33842966256e6ad79cb3cb03d9e190b17aa1b225a95289f387396e02e5af80aaN

Sharing

Copy URL

Twitter E-mail

General

Target

33842966256e6ad79cb3cb03d9e190b17aa1b225a95289f387396e02e5af80aaN
Size

311KB
MD5

a299bb3e2e868a3862c5352542979240
SHA1

3ceb105b75611610f6cf1eefe3b918420353f065
SHA256

33842966256e6ad79cb3cb03d9e190b17aa1b225a95289f387396e02e5af80aa
SHA512

2a5e5f725d286b726409a7270e2ade74c26c27464dd2aad16aab234e030f7b9c077c1a3c94ff1f45a5e196aacd2dee8ce6ad3c5ef0abece6b2d2f3c2ca2ebec3
SSDEEP

6144:Tf1g8dVoLtpzFMO0XGuaBxfwLUncgESZemE2:TfG8dVgtpRfN4ocwv9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33842966256e6ad79cb3cb03d9e190b17aa1b225a95289f387396e02e5af80aaN

Files

33842966256e6ad79cb3cb03d9e190b17aa1b225a95289f387396e02e5af80aaN
.exe windows:5 windows x86 arch:x86

fa9e19988bb004d83fd6a4efd3ea2710

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
GetTickCount
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GlobalAlloc
GlobalFindAtomW
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnlock
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalSize
LockResource
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenFileMappingW
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
GetThreadLocale
ResetEvent
ResumeThread
RtlUnwind
SetDefaultCommConfigA
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetTapeParameters
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForSingleObject
WaitNamedPipeA
WideCharToMultiByte
WinExec
WriteFile
WriteProfileStringW
_lwrite
lstrcmpA
lstrcpynW
lstrlenW
GetThreadContext
GetTempPathA
GetTempFileNameW
GetTapeParameters
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetSystemDefaultLangID
GetStdHandle
GetStartupInfoA
GetProcAddress
GetPriorityClass
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLongPathNameW
GetLocaleInfoW
Beep
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetDriveTypeW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleAliasesLengthA
GetComputerNameExW
GetComputerNameA
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeConsole
FormatMessageW
FormatMessageA
FindResourceW
FindResourceA
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnumSystemLocalesW
EnumResourceTypesA
EnumCalendarInfoW
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateRemoteThread
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateDirectoryW
CreateDirectoryA
CopyFileA
CompareStringW
CloseHandle
RemoveDirectoryA

user32

ValidateRgn
WINNLSGetEnableStatus
WindowFromPoint
wsprintfA
LoadIconW
SendMessageW
SendMessageTimeoutA
SendMessageA
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClassA
RedrawWindow
PostThreadMessageW
PostThreadMessageA
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
MsgWaitForMultipleObjects
MessageBoxW
MessageBoxA
MessageBeep
LoadStringW
LoadImageA
LoadCursorW
KillTimer
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageW
InvalidateRect
InflateRect
GetWindowThreadProcessId
GetWindowTextA
TranslateMessage
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetMessageW
GetMessageA
GetKeyboardType
GetKeyState
GetIconInfo
GetFocus
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassNameA
GetCapture
FrameRect
FindWindowW
FillRect
EnumWindows
EndPaint
EnableWindow
EmptyClipboard
DrawTextA
DrawIconEx
DrawFocusRect
DlgDirListA
DispatchMessageW
DestroyWindow
DefWindowProcW
DefWindowProcA
CreateWindowExW
CreateWindowExA
CreateCaret
CloseWindow
CloseClipboard
CharUpperBuffW
CharNextW
CallWindowProcW
CallNextHookEx
TrackPopupMenuEx
SystemParametersInfoW
ShowWindow
SetWindowTextA
SetWindowPos
SetWindowLongA
SetTimer
SetRect
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetCapture
GetWindowRect
SetActiveWindow
BringWindowToTop
BeginPaint
AttachThreadInput
DrawFrameControl

gdi32

GetKerningPairsA
GetObjectA
GetObjectW
GetPixel
GetRgnBox
GetStockObject
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsW
GetWinMetaFileBits
GetWindowOrgEx
LineTo
MoveToEx
OffsetRgn
PATHOBJ_vGetBounds
PolyDraw
PolyTextOutW
SelectClipRgn
GetEnhMetaFilePixelFormat
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetTextJustification
SetVirtualResolution
StartDocA
StartPage
StretchBlt
TextOutA
UpdateColors
UpdateICMRegKeyA
AbortDoc
SetTextAlign
AddFontResourceW
AddFontResourceA
AbortPath
GetDeviceCaps
GetCharWidthW
GetClipRgn
GetArcDirection
GdiGetSpoolFileHandle
GdiFlush
FloodFill
EqualRgn
EndPage
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreateFontW
CreateFontA
CreateDIBSection
CreateDCW
CreateCompatibleDC
CombineRgn
CLIPOBJ_ppoGetPath
SelectFontLocal
BitBlt

comdlg32

GetSaveFileNameA
PrintDlgW

advapi32

RegOpenKeyExW
FreeSid
GetUserNameA
RegOpenKeyW
SetSecurityDescriptorDacl
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
AllocateAndInitializeSid
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
InitializeSecurityDescriptor

shell32

SHFormatDrive
ExtractAssociatedIconExW
ExtractIconExW
FindExecutableW
SHBrowseForFolderW
SHFileOperationA
Shell_NotifyIconW
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA

shlwapi

StrChrW

comctl32

ImageList_Destroy
ImageList_Create
ord17

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa9e19988bb004d83fd6a4efd3ea2710

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 205KB - Virtual size: 204KB

.rsrc Size: 51KB - Virtual size: 50KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 205KB - Virtual size: 204KB

.rsrc
Size: 51KB - Virtual size: 50KB