405d3dc3b5dff14ec40d903e524a654cbcc95c762e837707b8b89c442fe38a42

Sharing

Copy URL Twitter E-mail

General

Target

405d3dc3b5dff14ec40d903e524a654cbcc95c762e837707b8b89c442fe38a42
Size

597KB
MD5

dc38bd6fb92efab4ab149b7b4918ec86
SHA1

de6e0a8b45cfb062d9a39c9f0743989099457e77
SHA256

405d3dc3b5dff14ec40d903e524a654cbcc95c762e837707b8b89c442fe38a42
SHA512

c7cd487552d18a6636b6233cbdf100c1b838ef037c747b6db2adb68a56710593adb020772ec4d5c6bd5cefe6cc5494b6fedb860f192382503efa70754e03a4a6
SSDEEP

12288:f6x6DDaNUxChWU8xF8fzrItEBl9oDHvDpY6phxR:f6x6D5AhY2rRBl9oDPa6phxR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
405d3dc3b5dff14ec40d903e524a654cbcc95c762e837707b8b89c442fe38a42

Files

405d3dc3b5dff14ec40d903e524a654cbcc95c762e837707b8b89c442fe38a42
.exe windows:4 windows x86 arch:x86

96af884d625faf405b3f7cdb470d1c7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
CreateToolbarEx
CreateStatusWindowW
ord17
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
PropertySheetW

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

gdi32

DeleteObject

oleaut32

VariantClear
SysAllocString
SysAllocStringLen
SysStringByteLen
SysFreeString
VariantCopy
SysStringLen

ole32

OleUninitialize
OleInitialize
RegisterDragDrop
CoTaskMemAlloc
DoDragDrop
CoCreateInstance
CoTaskMemFree
ReleaseStgMedium
CoUninitialize
RevokeDragDrop
CoInitialize

user32

UpdateWindow
SetTimer
MapVirtualKeyW
EnableMenuItem
RemoveMenu
CheckMenuRadioItem
CheckMenuItem
GetMenu
LoadMenuW
SetMenu
DrawMenuBar
GetSubMenu
SendDlgItemMessageW
IsDlgButtonChecked
CheckDlgButton
CheckRadioButton
IsZoomed
WindowFromPoint
ReleaseCapture
SetCapture
GetCapture
LoadIconW
GetWindowPlacement
SetWindowPlacement
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
PostQuitMessage
SetCursor
ClientToScreen
AppendMenuW
TrackPopupMenuEx
SetDlgItemTextW
GetFocus
GetKeyState
InvalidateRect
PostMessageW
SetWindowTextW
EndDialog
EnableWindow
DestroyWindow
SetFocus
LoadBitmapW
CreatePopupMenu
DestroyMenu
MessageBoxW
DefWindowProcW
GetClassInfoW
LoadCursorW
RegisterClassW
CallWindowProcW
CreateWindowExW
DialogBoxParamW
SetWindowLongW
GetWindowLongW
GetParent
ShowWindow
MoveWindow
ScreenToClient
GetDlgItem
GetWindowRect
MapDialogRect
MonitorFromWindow
GetMonitorInfoA
SystemParametersInfoW
GetDialogBaseUnits
GetWindowTextLengthW
GetWindowTextW
SendMessageW
RegisterClipboardFormatW
LoadStringW
InsertMenuItemW
SetMenuItemInfoW
GetMenuItemInfoW
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
CharUpperW
ChildWindowFromPointEx
IsWindowEnabled
GetCursorPos
GetMenuItemCount
DestroyIcon
KillTimer
GetClientRect

advapi32

GetFileSecurityW
RegOpenKeyExA
RegQueryValueExA
LsaAddAccountRights
LsaClose
GetUserNameW
LsaOpenPolicy
LookupAccountNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

shell32

SHChangeNotify
ExtractIconExW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW

msvcrt

wcslen
_acmdln
exit
_XcptFilter
_exit
_onexit
_controlfp
__set_app_type
__dllonexit
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
memcpy
__CxxFrameHandler
_CxxThrowException
memmove
strcmp
wcsstr
wcscmp
malloc
free
srand
rand
memset
?terminate@@YAXXZ
strlen
_purecall
memcmp
_beginthreadex
_except_handler3
??1type_info@@UAE@XZ
__getmainargs

kernel32

OpenProcess
GetSystemDefaultLangID
GetUserDefaultLangID
MoveFileWithProgressW
CopyFileExW
FindNextChangeNotification
GetCompressedFileSizeW
GetVersionExW
GetCommandLineW
GetVersion
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateEventW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WaitForSingleObject
WaitForMultipleObjects
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GlobalMemoryStatus
GlobalSize
lstrlenW
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
CreateProcessW
GetModuleHandleW
GetCurrentProcess
GlobalFree
GlobalAlloc
SetEndOfFile
CreateToolhelp32Snapshot
ReadFile
DeviceIoControl
SetFilePointer
GetFileSize
GetLogicalDriveStringsW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetFileAttributesW
GetModuleHandleA
GetProcAddress
FindNextFileW
FindFirstFileW
Process32NextW
GetStdHandle
GetFileInformationByHandle
GetCurrentThreadId
GetCurrentProcessId
GetTempPathW
GetCurrentDirectoryW
SetLastError
DeleteFileW
CreateDirectoryW
CreateHardLinkW
MoveFileW
RemoveDirectoryW
SetFileAttributesW
CreateFileW
SetFileTime
CloseHandle
GetWindowsDirectoryW
FormatMessageW
LocalFree
GetModuleFileNameW
LoadLibraryW
LoadLibraryExW
FreeLibrary
GlobalLock
GlobalUnlock
HeapAlloc
GetProcessHeap
HeapFree
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetVolumeInformationW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetTickCount
Sleep
SetPriorityClass
ExpandEnvironmentStringsW
VirtualAlloc
VirtualFree
SetEvent
InitializeCriticalSection
LoadLibraryA
FindClose
Process32FirstW
LocalAlloc
InterlockedExchange
RaiseException
GetStartupInfoA
WriteFile

Sections

.text
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96af884d625faf405b3f7cdb470d1c7e

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

gdi32

oleaut32

ole32

user32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 428KB - Virtual size: 427KB

.rdata Size: 87KB - Virtual size: 87KB

.data Size: 512B - Virtual size: 2KB

.sxdata Size: 512B - Virtual size: 4B

.rsrc Size: 51KB - Virtual size: 51KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 428KB - Virtual size: 427KB

.rdata
Size: 87KB - Virtual size: 87KB

.data
Size: 512B - Virtual size: 2KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 28KB - Virtual size: 27KB