5123068f3fb1b16748a84efce3b4d937873e5b8356166d541944bc97c8b0e604

Sharing

Copy URL Twitter E-mail

General

Target

5123068f3fb1b16748a84efce3b4d937873e5b8356166d541944bc97c8b0e604
Size

192KB
MD5

d86949d4054e1daec73d320802b2cfd0
SHA1

dea4a597a6b5820056e23a9b35562f609c645b24
SHA256

5123068f3fb1b16748a84efce3b4d937873e5b8356166d541944bc97c8b0e604
SHA512

873b0045c4a939782c6de49fb19f67e47b415b11b42a7db5b07607a1a49d95a591b747fea79355ab81997b6d0e955dad0e4d2cc2dc136c4c251d0101e5ff23ba
SSDEEP

3072:9U7r0ez8gquveFUMMnMMMMMX7I7DeBBXhCL5SZSp0L7bMSnEPJQqES:988gVvvMMnMMMMMaeDhCr2wSn6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5123068f3fb1b16748a84efce3b4d937873e5b8356166d541944bc97c8b0e604

Files

5123068f3fb1b16748a84efce3b4d937873e5b8356166d541944bc97c8b0e604
.exe windows:5 windows x86 arch:x86

2f14a49ffd914462a04088bc87015e6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

LineTo
CreatePatternBrush
GetTextExtentPointA
GetTextColor
CreateHalftonePalette
Polyline
OffsetRgn
ExtSelectClipRgn
OffsetWindowOrgEx
BitBlt
FrameRgn
Rectangle
GetClipBox
DeleteDC
DeleteObject
SetWindowOrgEx
GetCharWidthA
RectVisible
ExtTextOutW
SetPixelV
CreateSolidBrush
CreateBitmapIndirect
Arc
Ellipse
SetDIBColorTable
MoveToEx
CombineRgn
ExtTextOutA
SaveDC
GetBitmapBits
GetViewportExtEx
CreatePalette
GetTextMetricsW
GetPixel
CreatePen
TranslateCharsetInfo
GetStockObject
SelectObject
TextOutW
GetCharWidthW
GetTextExtentPointW
SelectPalette
SetBrushOrgEx
SetPixel
SetBkMode
UnrealizeObject
CreateFontW
CreateRoundRectRgn
CreateCompatibleDC
CreateBitmap
RestoreDC
StretchDIBits
GetCurrentObject
CreateCompatibleBitmap
SetTextAlign
GetWindowExtEx
RealizePalette
FillRgn
GetDIBColorTable
SetDIBits
CreateFontIndirectW
ExcludeClipRect
CreateDIBSection
MaskBlt
CreateRectRgnIndirect
CreateRectRgn
GetBkColor
GetObjectW
GetTextAlign
GetTextCharsetInfo
SetTextColor
GetClipRgn
IntersectClipRect
EnumFontFamiliesExW
GetTextExtentPoint32W
GetNearestColor
GetDCOrgEx
CreatePolygonRgn
PatBlt
SetBkColor
GetPaletteEntries
SelectClipRgn
GetDeviceCaps
GetDIBits
StretchBlt

atl

AtlModuleRegisterClassObjects

ddraw

DirectDrawCreate

ntdll

RtlAddAuditAccessAceEx

advapi32

RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegOpenCurrentUser
RegCreateKeyExW
OpenProcessToken
RegOpenKeyExA
AllocateAndInitializeSid
RegQueryValueW
RegCloseKey
RegQueryValueExA
RegCreateKeyW
FreeSid
CheckTokenMembership

kernel32

GetVersionExA
HeapAlloc
TerminateProcess
GetStartupInfoA
HeapFree
HeapDestroy
GetLocaleInfoW
MultiByteToWideChar
LCMapStringA
IsBadWritePtr
GetNumberFormatW
GetStringTypeA
FreeResource
lstrcmpiA
SetFilePointer
lstrcmpA
LocalFree
ExitProcess
GetFileType
CloseHandle
lstrlenA
QueryPerformanceCounter
GetStringTypeExW
FindResourceExA
CreateThread
VirtualQuery
CreateFileW
SetStdHandle
WaitForSingleObject
GetTickCount
LoadLibraryA
GetCommandLineA
GlobalFree
GlobalUnlock
DeleteCriticalSection
GetACP
GetStringTypeW
FreeEnvironmentStringsW
GetLastError
InterlockedDecrement
GetModuleHandleW
GlobalHandle
GetCurrentProcess
GetEnvironmentStringsW
GetDateFormatW
VirtualFree
Sleep
GetOEMCP
GetWindowsDirectoryW
MulDiv
HeapCreate
FreeEnvironmentStringsA
TlsSetValue
SetLastError
LoadLibraryW
SizeofResource
GetSystemInfo
GetProcessHeap
EnterCriticalSection
GetCurrentProcessId
FindResourceW
GetTimeFormatW
MapViewOfFile
TlsGetValue
GlobalAddAtomW
CompareStringA
InterlockedCompareExchange
LockResource
CreateEventW
FindResourceExW
HeapReAlloc
GetLocaleInfoA
LCMapStringW
FlushFileBuffers
DisableThreadLibraryCalls
InitializeCriticalSection
LoadResource
LocalAlloc
CompareStringW
GetLocalTime
VirtualProtect
GetUserDefaultLangID
LocalReAlloc
GetThreadLocale
SetUnhandledExceptionFilter
EnumResourceLanguagesW
lstrlenW
EnumCalendarInfoW
GetStdHandle
lstrcpynW
LocalSize
GetProcAddress
GetSystemTimeAsFileTime
lstrcmpW
WideCharToMultiByte
SetHandleCount
lstrcmpiW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GlobalAlloc
UnmapViewOfFile
SetEvent
TlsAlloc
GetCPInfo
IsBadReadPtr
TlsFree
GetUserDefaultLCID
GetFileSize
LeaveCriticalSection
WriteFile
GetSystemDefaultLCID
FreeLibrary
GetEnvironmentStrings
UnhandledExceptionFilter
VirtualAlloc
InterlockedExchange
GetCurrentThreadId
InterlockedIncrement
CreateFileMappingW
GlobalReAlloc

Sections

.text
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f14a49ffd914462a04088bc87015e6d

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

atl

ddraw

ntdll

advapi32

kernel32

Sections

.text Size: 4KB - Virtual size: 1004B

.idata Size: 8KB - Virtual size: 5KB

.rdata Size: 32KB - Virtual size: 28KB

.rsrc Size: 128KB - Virtual size: 125KB

.data Size: 12KB - Virtual size: 352KB

.reloc Size: 4KB - Virtual size: 40B

.text
Size: 4KB - Virtual size: 1004B

.idata
Size: 8KB - Virtual size: 5KB

.rdata
Size: 32KB - Virtual size: 28KB

.rsrc
Size: 128KB - Virtual size: 125KB

.data
Size: 12KB - Virtual size: 352KB

.reloc
Size: 4KB - Virtual size: 40B