8fc48975c70e774615a81e99e9c8162ff53d0578adee81fae841afa822648ab9N

Sharing

Copy URL Twitter E-mail

General

Target

8fc48975c70e774615a81e99e9c8162ff53d0578adee81fae841afa822648ab9N
Size

1.0MB
MD5

e9953d9b6e8fd4e9d379ae440e4b7dc0
SHA1

8e3e51e694593e5fac6ddae9a2ae80d40f5eb0c4
SHA256

8fc48975c70e774615a81e99e9c8162ff53d0578adee81fae841afa822648ab9
SHA512

6c998aa9cd8a5e8dbf3a1c920423ebf2a011d42f1403c7f36c7466dbf193287ca571a2104c66b6c01a4e20a13ab1affffb8d7de2e85cc9c4b3af129668a08ed9
SSDEEP

24576:svDdZZFnr2xB3JLZHaSDTQsqjnhMgeiCl7G0nehbGZpbD:svD3ZuJLUKTMDmg27RnWGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fc48975c70e774615a81e99e9c8162ff53d0578adee81fae841afa822648ab9N

Files

8fc48975c70e774615a81e99e9c8162ff53d0578adee81fae841afa822648ab9N
.exe windows:5 windows x86 arch:x86

58a07b9c74eefd560acd3281ca81a594

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSACleanup
bind
listen
accept
WSAAsyncSelect
inet_ntoa
WSAGetLastError
getpeername
send
recv
shutdown
closesocket
setsockopt
socket
ioctlsocket
gethostbyname
htons
connect

gdi32

GetDIBits
CreateDIBSection
CreateCompatibleBitmap
ExtTextOutA
SetBkColor
SelectObject
RealizePalette
SelectPalette
SetTextColor
BitBlt
StretchBlt
SetBrushOrgEx
SetStretchBltMode
DeleteObject
DeleteDC
UpdateColors
CreatePalette
GetDeviceCaps
CreateCompatibleDC
GetStockObject
SetPixelV

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

winmm

PlaySoundA

comctl32

ord17

user32

LoadKeyboardLayoutA
IsDialogMessageA
GetMessageA
MapWindowPoints
SetClassLongA
GetDlgCtrlID
GetDlgItemInt
SetDlgItemInt
GetDlgItemTextA
GetKeyboardState
ToAscii
GetKeyState
CreateAcceleratorTableA
DestroyAcceleratorTable
TranslateAcceleratorA
CreateDialogParamA
LoadImageA
DestroyIcon
EnableWindow
GetDlgItem
PeekMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
LoadMenuA
DestroyMenu
GetSubMenu
GetMenuItemID
SetMenuDefaultItem
TrackPopupMenu
GetCursorPos
SetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconA
GetSysColorBrush
RegisterClassA
CreateWindowExA
SetWindowLongA
AppendMenuA
DrawMenuBar
GetForegroundWindow
GetWindow
GetFocus
LoadCursorA
SetCursor
WindowFromPoint
GetAncestor
ScreenToClient
SetTimer
SetFocus
ChangeClipboardChain
KillTimer
GetMenuState
PostQuitMessage
PostMessageA
SystemParametersInfoA
AdjustWindowRectEx
GetWindowPlacement
GetWindowRect
SetWindowPlacement
SetForegroundWindow
FindWindowA
CheckMenuItem
ShowWindow
GetWindowLongA
DestroyWindow
GetClientRect
SetWindowPos
ShowScrollBar
IsIconic
ScrollWindowEx
UpdateWindow
GetKeyboardLayoutNameA
MessageBoxA
SetScrollInfo
BeginPaint
EndPaint
DefWindowProcA
SetRect
DrawTextA
InvalidateRect
SetClipboardViewer
GetSystemMenu
EnableMenuItem
SendMessageA
ReleaseDC
GetDC
LoadStringA
SetWindowTextA
DialogBoxParamA
EndDialog
SetDlgItemTextA
GetWindowTextA

advapi32

RegSetValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shell32

Shell_NotifyIconA

kernel32

GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetStringTypeA
GetConsoleMode
FlushFileBuffers
CompareStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetDriveTypeA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
InitializeCriticalSectionAndSpinCount
HeapSize
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
CompareStringW
VirtualFree
HeapCreate
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
GetStartupInfoA
GetCommandLineA
CreateThread
ExitThread
GetFullPathNameA
GetFileAttributesA
ExitProcess
GetModuleHandleW
HeapAlloc
HeapFree
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LoadLibraryA
GetProcAddress
ExpandEnvironmentStringsA
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
TlsGetValue
WaitForSingleObject
CreateSemaphoreA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
SetEndOfFile
AllocConsole
OutputDebugStringA
GetStdHandle
WriteConsoleA
SetFileTime
WriteFile
GetConsoleCP
CreateFileA
ReadFile
GetLogicalDriveStringsA
SetErrorMode
FindFirstFileA
FindClose
FindNextFileA
CloseHandle
DeleteFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
Beep
FormatMessageA
LocalFree
Sleep
GetLastError
SetEnvironmentVariableA
SetStdHandle
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableW

Sections

.text
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 600KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58a07b9c74eefd560acd3281ca81a594

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

gdi32

comdlg32

winmm

comctl32

user32

advapi32

shell32

kernel32

Sections

.text Size: 351KB - Virtual size: 351KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 10KB - Virtual size: 81KB

.rsrc Size: 600KB - Virtual size: 604KB

.text
Size: 351KB - Virtual size: 351KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 10KB - Virtual size: 81KB

.rsrc
Size: 600KB - Virtual size: 604KB