6609c342b2ad448d9a1c3ff29b093004eb929a789c1ba569f950ff13a37db63e

Sharing

Copy URL Twitter E-mail

General

Target

6609c342b2ad448d9a1c3ff29b093004eb929a789c1ba569f950ff13a37db63e
Size

1.3MB
MD5

18f8f74f348603d7760480afac7e49c1
SHA1

6dfe312eddfcd7097283d4a4e5b605d059b889bc
SHA256

6609c342b2ad448d9a1c3ff29b093004eb929a789c1ba569f950ff13a37db63e
SHA512

7fac5575395015720fa3027b55a88aef948891ec04178381ab71c3c76a75e1d3dbd182657fd0e1de9fe14372e5945b8375e453caf5fb8330f1bb2343b890748c
SSDEEP

24576:m56DP3NXWyMpuVSlrpuLQmSzJQDuEnpp9+OxX5QpyDnMMMMMMyorXaLU6:m56b321fYJpf1xX3MMMMMMjeLU6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6609c342b2ad448d9a1c3ff29b093004eb929a789c1ba569f950ff13a37db63e

Files

6609c342b2ad448d9a1c3ff29b093004eb929a789c1ba569f950ff13a37db63e
.exe windows:5 windows x86 arch:x86

e06f09245d38c33633522c81b98b8b4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\build\winrar32\Release\WinRAR.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ord8
CreateStatusWindowW
ImageList_Destroy
ImageList_Create
ImageList_Remove
ImageList_AddMasked
ImageList_Add
PropertySheetW

shlwapi

StrCmpLogicalW
SHAutoComplete

uxtheme

IsAppThemed
IsThemeActive

kernel32

GetCurrentThread
SetPriorityClass
SetCurrentDirectoryW
GetFullPathNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
WaitForSingleObject
GetProcessAffinityMask
CreateEventW
CreateSemaphoreW
ReleaseSemaphore
ResetEvent
SetEvent
SystemTimeToFileTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
GetDateFormatW
GetTimeFormatW
GetTempPathW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetVersionExA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
ReleaseMutex
CreateMutexW
GetDiskFreeSpaceW
FindCloseChangeNotification
FindFirstChangeNotificationW
GetTickCount
GetModuleHandleExW
CopyFileW
GetCompressedFileSizeW
UpdateResourceW
EnumResourceLanguagesW
EndUpdateResourceW
EnumResourceNamesW
BeginUpdateResourceW
SetThreadPriority
GetNumberFormatW
GetLogicalDrives
ResumeThread
SuspendThread
GetCurrentThreadId
GetLocalTime
GetThreadPriority
GetPriorityClass
SetErrorMode
MulDiv
CompareFileTime
FindNextChangeNotification
WaitForMultipleObjects
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleA
LCMapStringW
LCMapStringA
HeapSize
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
IsDebuggerPresent
TerminateProcess
VirtualAlloc
VirtualFree
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
GetConsoleMode
GetConsoleCP
RaiseException
ExitThread
RtlUnwind
HeapReAlloc
CompareStringA
GetCurrentProcessId
LoadLibraryExW
LoadResource
SizeofResource
FindResourceW
GetFullPathNameW
GetCurrentDirectoryW
GetVersionExW
FindNextFileW
ExpandEnvironmentStringsW
GetVolumeInformationW
GetDiskFreeSpaceExW
GetDriveTypeW
FlushFileBuffers
GetFileType
GetFileTime
GetStdHandle
GetLongPathNameW
GetShortPathNameW
MoveFileW
FindFirstFileW
FindClose
DeviceIoControl
BackupSeek
BackupRead
FormatMessageW
LocalFree
GetCommandLineW
GetFileInformationByHandle
CreateHardLinkW
GetModuleHandleW
GetCurrentProcess
SetLastError
GetModuleFileNameW
HeapCreate
HeapDestroy
DosDateTimeToFileTime
LocalFileTimeToFileTime
HeapFree
HeapAlloc
Sleep
GetSystemTimeAsFileTime
RemoveDirectoryW
CreateDirectoryW
SetFileAttributesW
DeleteFileW
SetEndOfFile
WriteFile
ReadFile
GetProcAddress
SetFileTime
GetFileAttributesW
CloseHandle
SetFilePointer
GetFileSize
GetLastError
CreateFileW
LoadLibraryW
FreeLibrary
GetProcessHeap
SetEnvironmentVariableA
GetLocaleInfoW

