8337ce611b2a35634ee9dfa95915279ee6b3f66709f4edc5aebfba684b1f8376

Sharing

Copy URL Twitter E-mail

General

Target

8337ce611b2a35634ee9dfa95915279ee6b3f66709f4edc5aebfba684b1f8376
Size

1.7MB
MD5

cd37311881add931c26526b28707c4fd
SHA1

ad4f15ca9def2ab442a9f0d04cc11f1b8a31da89
SHA256

8337ce611b2a35634ee9dfa95915279ee6b3f66709f4edc5aebfba684b1f8376
SHA512

42c8f00c554c91b4e6bbc2b1006c5f965cdb9c3f23aad0d416fac9f830cac5ac1f7ed4c31823dc86516d9819b243bb02ae44f8402901c75fae3f2dfa26b909f7
SSDEEP

24576:qLqUOCe5DfgRoK0pDY9pVXo3CrZ2UWT4p6SmlPGc9q1QD93td8qLlOQEVJHi:mAeohBgoNHOQa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8337ce611b2a35634ee9dfa95915279ee6b3f66709f4edc5aebfba684b1f8376

Files

8337ce611b2a35634ee9dfa95915279ee6b3f66709f4edc5aebfba684b1f8376
.exe windows:4 windows x86 arch:x86

4977e52d3497ed306c7d397846918e43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
GetTextExtentPoint32W

user32

ShowWindow
CreateDialogParamW
PeekMessageW
LoadIconW
GetSysColor
DefDlgProcW
GetClientRect
RegisterClassW
SendMessageW
DrawIconEx
GetWindowThreadProcessId
IsDialogMessageW
DialogBoxParamW
wsprintfW
DispatchMessageW
GetWindowTextW
GetSystemMetrics
PostMessageW
SendDlgItemMessageW
SetDlgItemTextW
MessageBoxW
GetWindowLongW
FindWindowW
LoadCursorW
EnumWindows
EnableWindow
SetForegroundWindow
DestroyWindow
GetDlgItem
SetFocus
MsgWaitForMultipleObjects
EndDialog
TranslateMessage
SetCursor
SetWindowLongW
WinHelpW
DrawFocusRect

shell32

ShellExecuteW
SHGetFileInfoW
ExtractIconExW

shlwapi

StrCmpW
StrStrIW
StrCpyW
StrCpyNW
StrToIntW
SHDeleteKeyW
StrFormatKBSizeW

kernel32

CreateThread
WideCharToMultiByte
LocalAlloc
MulDiv
GetSystemDirectoryW
SetUnhandledExceptionFilter
GetProcAddress
GetEnvironmentStringsA
CreateEventW
OpenProcess
SetErrorMode
GetCommandLineW
LocalFree
lstrlenW
GetSystemTimeAsFileTime
WaitForSingleObject
LoadLibraryExW
GetStartupInfoA
GetVolumeInformationW
PulseEvent
GetModuleHandleA
LoadLibraryW
FormatMessageW
lstrcpyW
FreeLibrary
GetTickCount
GetDriveTypeW
GetCurrentProcess
GetLastError
GetDiskFreeSpaceW
SetEvent
CloseHandle
QueryPerformanceCounter
GetDiskFreeSpaceExW
GetCurrentProcessId

msvcrt

_initterm
__initenv
exit
_XcptFilter
_exit
_c_exit
__p__fmode
toupper
__setusermatherr
_cexit
__set_app_type
_except_handler3
_adjust_fdiv
_controlfp
__p__commode
__getmainargs

advapi32

RegCloseKey
RegEnumKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW

ole32

CoTaskMemFree
CLSIDFromString
CoInitialize
CoTaskMemAlloc
CoUninitialize
CoCreateInstance

comctl32

CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_Create
PropertySheetW

Sections

.text
Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 367KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4977e52d3497ed306c7d397846918e43

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

shell32

shlwapi

kernel32

msvcrt

advapi32

ole32

comctl32

Sections

.text Size: 748KB - Virtual size: 748KB

.rdata Size: 254KB - Virtual size: 253KB

.data Size: 367KB - Virtual size: 1.2MB

.rsrc Size: 339KB - Virtual size: 339KB

.reloc Size: 1024B - Virtual size: 796B

.text
Size: 748KB - Virtual size: 748KB

.rdata
Size: 254KB - Virtual size: 253KB

.data
Size: 367KB - Virtual size: 1.2MB

.rsrc
Size: 339KB - Virtual size: 339KB

.reloc
Size: 1024B - Virtual size: 796B