d6483d0092f30f89dc2c2d7b7082c14c8a1e6504b4b059c5f7e05b4c722a99a6N

Sharing

Copy URL Twitter E-mail

General

Target

d6483d0092f30f89dc2c2d7b7082c14c8a1e6504b4b059c5f7e05b4c722a99a6N
Size

94KB
MD5

f18fa8e57168be41ae20ea42c4249ad0
SHA1

6c851a91a8e65a1acd69426e8f37e2f7f692ab4b
SHA256

d6483d0092f30f89dc2c2d7b7082c14c8a1e6504b4b059c5f7e05b4c722a99a6
SHA512

90be8ed64093af3c48ae4ccf25c829d6ff32521afc9b07225dd34e389ad578742b9907a784d7390e65f7ba88581689f7c3c6e71339340c5d506fdc8b7ab61a73
SSDEEP

1536:YWyFcaIWRbN8cZ/Be+5hlrCCXez5FHIXOH3LoAWsiOYvDLXpV0qnFE8ZMkIB1u9:xaIO8cZL5y551IA3zWJD7pFnFEQIBQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6483d0092f30f89dc2c2d7b7082c14c8a1e6504b4b059c5f7e05b4c722a99a6N

Files

d6483d0092f30f89dc2c2d7b7082c14c8a1e6504b4b059c5f7e05b4c722a99a6N
.exe windows:4 windows x86 arch:x86

bb774fb48f2e080e13a27701a8257d29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

usp10

ScriptGetFontProperties

user32

CharNextA
GetDlgItem
MessageBoxW
CharUpperW
SendMessageW
UpdateWindow
PeekMessageW
EndDialog
IsWindow
DialogBoxParamW
DestroyWindow
MsgWaitForMultipleObjects
SetDlgItemTextW
DispatchMessageW
GetDC
GetWindowRect
ShowWindow
OemToCharA
ExitWindowsEx
SetWindowTextW
SendDlgItemMessageW
MessageBeep
CreateDialogParamW
LoadStringW
GetDesktopWindow
GetDlgItemTextW
CharPrevW
CharNextW
ReleaseDC
GetSystemMetrics
EnableWindow
SetWindowPos

crypt32

CryptFormatObject

kernel32

WritePrivateProfileStringW
UnmapViewOfFile
DeleteFileW
LockResource
lstrcmpiW
GetProcAddress
LoadLibraryW
GetSystemDefaultUILanguage
GetWindowsDirectoryW
HeapFree
GetFullPathNameW
lstrcmpiA
RtlUnwind
FindResourceExW
LocalFree
DisableThreadLibraryCalls
GetTempFileNameW
MultiByteToWideChar
GetLastError
FreeConsole
GetCurrentProcess
CompareStringW
GetLocalTime
GetProfileStringW
VirtualAlloc
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetCurrentThreadId
CreateDirectoryW
InterlockedExchange
SetFileTime
GetShortPathNameW
WriteFile
WideCharToMultiByte
CopyFileW
SetUnhandledExceptionFilter
TerminateProcess
FormatMessageW
SetFilePointer
GetVersionExW
SetFileAttributesW
GetProcessHeap
GetLocaleInfoW
RemoveDirectoryW
GetSystemDirectoryW
CreateFileMappingW
GetVolumeInformationW
HeapAlloc
GetDriveTypeW
LocalReAlloc
CreateProcessW
GetModuleFileNameW
EnumResourceLanguagesW
GetDiskFreeSpaceW
LoadLibraryExW
FindClose
MoveFileExW
GetEnvironmentVariableW
FreeLibrary
MoveFileW
lstrcmpW
GetPrivateProfileIntW
SearchPathW
SizeofResource
MapViewOfFile
MulDiv
GetTempPathW
LocalAlloc
Sleep
GetUserDefaultUILanguage
UnhandledExceptionFilter
LoadResource
WritePrivateProfileSectionW
CloseHandle
FindFirstFileW
GetFileSize
lstrlenA
MapViewOfFileEx
GetFileTime
GetSystemInfo
FindResourceW
InterlockedCompareExchange
GetCurrentProcessId
ReadFile
QueryPerformanceCounter
GetFileAttributesW
CreateFileW
GetPrivateProfileSectionW
lstrlenW
GetTickCount
FindNextFileW

shlwapi

StrChrW
PathRemoveFileSpecW
PathBuildRootW
StrRChrW
PathFileExistsW
StrStrIW
PathCombineW
PathAddBackslashW
PathAppendW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ole32

OleUninitialize
CoTaskMemFree
OleInitialize

setupapi

SetupOpenAppendInfFileW
SetupQueueCopyW
SetupFindNextLine
SetupCloseInfFile
SetupInstallFromInfSectionW
SetupGetLineTextW
SetupSetDirectoryIdW
SetupGetStringFieldW
SetupFindFirstLineW
SetupOpenFileQueue
SetupCommitFileQueueW
SetupInitDefaultQueueCallbackEx
SetupOpenInfFileW
SetupTermDefaultQueueCallback
SetupDefaultQueueCallbackW
SetupCloseFileQueue

msvcrt

free
_XcptFilter
malloc
memmove
wcsncmp
_vsnwprintf
_setjmp3
memcpy
longjmp
_wcsicmp
bsearch
_ultow
memset
_vsnprintf
_wcsnicmp
_wtol
_amsg_exit
_adjust_fdiv
_wtoi
_initterm

gdi32

DeleteObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW
GetStockObject

Sections

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb774fb48f2e080e13a27701a8257d29

Headers

File Characteristics

Imports

usp10

user32

crypt32

kernel32

shlwapi

version

ole32

setupapi

msvcrt

gdi32

Sections

.rsrc Size: 13KB - Virtual size: 13KB

.text Size: 512B - Virtual size: 436B

.idata Size: 5KB - Virtual size: 5KB

.data Size: - Virtual size: 96KB

.rdata Size: 73KB - Virtual size: 76KB

.rsrc
Size: 13KB - Virtual size: 13KB

.text
Size: 512B - Virtual size: 436B

.idata
Size: 5KB - Virtual size: 5KB

.data
Size: - Virtual size: 96KB

.rdata
Size: 73KB - Virtual size: 76KB