0d278c4e506638f858175e60c8c3d2f4eab09c8985daf61432310f68d54f69fd

Sharing

Copy URL Twitter E-mail

General

Target

0d278c4e506638f858175e60c8c3d2f4eab09c8985daf61432310f68d54f69fd
Size

2.3MB
MD5

5045f9411c1d94100a6f4a5dd8855514
SHA1

09d901a59e199da8d398f49f8748f74305bc3872
SHA256

0d278c4e506638f858175e60c8c3d2f4eab09c8985daf61432310f68d54f69fd
SHA512

fdcbb54253e7a87e2505751b3ede767726715b4c85c24cc28cdcd8936a27861e14e4eecf4f76d7dab726e69b5815f0a3886190a032bcc541444e4882babf34f7
SSDEEP

49152:Td2B1f7H2HQTGxzT0+7SHmwONoBLzAobk/bvD:h2iV17imPmLbkjvD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d278c4e506638f858175e60c8c3d2f4eab09c8985daf61432310f68d54f69fd

Files

0d278c4e506638f858175e60c8c3d2f4eab09c8985daf61432310f68d54f69fd
.exe windows:5 windows x64 arch:x64

f676bc3745ebcfb7dc06a109774616bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WideCharToMultiByte
MulDiv
GetSystemDefaultLangID
ReadProcessMemory
GetCurrentProcessId
VirtualProtectEx
GetProcAddress
GetSystemDirectoryW
GetVersionExW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
GetModuleFileNameW
FindClose
FindNextFileW
FindFirstFileW
WritePrivateProfileStringW
IsBadReadPtr
Thread32Next
SuspendThread
OpenThread
Thread32First
CreateToolhelp32Snapshot
GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetExitCodeProcess
WaitForSingleObject
Sleep
DeleteFileW
CreateThread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
DeleteCriticalSection
RaiseException
SetLastError
FlushInstructionCache
GetCurrentProcess
lstrcmpiW
CompareStringW
FreeLibrary
LoadLibraryExW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
CreateFileA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
LoadResource
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
LockFile
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
HeapReAlloc
HeapCreate
HeapSetInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
GetStartupInfoW
HeapAlloc
HeapFree
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlPcToFileHeader
RtlUnwindEx
RtlLookupFunctionEntry
GetConsoleOutputCP
WriteConsoleW
WriteConsoleA
SetEndOfFile
LockResource
MultiByteToWideChar
lstrlenA
GetProcessHeap
InterlockedPushEntrySList
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
CreateProcessW
GetLastError
VirtualAllocEx
WriteProcessMemory
LoadLibraryW
QueueUserAPC
ResumeThread
TerminateProcess
CloseHandle
GetFileSize
ReadFile
UnlockFile
OutputDebugStringW
DebugBreak
CreateFileW
MoveFileExW
WriteFile
GetModuleHandleW
FindResourceW
SetFilePointer
SizeofResource
lstrlenW
GetCommandLineW
GetStringTypeW
LocalFree

user32

CreateWindowExW
GetDlgCtrlID
SetWindowLongW
GetWindowTextLengthW
SystemParametersInfoW
GetClassNameW
GetFocus
GetSysColor
IsWindowEnabled
FillRect
DrawFocusRect
SetWindowLongPtrW
GetWindowLongPtrW
CallWindowProcW
OffsetRect
LoadCursorW
ScreenToClient
GetCursorPos
GetCapture
ReleaseCapture
SetCapture
PtInRect
SetCursor
InvalidateRect
CreateDialogParamW
EndDialog
DialogBoxParamW
IsWindow
SetRectEmpty
DestroyWindow
DefWindowProcW
MessageBoxW
PostQuitMessage
CheckDlgButton
ClientToScreen
TrackPopupMenu
IsDlgButtonChecked
GetActiveWindow
UpdateWindow
GetParent
GetWindow
GetWindowRect
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
LoadMenuW
GetSubMenu
GetSystemMetrics
LoadImageW
RegisterWindowMessageW
IsDialogMessageW
GetClassInfoW
RegisterClassW
ShowWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CharLowerW
PostMessageW
wsprintfW
AppendMenuW
CheckMenuItem
GetDlgItem
ModifyMenuW
SetWindowTextW
SetDlgItemTextW
BeginPaint
SetRect
DrawTextW
EndPaint
GetWindowTextW
EnumChildWindows
ReleaseDC
GetDC
SendMessageW
CharNextW
CharUpperW
LoadStringW
SetFocus
UnregisterClassA

gdi32

GetObjectW
GetStockObject
CreateFontIndirectW
DeleteDC
SelectObject
SetTextColor
CreateFontW
DeleteObject
EnumFontFamiliesExW
GetDeviceCaps
SetBkMode

comdlg32

ChooseFontW
GetOpenFileNameW

advapi32

RegCloseKey
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW

shell32

CommandLineToArgvW
ShellExecuteW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysAllocString
SysFreeString
VarUI4FromStr

shlwapi

SHGetValueW
SHSetValueW
PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW

comctl32

_TrackMouseEvent
InitCommonControlsEx

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f676bc3745ebcfb7dc06a109774616bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

Sections

.text Size: 394KB - Virtual size: 393KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 9KB - Virtual size: 21KB

.pdata Size: 25KB - Virtual size: 25KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 394KB - Virtual size: 393KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 9KB - Virtual size: 21KB

.pdata
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 7KB - Virtual size: 7KB