8c3c459481bb940ad69a704a041516f42012775c60f288c731a394954e3eda3c

Sharing

Copy URL Twitter E-mail

General

Target

8c3c459481bb940ad69a704a041516f42012775c60f288c731a394954e3eda3c
Size

989KB
MD5

f0cb6a0555896e017b2f778a847b0196
SHA1

918e72af4ce78588f2d6fad65a91256ad69e1d8c
SHA256

8c3c459481bb940ad69a704a041516f42012775c60f288c731a394954e3eda3c
SHA512

af5ab34ba0faad80926c39bd97ae9e7521e1ae7a94ef7e71c20a837797cceaa01d728e186c8f75f754e535ff92a7c46e721aad43076fd6b855520971e4251e80
SSDEEP

24576:7NS52sMI17mQry3RBlcqSrRKx1S4u41o8QZFUIrGXLM6:7NS5717UbB1Hul84FaXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c3c459481bb940ad69a704a041516f42012775c60f288c731a394954e3eda3c

Files

8c3c459481bb940ad69a704a041516f42012775c60f288c731a394954e3eda3c
.exe windows:5 windows x64 arch:x64

20309372fe4d334bbd8d7af133168b58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
HeapReAlloc
WideCharToMultiByte
GetLocaleInfoA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapFree
InitializeCriticalSectionAndSpinCount
LoadLibraryA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
HeapSetInformation
FlsAlloc
GetLastError
GetCurrentThreadId
SetLastError
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
RtlUnwindEx
GetModuleFileNameA
GetStdHandle
WriteFile
GetProcAddress
ExitProcess
GetSystemDefaultLocaleName
lstrcmpiW
HeapAlloc
Sleep
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter

gdi32

FlattenPath
PatBlt
CopyEnhMetaFileW
RealizePalette
StrokePath
GetWinMetaFileBits
OffsetViewportOrgEx
GetBrushOrgEx
PolyTextOutW
RectVisible
EnumMetaFile
SetDCPenColor
GetDIBits
GetWorldTransform
GetNearestColor
GetCharacterPlacementW
CombineRgn
SetTextAlign
LPtoDP
GetFontData
GetEnhMetaFileHeader
PolyPolyline
Polyline
SetColorAdjustment
SetEnhMetaFileBits
Rectangle
RoundRect
BitBlt
TextOutW
FillRgn
GetDCPenColor
ResizePalette
MaskBlt
GetTextExtentPointW
GetRasterizerCaps
GetSystemPaletteEntries
GetBkColor
InvertRgn
ScaleWindowExtEx
Pie
GetFontLanguageInfo
MoveToEx
StretchBlt
DPtoLP
SetMetaRgn
ExtSelectClipRgn
ResetDCW
PolylineTo
SetPolyFillMode
SetPixelV
SetBoundsRect
GetBitmapDimensionEx
PtInRegion
GetPolyFillMode
PlayMetaFile
GetOutlineTextMetricsW
UpdateColors
PathToRegion
GetObjectW
GetPath
GdiGetBatchLimit
SetTextCharacterExtra
OffsetClipRgn
LineTo
GetDCBrushColor
GetStretchBltMode
SelectPalette
GdiGradientFill
ArcTo
GetCharWidthW
SetDIBitsToDevice
SetMetaFileBitsEx
SetDIBColorTable
GetTextAlign
SetPaletteEntries
SetViewportOrgEx
SelectClipPath
ExtTextOutW
AbortPath
GetTextExtentExPointW
GetCharABCWidthsI
GetPixel
SetWorldTransform
BeginPath
FrameRgn
SetWindowOrgEx
SetBkMode
ExtFloodFill
AnimatePalette
Arc
GetGlyphIndicesW
CancelDC
GetRandomRgn
GetLayout

winspool.drv

AbortPrinter
ReadPrinter
WritePrinter
FindFirstPrinterChangeNotification
ScheduleJob
FindNextPrinterChangeNotification
FindClosePrinterChangeNotification

ole32

CoCancelCall
OleGetAutoConvert
CoGetInterfaceAndReleaseStream
CoAllowSetForegroundWindow
CoUnmarshalHresult
CoDisconnectObject
CoTestCancel
CoIsOle1Class
CoQueryAuthenticationServices
CoFileTimeToDosDateTime
GetClassFile
MonikerRelativePathTo
MkParseDisplayName
CoGetClassObject
OleRegGetMiscStatus
CLSIDFromProgID
CLSIDFromString
CoRevokeClassObject
CoGetCurrentLogicalThreadId
CoGetObject
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CoTaskMemRealloc
CoQueryProxyBlanket
CoGetInstanceFromIStorage
OleGetIconOfClass
CoTaskMemAlloc
CoSetCancelObject
CoRevokeMallocSpy
CoIsHandlerConnected
CoMarshalInterface
CoFileTimeNow
ProgIDFromCLSID
CoRevokeInitializeSpy
CoResumeClassObjects
CoRevertToSelf
CoUnmarshalInterface
OleRegGetUserType
OleSetAutoConvert
CoSwitchCallContext
CoGetStdMarshalEx
CoGetPSClsid
CoSuspendClassObjects
CLSIDFromProgIDEx
CoGetCurrentProcess
IsAccelerator
CoWaitForMultipleHandles
CoGetInstanceFromFile
StringFromGUID2
CoGetContextToken
CoMarshalHresult
CoGetStandardMarshal
CoSetProxyBlanket
CoGetMalloc
CoDisableCallCancellation
GetRunningObjectTable
CoGetCallerTID
CoGetInterceptor
CoInstall
CoInvalidateRemoteMachineBindings

comctl32

ord15
ord410
PropertySheetW
ord14
ord412
ord413
ord13

dxgi

CreateDXGIFactory

Sections

.text
Size: 962KB - Virtual size: 961KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20309372fe4d334bbd8d7af133168b58

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

winspool.drv

ole32

comctl32

dxgi

Sections

.text Size: 962KB - Virtual size: 961KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 14KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 962KB - Virtual size: 961KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 14KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB