001603c652e8cde8be95dc81bee6c9729106de60a1a5d07f753d567f1c23bc7a

Sharing

Copy URL Twitter E-mail

General

Target

001603c652e8cde8be95dc81bee6c9729106de60a1a5d07f753d567f1c23bc7a
Size

11.1MB
MD5

669a1e453780c103f8161bb7151545ec
SHA1

baf55ea98ab5752a85eda47b852a8d8c5a07abef
SHA256

001603c652e8cde8be95dc81bee6c9729106de60a1a5d07f753d567f1c23bc7a
SHA512

5d9e07f136282597197be936332597470a9695562e31133902735f370c850eead8bf6f675a40918392ea6e5152ad3a112356fedb1cd47b23ee2b2eb0f76aab1d
SSDEEP

196608:rz5n0LgrdlFwKfSQ/BFXz0TDkmeYdQfJSlFwKfSQ/BFXz0TDkmeYdQfgb:rmgPFwy7ATDUwZFwy7ATDUwp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
001603c652e8cde8be95dc81bee6c9729106de60a1a5d07f753d567f1c23bc7a

Files

001603c652e8cde8be95dc81bee6c9729106de60a1a5d07f753d567f1c23bc7a
.exe windows:4 windows x86 arch:x86

90bc04cd771dd9666e2f7a223698dc3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
MoveFileExA
GetCurrentProcess
GetDriveTypeA
GetModuleFileNameA
GetVersionExA
GetVersion
CompareStringA
GetTimeZoneInformation
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
FormatMessageA
LCMapStringW
LCMapStringA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
RemoveDirectoryA
MoveFileA
RtlUnwind
DeleteFileA
SetEnvironmentVariableA
CreateDirectoryA
HeapFree
HeapAlloc
HeapCompact
TerminateProcess
ExitProcess
CopyFileA
SetFileTime
OpenFile
GetFileAttributesA
SetFileAttributesA
SetErrorMode
GetPrivateProfileStringA
WritePrivateProfileStringA
LoadLibraryExA
FindResourceA
GetTickCount
GetFullPathNameA
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
GetTempPathA
GetShortPathNameA
GetExitCodeProcess
CompareStringW
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateProcessA
Sleep
lstrcatA
lstrlenA
WinExec
LoadLibraryA
GetProcAddress
FreeLibrary
GetDiskFreeSpaceA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetLastError
FindFirstFileA
FindClose
GetWindowsDirectoryA
GetCPInfo
GetSystemDirectoryA

user32

ExitWindowsEx
IsIconic
PostQuitMessage
DefWindowProcA
AdjustWindowRectEx
DialogBoxParamA
EndDialog
CheckDlgButton
SetTimer
KillTimer
SendDlgItemMessageA
GetFocus
BringWindowToTop
GetLastActivePopup
SendMessageA
GetWindow
FindWindowA
LoadCursorA
LoadIconA
PostMessageA
GetSysColor
ScreenToClient
GetWindowRect
GetDlgItem
EndPaint
BeginPaint
GetClientRect
FillRect
DrawTextA
GetSystemMetrics
GetDlgItemTextA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
IsDlgButtonChecked
CheckRadioButton
SetFocus
GetParent
UpdateWindow
IsWindowVisible
InvalidateRect
CreateDialogParamA
RedrawWindow
PeekMessageA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetDlgItemTextA
SetWindowTextA
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExA
GetWindowLongA
IsWindowEnabled
CallWindowProcA
ValidateRect
SetWindowLongA
GetClassNameA
MessageBoxA
EnableWindow
SendMessageTimeoutA
wsprintfA
RegisterClassA

gdi32

CreatePalette
SetBkColor
ExtTextOutA
GetSystemPaletteEntries
AddFontResourceA
RemoveFontResourceA
GetStockObject
GetDeviceCaps
DeleteDC
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
CreateHalftonePalette
CreateDIBPatternBrush
CreateSolidBrush
SetBrushOrgEx
SetStretchBltMode
StretchDIBits
CreateFontIndirectA
SetBkMode
SetTextColor

comdlg32

GetOpenFileNameA

advapi32

RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish
ShellExecuteA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
DragAcceptFiles

ole32

CoGetMalloc
CoCreateInstance
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

comctl32

ord17

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90bc04cd771dd9666e2f7a223698dc3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

version

comctl32

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 24KB - Virtual size: 24KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 12KB - Virtual size: 10KB