
GetTextExtentPoint32W
LineTo
MoveToEx
Rectangle
SelectClipRgn
SelectObject
SetBkMode
SetTextColor

mpr

WNetConnectionDialog
WNetDisconnectDialog
WNetGetLastErrorW

ole32

CoGetMalloc
CoInitialize
CoUninitialize

shell32

ExtractIconExW
ord18
ord25
SHBindToParent
SHFileOperationW
SHGetDataFromIDListW
SHGetDesktopFolder
ShellAboutW
ShellExecuteExW
ShellExecuteW

shlwapi

StrFormatByteSizeW

ucrtbase

__p___argc
__p___wargv
__stdio_common_vswprintf
_assert
_configure_wide_argv
_get_initial_wide_environment
_initialize_wide_environment
_set_app_type
_wsplitpath
exit
memcmp
memcpy
memmove
qsort
setlocale
tolower
wcsrchr

user32

BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcW
CharUpperW
CheckMenuItem
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DeferWindowPos
DestroyIcon
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawIconEx
DrawTextW
EndDeferWindowPos
EndDialog
EndPaint
FillRect
GetCapture
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetFocus
GetKeyState
GetMenuItemCount
GetMessageW
GetParent
GetScrollPos
GetSubMenu
GetSystemMetrics
GetWindow
GetWindowInfo
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
InvalidateRect
IsIconic
IsWindowVisible
IsZoomed
LoadAcceleratorsW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
MapWindowPoints
MessageBoxW
MoveWindow
PostQuitMessage
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollWindowEx
SendMessageW
SetCapture
SetCursor
SetDlgItemTextW
SetFocus
SetWindowLongW
SetWindowPlacement
SetWindowTextW
SetWindowsHookExW
ShowWindow
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WinHelpW
wsprintfW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19330d02c738f11a0cdaa8fbad5bed05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

mpr

ole32

shell32

shlwapi

ucrtbase

user32

version

Sections

.text Size: 44KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 192B

.rdata Size: 28KB - Virtual size: 25KB

/4 Size: 8KB - Virtual size: 6KB

.bss Size: - Virtual size: 3KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 224KB - Virtual size: 221KB

/14 Size: 4KB - Virtual size: 216B

/29 Size: 160KB - Virtual size: 158KB

/41 Size: 8KB - Virtual size: 4KB

/55 Size: 32KB - Virtual size: 28KB

/67 Size: 4KB - Virtual size: 56B

/80 Size: 4KB - Virtual size: 1KB

/91 Size: 48KB - Virtual size: 45KB

/102 Size: 8KB - Virtual size: 6KB

.text
Size: 44KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 192B

.rdata
Size: 28KB - Virtual size: 25KB

/4
Size: 8KB - Virtual size: 6KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 224KB - Virtual size: 221KB

/14
Size: 4KB - Virtual size: 216B

/29
Size: 160KB - Virtual size: 158KB

/41
Size: 8KB - Virtual size: 4KB

/55
Size: 32KB - Virtual size: 28KB

/67
Size: 4KB - Virtual size: 56B

/80
Size: 4KB - Virtual size: 1KB

/91
Size: 48KB - Virtual size: 45KB

/102
Size: 8KB - Virtual size: 6KB