f718559d0fe371225827f2031e2e55886e5cdb131b09f823f07c56236719c60d

Sharing

Copy URL Twitter E-mail

General

Target

f718559d0fe371225827f2031e2e55886e5cdb131b09f823f07c56236719c60d
Size

1.6MB
MD5

54d42837199a9faa837f0279473d78b2
SHA1

d011eae3a35ad3598118f2d943a3164c563acfb4
SHA256

f718559d0fe371225827f2031e2e55886e5cdb131b09f823f07c56236719c60d
SHA512

87f89f0008003b6c9454cd564325c9ffb4bb0bd6107638664ba55df43f37d2c3581fd255f65298ad6aaf2201b161c15cd8ef2350df4d3064b0af82238de02ee1
SSDEEP

24576:UEoQhT1p7R0CFVKXzzWwzTRZClthWmelYBtjR:UcL2DztKthWmelYBtF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f718559d0fe371225827f2031e2e55886e5cdb131b09f823f07c56236719c60d

Files

f718559d0fe371225827f2031e2e55886e5cdb131b09f823f07c56236719c60d
.exe windows:6 windows x86 arch:x86

e908d927ae02342c707892021ccf0923

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Work\v33\Install\Install\Release\Install.pdb

Imports

kernel32

SetFileAttributesW
GetFileAttributesW
LoadLibraryExA
VirtualQuery
lstrlenW
MulDiv
GetCommandLineW
GetModuleHandleW
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcessId
GetThreadId
GetCurrentThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
MultiByteToWideChar
GetVersionExW
Sleep
GetModuleFileNameW
GetSystemDirectoryW
GetWindowsDirectoryW
GetDriveTypeW
GetDiskFreeSpaceExW
RemoveDirectoryW
CreateFileW
DeleteFileW
SetFileTime
SetPriorityClass
CreatePipe
SetHandleInformation
GetStdHandle
CreateProcessW
ReadFile
WaitForMultipleObjects
GetExitCodeProcess
TerminateProcess
GetSystemInfo
CreateToolhelp32Snapshot
Process32First
Process32Next
LoadLibraryExW
FreeLibrary
GetProcAddress
GetLongPathNameW
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
FindFirstFileW
FindClose
FindNextFileW
SetFilePointer
GetFileSize
WriteFile
FlushFileBuffers
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetCurrentThreadId
GetThreadPriority
WideCharToMultiByte
GlobalSize
GetTimeZoneInformation
GetLocalTime
CreateEventW
GetCurrentProcess
SetEvent
ResetEvent
WaitForSingleObject
SetThreadPriority
ResumeThread
RaiseException
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
GetPrivateProfileStringW
QueryPerformanceCounter
QueryPerformanceFrequency
GetStringTypeW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetFullPathNameW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapFree
HeapAlloc
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
VirtualProtect
LCMapStringW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetFileSizeEx
HeapReAlloc
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW
CopyFileW
MoveFileW
CloseHandle
GetLastError
TerminateThread
CreateMutexW
HeapQueryInformation

user32

MessageBeep
DefWindowProcW
GetWindowLongW
SetWindowLongW
PeekMessageW
FlashWindowEx
DestroyIcon
CreateWindowExW
SetClipboardViewer
ChangeClipboardChain
ValidateRect
IsWindow
DestroyWindow
IsZoomed
IsIconic
EnableWindow
IsWindowEnabled
ShowWindow
SetWindowTextW
SetWindowPos
GetWindowRect
GetClientRect
ClientToScreen
RedrawWindow
InvalidateRect
UpdateWindow
SetWindowRgn
GetParent
SetParent
GetLastActivePopup
GetDesktopWindow
GetCapture
SetCapture
ReleaseCapture
GetForegroundWindow
AttachThreadInput
SetForegroundWindow
SetTimer
KillTimer
GetDoubleClickTime
FindWindowW
EnumWindows
WaitMessage
FindWindowExW
GetClassNameW
GetWindow
WindowFromPoint
BeginPaint
GetWindowTextLengthW
GetWindowTextW
GetCursorPos
SetCursor
EnumDisplayMonitors
MonitorFromRect
GetSystemMetrics
GetMonitorInfoW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetWindowPlacement
SetWindowPlacement
GetMessagePos
RegisterClipboardFormatW
SetClipboardData
EmptyClipboard
DestroyCursor
DrawIcon
CreateIconFromResource
CreateCursor
IsClipboardFormatAvailable
OpenClipboard
GetWindowThreadProcessId
RegisterWindowMessageW
SendMessageW
MessageBoxW
LockSetForegroundWindow
RegisterClassW
GetClassInfoW
UnregisterClassW
EndPaint
GetGUIThreadInfo
MapVirtualKeyExW
PostMessageW
GetKeyboardLayout
LoadImageW
LoadBitmapW
SendInput
GetKeyState
MapVirtualKeyW
MsgWaitForMultipleObjects
SystemParametersInfoW
ExitWindowsEx
CloseClipboard
LoadCursorW
GetClipboardData

gdi32

SelectObject
CreateRectRgn
Ellipse
CreateSolidBrush
AddFontResourceW
RestoreDC
SaveDC
CreateEllipticRgn
DeleteObject

advapi32

RegSetValueExW
RegEnumKeyW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW

ole32

CoCreateGuid
CoUninitialize
OleInitialize
CoInitialize
CoTaskMemFree
OleUninitialize
CoCreateInstance
CoFreeUnusedLibraries

oleaut32

SysFreeString
SysAllocString

imm32

ImmGetCompositionStringW
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fptable
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e908d927ae02342c707892021ccf0923

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

imm32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 348KB - Virtual size: 348KB

.data Size: 22KB - Virtual size: 27KB

.fptable Size: 512B - Virtual size: 128B

.rsrc Size: 111KB - Virtual size: 111KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 348KB - Virtual size: 348KB

.data
Size: 22KB - Virtual size: 27KB

.fptable
Size: 512B - Virtual size: 128B

.rsrc
Size: 111KB - Virtual size: 111KB