d6f5a2f1592df2f3cea2aa6bb6beaa9511881e6e176cf637a97b40c8c9d1ddebN

Sharing

Copy URL

Twitter E-mail

General

Target

d6f5a2f1592df2f3cea2aa6bb6beaa9511881e6e176cf637a97b40c8c9d1ddebN
Size

103KB
MD5

401349071aea59c909cf9c192fcd5630
SHA1

ab57b6b84b1276244b956c3b45fed55415d75315
SHA256

d6f5a2f1592df2f3cea2aa6bb6beaa9511881e6e176cf637a97b40c8c9d1ddeb
SHA512

d6b922a7c8499e66136be0c094012613e502a6e3693f9e8ea748ec5113460bd0326433db0e06fe197b3b14eab9778ea980f348a631fc96cf2f54b07b0be664be
SSDEEP

1536:dIe+JSadL57sKFA7NOGTqvuKyYURnVPxvqcMm4s3XQnfDwJzxPLv+fL:GlJSadV7dFYveG8+qm4WXQ0JzxSD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6f5a2f1592df2f3cea2aa6bb6beaa9511881e6e176cf637a97b40c8c9d1ddebN

Files

d6f5a2f1592df2f3cea2aa6bb6beaa9511881e6e176cf637a97b40c8c9d1ddebN
.exe windows:5 windows x86 arch:x86

9bed98b00a600922996b2473348c5df5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
QueryPerformanceCounter
GetSystemTimeAsFileTime
lstrlenW
FormatMessageW
GlobalAlloc
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringA
GlobalLock
DeleteCriticalSection
OutputDebugStringW
GetACP
GetLastError
LocalReAlloc
InterlockedIncrement
InitializeCriticalSection
SetLastError
RemoveDirectoryA
lstrcmpiW
lstrcpyW
SetUnhandledExceptionFilter
GetModuleFileNameW
GetSystemWindowsDirectoryW
LoadLibraryW
LocalFree
GlobalUnlock
GetDateFormatW
IsBadReadPtr
GetSystemDefaultLangID
InterlockedDecrement
GetStartupInfoA
GlobalFree
GetEnvironmentStringsW
GetComputerNameW
GetCurrentProcess
WideCharToMultiByte
GetModuleHandleA
CloseHandle

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW

user32

SetDlgItemTextW
RegisterClipboardFormatW
SendMessageW
SetFocus
LoadIconW
LoadImageW
ReleaseDC
GetDlgItemTextA
LoadCursorW
InsertMenuItemW
SendDlgItemMessageW
wsprintfW
DialogBoxParamW
MessageBoxW
GetDlgItem
SetWindowLongW
GetWindowLongW
EnableWindow
GetParent
SetCursor
PostMessageW
LoadStringW
EndDialog
GetDC
WinHelpW
SystemParametersInfoW
LoadBitmapW
SetWindowTextW

msvcrt

wcscpy
??3@YAXPAX@Z
free
??2@YAPAXI@Z
_initterm
wcscmp
wcscat
_except_handler3
__dllonexit
_wcsupr
memmove
wcslen
wcsrchr
_wcsicmp
_onexit
vswprintf
mbstowcs
wcsstr
wcstoul
__RTDynamicCast
?terminate@@YAXXZ
wcschr
malloc
_adjust_fdiv
_purecall
??1type_info@@UAE@XZ

certcli

CACreateCertType
CAGetCertTypeExtensions
CASetCertTypeKeySpec
CACloseCA
CAFindByName
CASetCertTypeFlags
CAEnumCertTypes
CAGetCAProperty
CARemoveCACertificateType
CAAddCACertificateType
CAGetCertTypePropertyEx
CACertTypeGetSecurity
CAFreeCAProperty
CAGetCertTypeFlags
CAFindCertTypeByName
CAEnumNextCertType
CAFreeCertTypeProperty
CASetCertTypeExtension
CACertTypeSetSecurity
CAUpdateCA
CACloseCertType
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CASetCertTypeProperty
CAEnumCertTypesForCA
CAGetCertTypeProperty
CAUpdateCertType

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bed98b00a600922996b2473348c5df5

Headers

File Characteristics

Imports

kernel32

advapi32

user32

msvcrt

certcli

comctl32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 115KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 115KB

.rsrc
Size: 23KB - Virtual size: 23KB