d53af5bcefcce21caf80798cd0c19f83e4f0a66290f810b52365cf58c7a6cec4

Sharing

Copy URL Twitter E-mail

General

Target

d53af5bcefcce21caf80798cd0c19f83e4f0a66290f810b52365cf58c7a6cec4
Size

130KB
MD5

8342adfc90bb057b99ec03f4ff7ef534
SHA1

481291173ebe03aa5d2627c4f88974ea525695ca
SHA256

d53af5bcefcce21caf80798cd0c19f83e4f0a66290f810b52365cf58c7a6cec4
SHA512

a51713226c1ebca09acf53d03a1b1d2315d164097b874a0f5cf58a54f2be230c807491cb4cfdcb3409c065330ad284264f6196bf18f6a7b6fdaf5a01f2ae1687
SSDEEP

3072:7vDJvgsTpt4GqE6LFjQLxXF26rQEuy3YxqIj8kzy5bo3Ovuk:/Khu6LFjiXF260EuKYxqIj8kzy5boC9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d53af5bcefcce21caf80798cd0c19f83e4f0a66290f810b52365cf58c7a6cec4

Files

d53af5bcefcce21caf80798cd0c19f83e4f0a66290f810b52365cf58c7a6cec4
.exe windows:5 windows x86 arch:x86

afe26738d5224973969b2178596c416e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

regedit.pdb

Imports

msvcrt

__p__commode
_initterm
__getmainargs
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_controlfp
_acmdln
exit
_cexit
_exit
_c_exit
iswprint
swprintf
wcslen
wcscpy
_purecall
iswctype
_except_handler3
_resetstkoflw
_vsnwprintf
memmove
wcscmp
wcsrchr
wcschr
wcsncmp
_XcptFilter

advapi32

RegQueryValueExA
InitializeAcl
SetSecurityDescriptorDacl
RegOpenKeyExA
InitializeSecurityDescriptor
RegDeleteValueW
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetInheritanceSourceW
LookupAccountSidW
GetSidSubAuthorityCount
GetSidSubAuthority
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
SetSecurityInfo
SetNamedSecurityInfoW
GetNamedSecurityInfoW
MapGenericMask
RegSetValueExA
RegSetValueW
RegFlushKey
RegSaveKeyW
RegRestoreKeyW
RegConnectRegistryW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyW
RegEnumValueW
RegOpenKeyW
RegEnumKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegQueryInfoKeyW
RegDeleteKeyW

kernel32

DeleteFileW
WriteFile
WideCharToMultiByte
CreateFileW
OutputDebugStringW
GetLastError
SetFilePointer
GetFileSize
SearchPathW
GetTimeFormatW
GetDateFormatW
GetSystemDefaultLCID
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
MulDiv
lstrcpynW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
ReadFile
MultiByteToWideChar
lstrcmpW
FormatMessageW
GetThreadLocale
GetModuleHandleW
ExitProcess
GetCommandLineW
GetProcessHeap
lstrcpyW
LocalAlloc
GetCurrentProcess
CloseHandle
lstrcmpiW
LocalFree
GetComputerNameW
lstrlenW
LocalReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcAddress
LoadLibraryA

gdi32

GetStockObject
SetAbortProc
StartDocW
StartPage
SetViewportOrgEx
EndPage
EndDoc
AbortDoc
DeleteDC
CreateBitmap
CreatePatternBrush
PatBlt
ExcludeClipRect
SelectClipRgn
DeleteObject
SetBkColor
SetTextColor
ExtTextOutW
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW

user32

SetWindowLongW
DefWindowProcW
ReleaseDC
GetDC
SetScrollInfo
DestroyCaret
ReleaseCapture
KillTimer
SetCaretPos
ScrollWindowEx
InvalidateRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
WinHelpW
EndDialog
GetWindowLongW
ShowCaret
CreateCaret
CharLowerW
MessageBeep
DestroyMenu
TrackPopupMenuEx
IsClipboardFormatAvailable
EnableMenuItem
GetSubMenu
LoadMenuW
SetFocus
SetDlgItemTextW
EndPaint
BeginPaint
SetTimer
SetCapture
GetKeyState
RegisterClassW
LoadCursorW
RegisterClipboardFormatW
CheckRadioButton
SendMessageW
GetWindowTextW
GetParent
GetDlgItemTextW
IsDlgButtonChecked
GetDlgCtrlID
CallWindowProcW
GetWindowTextLengthW
GetDlgItemInt
PostQuitMessage
GetWindowPlacement
SetWindowTextW
EnableWindow
DialogBoxParamW
DrawMenuBar
SendDlgItemMessageW
DeleteMenu
SetMenuItemInfoW
GetMenu
GetMenuItemInfoW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsIconic
DestroyIcon
LoadImageW
GetSysColor
SetCursor
ShowCursor
ShowWindow
SetWindowPlacement
CreateWindowExW
GetMessageW
ScreenToClient
SetCursorPos
DispatchMessageW
ClientToScreen
GetProcessDefaultLayout
GetDesktopWindow
LoadIconW
PostMessageW
SetMenuDefaultItem
InsertMenuW
GetMenuItemID
CheckMenuItem
UpdateWindow
RegisterClassExW
CharNextW
GetClientRect
DestroyWindow
CreateDialogParamW
CheckDlgButton
DrawAnimatedRects
IntersectRect
ModifyMenuW
GetMessagePos
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
FindWindowW
LoadStringW
GetWindow
IsDialogMessageW
PeekMessageW
MessageBoxW
CharUpperBuffW
CharUpperW
IsCharAlphaNumericW
wsprintfW
GetDlgItem
GetWindowRect
GetSystemMetrics
MoveWindow
MapWindowPoints
InsertMenuItemW
SetWindowPos
HideCaret

comctl32

ord236
ord340
InitCommonControlsEx
ord365
ord334
ImageList_SetBkColor
ImageList_Destroy
ord2
ord4
ImageList_ReplaceIcon
ord338
ord337
ord329
ord359
CreateStatusWindowW
ord358
ImageList_Create
ord363

comdlg32

GetOpenFileNameW
GetSaveFileNameW
PrintDlgExW

shell32

DragFinish
DragQueryFileW
ShellAboutW

authz

AuthzInitializeContextFromSid
AuthzAccessCheck
AuthzFreeContext
AuthzFreeResourceManager
AuthzInitializeResourceManager

aclui

ord2

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
ReleaseStgMedium

ulib

??0ARRAY@@QAE@XZ
?Initialize@ARRAY@@QAEEKK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
?Initialize@WSTRING@@QAEEPBGK@Z
?Resize@DSTRING@@UAEEK@Z
?NewBuf@DSTRING@@UAEEK@Z
??1OBJECT@@UAE@XZ
??1DSTRING@@UAE@XZ
??0OBJECT@@IAE@XZ
?Compare@OBJECT@@UBEJPBV1@@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
??0DSTRING@@QAE@XZ

clb

ClbAddData
ClbSetColumnWidths

ntdll

RtlFreeHeap
RtlAllocateHeap

shlwapi

PathAppendW

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

afe26738d5224973969b2178596c416e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

comctl32

comdlg32

shell32

authz

aclui

ole32

ulib

clb

ntdll

shlwapi

Sections

.text Size: 95KB - Virtual size: 95KB

.data Size: 1024B - Virtual size: 260KB

.rsrc Size: 32KB - Virtual size: 96KB

.text
Size: 95KB - Virtual size: 95KB

.data
Size: 1024B - Virtual size: 260KB

.rsrc
Size: 32KB - Virtual size: 96KB