85d42ef10fbacb8af055be21cbafba2f401d48f179fa37f4bad3cb176fa63b12N

Sharing

Copy URL Twitter E-mail

General

Target

85d42ef10fbacb8af055be21cbafba2f401d48f179fa37f4bad3cb176fa63b12N
Size

1.6MB
MD5

64eafafa4fcfe28e4c75da910913d340
SHA1

8ade76c5a4a23cf2944b730a52ed75c38a7c96a6
SHA256

85d42ef10fbacb8af055be21cbafba2f401d48f179fa37f4bad3cb176fa63b12
SHA512

2d4dee843f16a7b285d6eb5be2bb0f029de1fe1018afa23d0b2270a83238373d4d5afa547ccbb9bb5faecb561ae47507647029bfe5929a496974617a567a1c3e
SSDEEP

12288:Uhs7dZNRqJpJAwx1xzwPGCoMhAMEifvIEUxJ4A1w+1r6gjvV6FYfHKE0kH47fj5H:UiEKPGC1AMEiIEUEAQyt6FUHFtS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d42ef10fbacb8af055be21cbafba2f401d48f179fa37f4bad3cb176fa63b12N

Files

85d42ef10fbacb8af055be21cbafba2f401d48f179fa37f4bad3cb176fa63b12N
.exe windows:6 windows x64 arch:x64

6ad6ae5c9753b3661b008905b8d758dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

AppendMenuA
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
CreateMenu
CreateWindowExA
DialogBoxParamA
EnableMenuItem
EnableWindow
EndDialog
GetCapture
GetClientRect
GetClipboardOwner
GetCursorPos
GetDesktopWindow
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetForegroundWindow
GetMessageTime
GetQueueStatus
GetWindowLongPtrA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
IsDlgButtonChecked
LoadIconA
MapDialogRect
MessageBeep
MessageBoxA
MessageBoxIndirectA
MoveWindow
PostMessageA
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetDlgItemInt
SetDlgItemTextA
SetForegroundWindow
SetMenu
SetWindowLongPtrA
SetWindowPos
ShowWindow

advapi32

AllocateAndInitializeSid
CopySid
GetLengthSid
RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA

shell32

ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

kernel32

CloseHandle
CompareStringW
CreateFileA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileA
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindFirstFileExW
FindNextFileA
FindNextFileW
FindResourceA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetWindowsDirectoryA
GlobalMemoryStatus
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableW
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile

Sections

.text
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ad6ae5c9753b3661b008905b8d758dd

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

shell32

comdlg32

kernel32

Sections

.text Size: 314KB - Virtual size: 313KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 3KB - Virtual size: 21KB

.pdata Size: 13KB - Virtual size: 13KB

.00cfg Size: 512B - Virtual size: 16B

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 314KB - Virtual size: 313KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 3KB - Virtual size: 21KB

.pdata
Size: 13KB - Virtual size: 13KB

.00cfg
Size: 512B - Virtual size: 16B

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1.1MB - Virtual size: 1.1MB