efd12f71e5da2a76fe1f04cd5e9c787beb556ecfa3347e17fc5c57003499c6df

Sharing

Copy URL Twitter E-mail

General

Target

efd12f71e5da2a76fe1f04cd5e9c787beb556ecfa3347e17fc5c57003499c6df
Size

29KB
MD5

041dd52ac016ba0d12ff9e79bc9c3ae1
SHA1

8fe9f86e4e1f27dc6f043aef084a82ab4c694af1
SHA256

efd12f71e5da2a76fe1f04cd5e9c787beb556ecfa3347e17fc5c57003499c6df
SHA512

ec75a66dfa7d2e234274b248a941fc15f6be2db471c9c0db4d353092c54ddd763e9cc20478ffc2ffd763ab7cf2681a6b5da1757881e940b76c9bc58891a387d0
SSDEEP

768:rzO3d/FVwfQhNWu+uHQ4CJtkBEmm9Di+vn76ha6R:rzOt/FKfyNWpuHJb2mm9Di876ha6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efd12f71e5da2a76fe1f04cd5e9c787beb556ecfa3347e17fc5c57003499c6df

Files

efd12f71e5da2a76fe1f04cd5e9c787beb556ecfa3347e17fc5c57003499c6df
.exe windows:5 windows x86 arch:x86

6ec4b9854181010bb09f30f0c6b36520

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GlobalReAlloc
GlobalLock
lstrcatW
GlobalUnlock
FreeLibrary
lstrcpyW
AddAtomW
IsValidLocale
GlobalFree
DeleteAtom
LoadLibraryW
lstrcmpW
GetProcAddress
LocalAlloc
lstrcpynW
GetLocaleInfoW
GlobalGetAtomNameW
LocalFree
WinExec
GetModuleHandleW
GetStartupInfoW
GetAtomNameW
ExitProcess
GlobalAlloc
lstrcmpiW

user32

RemovePropW
SetPropW
AllowSetForegroundWindow
GetWindow
DestroyMenu
GetPropW
GetDesktopWindow
MapWindowPoints
TrackPopupMenuEx
GetLastActivePopup
GetParent
GetWindowLongW
LoadBitmapW
GetSysColor
DrawTextW
CreateIconIndirect
GetKeyboardLayout
GetKeyboardLayoutList
DestroyIcon
GetWindowThreadProcessId
AttachThreadInput
MessageBeep
GetDC
ReleaseDC
EnumChildWindows
DrawFocusRect
GetSystemMetrics
GetWindowDC
SystemParametersInfoW
wsprintfW
UnloadKeyboardLayout
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
ShowWindow
LoadStringW
FindWindowW
MessageBoxW
LoadIconW
LoadCursorW
RegisterClassExW
PostMessageW
LoadStringA
WinHelpW
GetProcessDefaultLayout
CreatePopupMenu
InsertMenuW
CheckMenuItem
DestroyWindow
KillTimer
SetTimer
GetMessagePos
InSendMessageEx
GetClassNameW
DefWindowProcW
SetForegroundWindow
IsWindow
SendMessageW
SetActiveWindow
PostQuitMessage
RegisterWindowMessageW
GetClientRect

gdi32

TranslateCharsetInfo
DeleteDC
DeleteObject
GetTextCharsetInfo
GetStockObject
ExtTextOutW
PatBlt
SetBkColor
SelectObject
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
CreateBitmap
GetTextExtentPointW
BitBlt
CreateFontIndirectW
GetObjectW

comctl32

ord329
ImageList_Create
ImageList_Destroy
ord328
ImageList_ReplaceIcon
ord334
ImageList_GetIconSize
ImageList_GetIcon
ord332
ImageList_Draw
ImageList_Remove

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetIMEFileNameW
ImmGetDescriptionW
ImmGetProperty

setupapi

SetupOpenInfFileW
SetupOpenAppendInfFileW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetStringFieldW

advapi32

RegFlushKey
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegDeleteValueW

shell32

SHAppBarMessage
ExtractIconExW
Shell_NotifyIconW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ec4b9854181010bb09f30f0c6b36520

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

imm32

setupapi

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 1024B - Virtual size: 640B

.rsrc Size: 11KB - Virtual size: 30KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 1024B - Virtual size: 640B

.rsrc
Size: 11KB - Virtual size: 30KB