20ca223ce574ff363171facc5b49d050N

Sharing

Copy URL Twitter E-mail

General

Target

20ca223ce574ff363171facc5b49d050N
Size

753KB
MD5

20ca223ce574ff363171facc5b49d050
SHA1

fc303edc44439e7c4c23958242ed1b0cda7ba5e9
SHA256

ed18a8c8e54473048db63f78c11c9b4d51730336cdda462919fb36e384adefa6
SHA512

ff4e27e0daa3ed11a06bebdb2d3c217454148b14e993bb6caaf445ceb3c06b638e477001ecb57de70bf4ae349b47a2e63ea5a1dfeca5efea1ec77c240f51b737
SSDEEP

12288:vwo2WyGIBwnOBXXPBN9VAgrtfBB+BRYGAOsOP85hkDgotrKnnBwMCfi9JHKHY:vBbIBZV/BN5v+BuGAOs/TcgotqnBUfiF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20ca223ce574ff363171facc5b49d050N

Files

20ca223ce574ff363171facc5b49d050N
.exe windows:4 windows x86 arch:x86

1b11dedb678c579212753ec80e12fbb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA
CreatePropertySheetPageA
ord17

kernel32

DosDateTimeToFileTime
Sleep
RemoveDirectoryA
GlobalSize
WriteFile
LocalSize
FreeLibrary
GetProcAddress
LoadLibraryA
GetTempFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
ReleaseMutex
CreateMutexA
OpenMutexA
GlobalReAlloc
GetExitCodeProcess
MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
SystemTimeToFileTime
CreateProcessA
GetStringTypeW
GetStringTypeA
LocalFileTimeToFileTime
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapReAlloc
HeapFree
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
RtlUnwind
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
lstrcmpiA
GlobalUnlock
SetFileAttributesA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFileTime
DeleteFileA
CloseHandle
GetModuleFileNameA
SetFilePointer
ReadFile
LocalFree
GlobalAlloc
GlobalLock
LocalAlloc
CreateFileA
GetFileSize
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
lstrcatA
lstrcpyA
GlobalFree
lstrcpynA
GetModuleHandleA
GetTickCount
lstrlenA
LCMapStringW

user32

DrawEdge
SetRectEmpty
GetSysColor
FillRect
SetFocus
CheckDlgButton
EnableWindow
IsDlgButtonChecked
GetScrollInfo
SetTimer
LoadBitmapA
GetParent
SendDlgItemMessageA
GetWindowLongA
SetWindowPos
SetPropA
PostMessageA
DrawTextExA
DialogBoxParamA
DestroyWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
KillTimer
GetCursorPos
SystemParametersInfoA
OffsetRect
GetWindowTextA
SetWindowTextA
SetClassLongA
SetDlgItemTextA
wsprintfA
SendMessageA
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
PostQuitMessage
LoadIconA
LoadImageA
RegisterClassExA
CreateWindowExA
AdjustWindowRect
GetSystemMetrics
GetSystemMenu
EnableMenuItem
SetWindowLongA
UpdateWindow
InvalidateRect
SetRect
DrawTextA
MessageBoxA
GetDlgItem
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
EndDialog
MoveWindow
ShowWindow
CallWindowProcA

gdi32

CreatePen
DeleteDC
BitBlt
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
CreateDIBitmap
SelectObject
SetStretchBltMode
SetBkColor
CreateFontIndirectA
GetStockObject
SelectClipRgn
SetTextAlign
CreateRectRgn
CreateBrushIndirect
GetTextFaceA
CreateSolidBrush
Rectangle
DeleteObject
SetBkMode
SetTextColor
TextOutA
StretchBlt
CreateFontA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
GetUserNameA
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHBrowseForFolderA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b11dedb678c579212753ec80e12fbb4

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 74KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 74KB

.rsrc
Size: 32KB - Virtual size: 28KB