5dc0fe812c175d2e42eec41a28a94b5a6efceba0660ad8a79c612d4295614d38N

Sharing

Copy URL Twitter E-mail

General

Target

5dc0fe812c175d2e42eec41a28a94b5a6efceba0660ad8a79c612d4295614d38N
Size

588KB
MD5

2e8063fe0ffab869647bc15910c54e80
SHA1

4c7d8394ef846a6655438dcd2b244a6a55524dd4
SHA256

5dc0fe812c175d2e42eec41a28a94b5a6efceba0660ad8a79c612d4295614d38
SHA512

5d2deef6ab30992158c9c387cf5b2db64be4f42dc1f60379ff163e8e64da6f0e159f569853763a838f8d3752b06f2246c28277e767f81099ec9511d19666f899
SSDEEP

12288:WNDx/Nssp9qMS7G0oTojdlBFvroR8zVWQfOZbLLhQk7/I:slVHp9WETanFDoMQdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dc0fe812c175d2e42eec41a28a94b5a6efceba0660ad8a79c612d4295614d38N

Files

5dc0fe812c175d2e42eec41a28a94b5a6efceba0660ad8a79c612d4295614d38N
.exe windows:4 windows x86 arch:x86

4302c88727c9e5ba9299a4f586a1d07b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

dsound

ord1
ord2

dinput

DirectInputCreateEx

d3d8

Direct3DCreate8

winmm

timeSetEvent

kernel32

WritePrivateProfileStringA
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoA
GetCommandLineA
RtlUnwind
ExitProcess
TerminateProcess
RaiseException
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
VirtualProtect
GetSystemInfo
VirtualQuery
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FindResourceA
lstrlenA
GetLocaleInfoA
LoadResource
WaitForSingleObject
SetEvent
WideCharToMultiByte
SizeofResource
CreateEventA
CompareStringW
GetACP
MultiByteToWideChar
SetThreadPriority
InterlockedExchange
lstrcmpiA
GetThreadLocale
LockResource
CompareStringA
GetVersionExA
CloseHandle
GetVersion
GetTickCount
SuspendThread
ResumeThread
InterlockedDecrement
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
ResetEvent
DeleteCriticalSection
GetCurrentDirectoryA
CreateDirectoryA
GetTempPathA
DeleteFileA
Sleep
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
FindNextFileA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetModuleFileNameA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
lstrcpyA
FreeResource
GetCurrentThreadId
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
SetLastError
lstrcpynA
IsProcessorFeaturePresent
QueryPerformanceCounter
FindResourceW
CreateFileA
GetFileSize
GetLastError
WriteFile
GetProcAddress
LoadLibraryA
OutputDebugStringA
QueryPerformanceFrequency
GetModuleHandleA

user32

LoadCursorA
GetSysColorBrush
DestroyMenu
PostQuitMessage
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
AdjustWindowRectEx
GetClassInfoA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
PtInRect
ReleaseDC
GetDC
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
wsprintfA
GetWindowTextLengthA
PeekMessageA
CharUpperA
SetForegroundWindow
MsgWaitForMultipleObjects
PostThreadMessageA
EnableWindow
SendMessageA
IsWindowVisible
PostMessageA
SetTimer
MessageBoxA
GetWindowTextA
GetWindow
GetWindowLongA
SetFocus
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
GetKeyState
GetCursorPos
ValidateRect
GetMenuState
ClientToScreen
DestroyWindow
SetCursor
TranslateMessage
OffsetRect
CreateWindowExA
DefWindowProcA
ShowWindow
DispatchMessageA
InvalidateRect
UpdateWindow
GetAsyncKeyState
GetMessagePos
CopyRect
LoadImageA
ReleaseCapture
GetSysColor
GetDlgItem
DrawFocusRect
GetClientRect
GetParent
GetFocus
SetCapture
FillRect
GetWindowRect
ScreenToClient
KillTimer
GetSystemMetrics
GetMenuItemCount
RegisterClassA
IsIconic
GetMenuItemID
GetSubMenu
LoadIconA
DrawIcon
GetMenu
RedrawWindow

gdi32

SetMapMode
SelectClipRgn
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetTextColor
SetWindowExtEx
ScaleWindowExtEx
SelectPalette
CreateSolidBrush
GetClipBox
CreateBitmap
DeleteDC
StretchBlt
DeleteObject
SelectObject
GetStockObject
BitBlt
GetTextExtentPoint32A
Polygon
GetDeviceCaps
CreateHalftonePalette
CreatePalette
CreateCompatibleDC
CreateRectRgnIndirect
RealizePalette
GetDIBColorTable
RestoreDC
SaveDC
SetBkColor
GetObjectA

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetDesktopFolder

comctl32

ImageList_Draw
ImageList_Destroy
ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocString
SysFreeString
VarDateFromStr

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 440KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4302c88727c9e5ba9299a4f586a1d07b

Headers

File Characteristics

Imports

ddraw

dsound

dinput

d3d8

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 440KB - Virtual size: 547KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 8KB - Virtual size: 398KB

.data1 Size: 4KB - Virtual size: 258KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 440KB - Virtual size: 547KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 8KB - Virtual size: 398KB

.data1
Size: 4KB - Virtual size: 258KB

.rsrc
Size: 40KB - Virtual size: 36KB