59474be8c55aeb8ab7f2626447d7b412f6a91d2225cf37ad8feb09fe38ae2e81

Sharing

Copy URL Twitter E-mail

General

Target

59474be8c55aeb8ab7f2626447d7b412f6a91d2225cf37ad8feb09fe38ae2e81
Size

2.0MB
MD5

551d4ef5b785c3890b8447a713bf90b5
SHA1

4f026d505ee924de2e4cae518db06c772c4bed83
SHA256

59474be8c55aeb8ab7f2626447d7b412f6a91d2225cf37ad8feb09fe38ae2e81
SHA512

d7d61761a542e46ec2a65ccff2c1af6d2063ae99cfe68bf794425a03ca9044dd4afa1c5ccd97edeecb7d5174b024913930c323d4991cbbc68ab992b0e7e1fd52
SSDEEP

6144:Ta7uY5Yj8/IMZklZDNB4UteCIFaKmZhgm3qblM1GzKg6hG:mF5YqIMZklZDNB4UteCIwKmZDam1Gz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59474be8c55aeb8ab7f2626447d7b412f6a91d2225cf37ad8feb09fe38ae2e81

Files

59474be8c55aeb8ab7f2626447d7b412f6a91d2225cf37ad8feb09fe38ae2e81
.exe windows:4 windows x86 arch:x86

392cb2c95f5347a0c72d79a32e7334e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

shutdown

kernel32

CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
SetErrorMode
RtlUnwind
RaiseException
GetTimeZoneInformation
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
GetCurrentProcess
GetACP
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GlobalFlags
lstrcpynA
MulDiv
SetLastError
GetModuleFileNameA
GlobalAlloc
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetVersion
CreateDirectoryA
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetProfileStringA
lstrcmpA
GetSystemTime
GetLastError
CloseHandle
FreeLibrary
VirtualFree
VirtualAlloc
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapAlloc
TerminateProcess

user32

GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
PostMessageA
ReleaseDC
GetDC
IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
SetCursor
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
DestroyMenu
ClientToScreen
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
PeekMessageA
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
UnregisterClassA
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
MessageBoxA
SetForegroundWindow
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
PostQuitMessage
EnableWindow
LoadIconA
GetWindowRect
DispatchMessageA
SendMessageA
GetFocus
SetFocus
AdjustWindowRectEx
CopyRect
UnhookWindowsHookEx
DefWindowProcA
GetSubMenu

gdi32

SetBkColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetTextColor
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

Shell_NotifyIconA

comctl32

ord17
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

392cb2c95f5347a0c72d79a32e7334e5

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 348KB - Virtual size: 364KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 348KB - Virtual size: 364KB

.rsrc
Size: 36KB - Virtual size: 34KB