c037a3e92b142c9bea5b1130d4b51177e2046c96189a168181e2edfa361d514cN

Sharing

Copy URL Twitter E-mail

General

Target

c037a3e92b142c9bea5b1130d4b51177e2046c96189a168181e2edfa361d514cN
Size

270KB
MD5

ec306339438a5cbde1a55c14fcfd4450
SHA1

08c33f31272e44264fddccc1d7e7c2989a66a673
SHA256

c037a3e92b142c9bea5b1130d4b51177e2046c96189a168181e2edfa361d514c
SHA512

d2013f7d95d39aab07014bd75b2453b2b1b23440caae2888430b6e22b4951429a5c9cd52b769bb7b07f4a804ae9ddcf04234e5712dc47620043defa74c9d2660
SSDEEP

6144:Mmgf0KQzXudioqIv185ILCXqXY5JO1cVUyqYJV3c:Mmgf0KQzXudivIipaWVUyLrs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c037a3e92b142c9bea5b1130d4b51177e2046c96189a168181e2edfa361d514cN

Files

c037a3e92b142c9bea5b1130d4b51177e2046c96189a168181e2edfa361d514cN
.exe windows:5 windows x86 arch:x86

1e8b80a4bc92cada81e544f1ab5b495b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
InitializeCriticalSection
VirtualProtect
LocalFree
VirtualAlloc
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetModuleHandleA
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
MulDiv
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
InitializeCriticalSectionAndSpinCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
InterlockedIncrement
LeaveCriticalSection
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
WideCharToMultiByte
GetLastError
LCMapStringW
lstrcmpA
lstrlenW
GetModuleFileNameA
InterlockedDecrement
DeleteCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
RaiseException
GetStdHandle
WriteFile
HeapCreate
HeapReAlloc
VirtualFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
ExitProcess
Sleep
VirtualQuery
GetSystemInfo
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
SetHandleCount
MultiByteToWideChar
GetModuleHandleW

user32

GetClientRect
UnregisterClassA
RegisterClassExA
LoadCursorA
GetClassInfoExA
MessageBoxA
DefWindowProcA
SetWindowLongA
GetWindowLongA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
FillRect
CallWindowProcA
DestroyWindow
GetDlgItem
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
CreateAcceleratorTableA
GetDesktopWindow
CharNextA
GetParent
GetClassNameA
SetWindowPos
RedrawWindow
IsWindow
BeginPaint
MoveWindow
EndPaint
GetDC
ReleaseDC
IsChild
GetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
CreateWindowExA
ShowWindow
LoadIconA
wsprintfA
SetFocus
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowA
SendMessageA
PostQuitMessage

gdi32

GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shlwapi

PathFindFileNameA

ole32

OleUninitialize
CreateStreamOnHGlobal
OleInitialize
CoInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize

oleaut32

VarUI4FromStr
VariantClear
VariantInit
DispCallFunc
LoadTypeLi
LoadRegTypeLi
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString
GetErrorInfo
OleCreateFontIndirect

comctl32

ord17

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e8b80a4bc92cada81e544f1ab5b495b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

ole32

oleaut32

comctl32

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 114KB - Virtual size: 116KB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 114KB - Virtual size: 116KB