user32

GetClipboardData
PostQuitMessage
SetMenu
InsertMenuW
LoadMenuW
RegisterClassW
LoadAcceleratorsW
GetMenuState
RegisterClassExW
TranslateMessage
DispatchMessageW
GetMessageW
CopyRect
ValidateRect
GetSysColor
CopyImage
FillRect
DrawIconEx
GetSystemMenu
SetTimer
KillTimer
SystemParametersInfoW
MessageBoxIndirectW
RedrawWindow
GetComboBoxInfo
IsCharUpperW
IsCharAlphaW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBeep
PeekMessageW
GetFocus
EnableMenuItem
MoveWindow
GetMenuItemID
LoadBitmapW
InsertMenuItemW
LoadImageW
RegisterWindowMessageW
BeginPaint
GetWindowTextLengthW
AppendMenuW
DrawMenuBar
GetMenu
GetSubMenu
DeleteMenu
GetMenuItemCount
ScreenToClient
ClientToScreen
CreatePopupMenu
TrackPopupMenu
DestroyMenu
CallWindowProcW
WaitForInputIdle
IsWindow
RegisterClipboardFormatW
GetKeyState
LoadCursorW
SetCursor
WindowFromPoint
GetWindowThreadProcessId
GetDC
ReleaseDC
GetDesktopWindow
GetCursorPos
EnableWindow
IntersectRect
SystemParametersInfoA
IsIconic
IsWindowEnabled
SetDlgItemInt
GetDlgItemInt
GetLastActivePopup
IsChild
PostThreadMessageW
CreateDialogParamW
SetScrollPos
ScrollWindowEx
PtInRect
SetScrollRange
LoadIconW
CreateDialogIndirectParamW
GetPropW
RemovePropW
BringWindowToTop
GetIconInfo
CreateIconIndirect
TranslateAcceleratorW
IsDialogMessageW
SetPropW
FindWindowW
CheckMenuItem
GetForegroundWindow
wsprintfW
OemToCharW
OemToCharA
CharToOemBuffA
OemToCharBuffA
CharToOemA
MessageBoxW
CharToOemBuffW
FindWindowExW
EnumWindows
CreateIcon
SetForegroundWindow
UpdateWindow
FlashWindow
IsDlgButtonChecked
ShowWindow
EnumChildWindows
PostMessageW
InvalidateRect
CheckDlgButton
DialogBoxParamW
DestroyIcon
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
GetParent
MapWindowPoints
GetDlgItem
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
DestroyWindow
CreateWindowExW
DefWindowProcW
SetFocus
CharUpperW
CharLowerW
ExitWindowsEx
CharLowerA
LoadStringW
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetClassNameW
SendMessageW
GetMenuItemInfoW
SetMenuItemInfoW
GetWindowLongW
SetWindowLongW
EndPaint

gdi32

Rectangle
TextOutA
MoveToEx
LineTo
GetDeviceCaps
CreatePatternBrush
SetPixel
CreateDIBSection
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
CreateCompatibleBitmap
StretchBlt
SetBkColor
ExtTextOutW
BitBlt
GetObjectW
CreateCompatibleDC
GetPixel
DeleteDC
CreatePen
CreateSolidBrush
SetTextColor
TextOutW
Polygon
Polyline
SelectObject
GetTextFaceW
GetTextMetricsW
CreateFontW
GetTextExtentPoint32W
DeleteObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
GetSecurityDescriptorLength
GetFileSecurityW
IsTextUnicode
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
DuplicateToken
MapGenericMask
AccessCheck
SetFileSecurityW
RegCloseKey

shell32

SHAddToRecentDocs
SHGetPathFromIDListW
FindExecutableW
DragFinish
DragQueryFileW
DragAcceptFiles
Shell_NotifyIconW
ShellExecuteW
ord100
SHFileOperationW
ShellExecuteExW
SHBrowseForFolderW
SHChangeNotify
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
CoTaskMemAlloc
CLSIDFromString
OleSetClipboard
DoDragDrop
CoInitializeEx

oleaut32

SysAllocString
VariantClear
VariantInit

Sections

.text
Size: 1005KB - Virtual size: 925KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e06f09245d38c33633522c81b98b8b4e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1005KB - Virtual size: 925KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 16KB - Virtual size: 676KB

.rsrc Size: 179KB - Virtual size: 179KB

.reloc Size: 55KB - Virtual size: 55KB

.text
Size: 1005KB - Virtual size: 925KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 16KB - Virtual size: 676KB

.rsrc
Size: 179KB - Virtual size: 179KB

.reloc
Size: 55KB - Virtual size: 55KB