67b8e310e235eebd76774a70ab5e69e6231111a22f596849056bde9befec1454

Sharing

Copy URL Twitter E-mail

General

Target

67b8e310e235eebd76774a70ab5e69e6231111a22f596849056bde9befec1454
Size

384KB
MD5

e5a3da32df57bf4fab3249fd49be8f9c
SHA1

7efcc316e6a51e3928cf59e4bd44e0e57dfa6b39
SHA256

67b8e310e235eebd76774a70ab5e69e6231111a22f596849056bde9befec1454
SHA512

e6ef6a7572fa24cd401ee44d03e1be3df6001de46120ceff48bb82f87e889714b94b991d33996e76bf78449c7c1567e73332b4527d470323f56a817330c59b68
SSDEEP

6144:pnY+u1E70hGzL/yCRGjimXWdZ6HrrNvuNVpppppppppppppppppppppppppppppO:pnRCCRnVDQrrNWNVpppppppppppppppa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67b8e310e235eebd76774a70ab5e69e6231111a22f596849056bde9befec1454

Files

67b8e310e235eebd76774a70ab5e69e6231111a22f596849056bde9befec1454
.exe windows:5 windows x86 arch:x86

4e387be8484b36799ae34c6e1e0d298e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AdjustWindowRect
GetKeyboardType
BeginDeferWindowPos
FindWindowW
CharNextW
SendMessageW
SetForegroundWindow
ArrangeIconicWindows
MessageBoxA
SetTimer
CharPrevW
AnyPopup
LoadStringA
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW

shell32

ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromProgID

gdi32

GetStockObject

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
CreateFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
FormatMessageA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
GetNumberOfConsoleMouseButtons
FileTimeToDosDateTime
SetTimerQueueTimer
GetThreadLocale
VirtualQueryEx
FindAtomA
HeapReAlloc
HeapSize
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
OpenEventW
LoadLibraryA
RaiseException
DeviceIoControl
GetCurrentDirectoryW
QueryDosDeviceW
GetLogicalDriveStringsW
GetVolumeInformationW
ReadFile
GetExitCodeProcess
GetDiskFreeSpaceExW
GetDriveTypeW
Sleep
WaitForSingleObject
GetCommandLineW
GetDateFormatW
GetTimeFormatW
GlobalAlloc
GlobalFree
SetLastError
CreateMutexW
OpenMutexW
ReleaseMutex
CopyFileW
IsValidLocale
GetModuleFileNameW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileSectionW
GetWindowsDirectoryW
CreateProcessW
LoadLibraryW
FreeLibrary
GetCurrentProcess
GetVersionExA
GetPrivateProfileStringW
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
DeleteFileW
CreateFileW
SetFilePointer
WideCharToMultiByte
lstrlenA
WriteFile
lstrcmpW
GetProcessHeap
HeapAlloc
HeapFree
GetTempPathW
FindNextFileW
CloseHandle
CreateDirectoryW
ExpandEnvironmentStringsW
GetFullPathNameW
GetSystemDirectoryW
FindFirstFileW
FindClose
GetFileAttributesW
FormatMessageW
LocalReAlloc
LocalAlloc
GetLastError
lstrcmpiW
lstrlenW
LocalFree
VirtualProtect
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
RtlUnwind
GetTimeZoneInformation
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
VirtualFree

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e387be8484b36799ae34c6e1e0d298e

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

gdi32

version

kernel32

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 40KB - Virtual size: 63KB

.rsrc Size: 239KB - Virtual size: 239KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 40KB - Virtual size: 63KB

.rsrc
Size: 239KB - Virtual size: 239KB