b229fd6f45338ee403e34b2eac4bfc529987d6d0d30051370be2ca441f9b90fc

Sharing

Copy URL Twitter E-mail

General

Target

b229fd6f45338ee403e34b2eac4bfc529987d6d0d30051370be2ca441f9b90fc
Size

413KB
MD5

1bd72d781d4e717f604a251bbd3d77d8
SHA1

837cf66ccc9fa05a50165ad83f60b20073e0978f
SHA256

b229fd6f45338ee403e34b2eac4bfc529987d6d0d30051370be2ca441f9b90fc
SHA512

99b71adbc8d54052a42dc9f2654cb15f00a11a65aa036d3ab65264d8e2b0a75623efd88239ed74ca6d5860a2e6f0c38a8354c57e76e309d6c84b5a03da25d1ff
SSDEEP

12288:bbpD6uZFWtAoSFPZYLlHzVlI99mtFLYCB5:b4L5zVlI9SVYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b229fd6f45338ee403e34b2eac4bfc529987d6d0d30051370be2ca441f9b90fc

Files

b229fd6f45338ee403e34b2eac4bfc529987d6d0d30051370be2ca441f9b90fc
.exe windows:5 windows x86 arch:x86

34fed7256851431a653fbfba67a765bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileEx
TransmitCommChar
GetCommConfig
SetCommConfig
SetCommBreak
ClearCommBreak
ClearCommError
GetDefaultCommConfigW
SetDefaultCommConfigW
GetCommState
SetCommState
EscapeCommFunction
GetCommProperties
GetCommModemStatus
SetCommMask
GetCommMask
FlushFileBuffers
PurgeComm
SetupComm
WaitCommEvent
GetTickCount
CreateEventW
WideCharToMultiByte
WaitForSingleObject
ResetEvent
SetEvent
LocalFree
FormatMessageW
FindResourceExW
CreateFileA
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
WriteFileEx
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
ExitProcess
Sleep
HeapCreate
GetOverlappedResult
WriteFile
ReadFile
CloseHandle
CreateFileW
GetCommTimeouts
SetCommTimeouts
LoadLibraryW
GetProcAddress
lstrcmpiW
LoadLibraryExW
FreeLibrary
InitializeCriticalSection
GetLastError
GetModuleHandleW
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringW
GetLocalTime
GetModuleFileNameW
CreateDirectoryW
FindResourceW
SizeofResource
RaiseException
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
InterlockedDecrement
FindClose
lstrlenW
FindFirstFileW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
lstrlenA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
GetFullPathNameW
SetLastError
HeapFree
HeapAlloc
HeapDestroy

user32

DrawTextW
EndDialog
CreateWindowExW
DestroyWindow
SetWindowLongW
MoveWindow
GetClientRect
SendMessageW
SetWindowPos
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindowLongW
GetWindowRect
GetWindow
GetParent
LoadImageW
GetDlgItem
GetClassInfoExW
LoadCursorW
RegisterClassExW
CharNextW
GetSysColor
DefWindowProcW
GetWindowTextW
GetWindowTextLengthW
InvalidateRect
SetWindowRgn
CopyRect
CallWindowProcW
GetIconInfo
SetWindowTextW
ScreenToClient
ShowWindow
EnableWindow
SetDlgItemTextW
LoadIconW
BeginPaint
EndPaint
IsWindowVisible
UnregisterClassA
PostMessageW
IsWindow
DrawFocusRect
GetSystemMetrics
GetActiveWindow
DialogBoxParamW
SetCursor
KillTimer
SetTimer

gdi32

CreatePen
GetDIBColorTable
CreateSolidBrush
CreateRoundRectRgn
TextOutW
StretchBlt
SetBkMode
DeleteObject
CreateCompatibleBitmap
SetViewportOrgEx
CreateCompatibleDC
SelectObject
SetDIBColorTable
CreateDIBSection
BitBlt
DeleteDC
CreateFontIndirectW
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
RoundRect
Rectangle
Polyline
LineTo
MoveToEx
SetTextColor
RestoreDC
SaveDC
GetStockObject
GetObjectW
ExcludeClipRect

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW

ole32

OleRun
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantCopy
VariantClear
GetErrorInfo
SysStringByteLen
VariantInit
VarUI4FromStr
VariantChangeType
SysAllocStringByteLen

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

TransparentBlt

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdiplusStartup
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipBitmapGetPixel
GdipDrawImageRectRect
GdipDrawImageRectI
GdipCreateFromHDC
GdipSetImageAttributesRemapTable
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0

wininet

HttpOpenRequestW
InternetSetStatusCallbackW
InternetOpenW
InternetReadFileExW
InternetQueryDataAvailable
HttpQueryInfoW
InternetGetLastResponseInfoW
HttpSendRequestW
InternetSetOptionW
InternetConnectW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCloseHandle

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34fed7256851431a653fbfba67a765bf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

msimg32

gdiplus

wininet

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 206KB - Virtual size: 206KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 206KB - Virtual size: 206KB

.reloc
Size: 11KB - Virtual size: 10KB