dd25905bdd3a29daf6515c3ce51155f08ab303b50a95196c0877c016f63a184d[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

dd25905bdd3a29daf6515c3ce51155f08ab303b50a95196c0877c016f63a184d.exe
Size

768KB
MD5

37574421be2ebdf28616c62bfc29aa50
SHA1

4c65300a68a19e2a9b58048517e5764fd6ed76fb
SHA256

dd25905bdd3a29daf6515c3ce51155f08ab303b50a95196c0877c016f63a184d
SHA512

f2a0c5e6288434e79f01df236f6554360dc43521bad726b222a0b242271c4fe4997f13c994ad663eb76283ca361105460ce086c9df488aefb6b1d09e53f16b41
SSDEEP

12288:1paoy89TKFdcgviDi01Of+xLsdG2pjiTxUlJ8LEKShOMyMryAU9XdHTSczcBFkHF:1UzRb7W+hJ0r8yM9wdzSczcBFkHF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd25905bdd3a29daf6515c3ce51155f08ab303b50a95196c0877c016f63a184d.exe

Files

dd25905bdd3a29daf6515c3ce51155f08ab303b50a95196c0877c016f63a184d.exe
.exe windows:4 windows x86 arch:x86

5d0d43282eff6279781d6c7c809bf649

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AllocateAndInitializeSid
CopySid
EqualSid
GetLengthSid
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

gdi32

CreateFontIndirectW
DeleteObject
GetObjectW
GetStockObject
SelectObject
SetBkMode
SetTextColor

kernel32

CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_strdup
_stricoll
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_fpreset
_fullpath
_iob
_isctype
_onexit
_pctype
_setmode
abort
atexit
calloc
free
fwrite
malloc
mbstowcs
memcpy
memset
realloc
setlocale
signal
strcoll
strcpy
strlen
tolower
vfprintf
wcstombs

user32

AppendMenuA
BeginPaint
CheckDlgButton
CheckMenuItem
CheckRadioButton
CloseClipboard
CreateCaret
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefDlgProcA
DefWindowProcA
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
DispatchMessageW
DrawEdge
DrawIconEx
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FindWindowA
FlashWindow
GetCapture
GetCaretBlinkTime
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetDoubleClickTime
GetForegroundWindow
GetKeyboardLayout
GetKeyboardState
GetMessageA
GetMessageTime
GetParent
GetQueueStatus
GetScrollInfo
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
HideCaret
InsertMenuA
InvalidateRect
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsZoomed
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MapDialogRect
MessageBeep
MessageBoxA
MessageBoxIndirectA
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetKeyboardState
SetScrollInfo
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoA
ToAsciiEx
TrackPopupMenu
TranslateMessage
UpdateWindow

Sections

.text
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 160B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d0d43282eff6279781d6c7c809bf649

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 460KB - Virtual size: 459KB

.data Size: 181KB - Virtual size: 180KB

.rdata Size: 1KB - Virtual size: 1KB

.eh_fram Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 160B

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 115KB - Virtual size: 115KB

.text
Size: 460KB - Virtual size: 459KB

.data
Size: 181KB - Virtual size: 180KB

.rdata
Size: 1KB - Virtual size: 1KB

.eh_fram
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 160B

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 115KB - Virtual size: 115KB