dd3693e034ca9b32d866d4215d67d2c6e6cd0b758c57499d941458a62344e0ea

Sharing

Copy URL

Twitter E-mail

General

Target

dd3693e034ca9b32d866d4215d67d2c6e6cd0b758c57499d941458a62344e0ea
Size

197KB
MD5

c5828e12d2e3d70cd73e8868f603abaa
SHA1

c22e8fddb6af667521428aaaa35ef8711b1130a7
SHA256

dd3693e034ca9b32d866d4215d67d2c6e6cd0b758c57499d941458a62344e0ea
SHA512

d4229c12c974f2a796e4aef38e3e39f970403c2df308d59e75e5c099aa354dc426bea204035ca5fdf11b805489ff99de1df6a8d5f71741971318d99f78b3f503
SSDEEP

3072:AjB33b++Q0Yg5l5D+H/AWVEDbqrB1YSEh0TAMvRKThRuxEBylvAoDrIb75GMYyRF:Aj4+QpE+BEsbbvRWexEk1tIkMBxM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd3693e034ca9b32d866d4215d67d2c6e6cd0b758c57499d941458a62344e0ea

Files

dd3693e034ca9b32d866d4215d67d2c6e6cd0b758c57499d941458a62344e0ea
.exe windows:4 windows x86 arch:x86

9c861e307122c748e01d07f5df04f28a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

RpcStringBindingComposeA
NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringFreeA

shlwapi

PathCanonicalizeW
PathStripToRootW
PathIsRelativeW
PathIsRootW
PathIsURLW
PathCombineW

user32

ToAscii
ChildWindowFromPoint
WinHelpW
IsClipboardFormatAvailable
SetWindowPos
DrawEdge
EmptyClipboard
SetScrollRange
DefWindowProcW
CallNextHookEx
RegisterClassW
MonitorFromWindow
SetWindowsHookExW
SetClipboardData
DestroyIcon
ClipCursor
DestroyCursor
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor

comctl32

ImageList_GetIconSize
ImageList_DrawEx
ImageList_Add
ImageList_Create
ImageList_Destroy

gdi32

PlgBlt
AnimatePalette
ExtCreatePen
FlattenPath
GetBitmapBits
SetTextColor
GetBkColor
PolyBezier
SetStretchBltMode
CreateFontIndirectA
CreatePen
StrokePath
RoundRect
GetPath
SetDIBits

kernel32

SetEndOfFile
FindResourceExA
SearchPathW
CreateFiberEx
LocalAlloc
UnlockFile
SetCommConfig
IsDBCSLeadByte
GetFileType
FileTimeToLocalFileTime
EnumResourceNamesW
FlushFileBuffers
GetSystemTime
GetVersionExW
FlushFileBuffers
FileTimeToSystemTime
GetProfileStringW
GetUserDefaultLangID
VerLanguageNameW
GetFileAttributesA
GetFileTime
CompareStringW
LockFile
GetVolumeInformationW
GetSystemDirectoryW

comdlg32

GetFileTitleA

ole32

OleDuplicateData
CLSIDFromProgID
CoGetClassObject
GetHGlobalFromStream
CoCreateInstance
ProgIDFromCLSID
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
RegisterDragDrop
RevokeDragDrop
CLSIDFromString
OleRegGetUserType
CoTaskMemAlloc
CoCreateGuid
StgOpenStorageOnILockBytes
OleGetAutoConvert
ReleaseStgMedium
CoTaskMemFree
StringFromCLSID
CoGetMalloc
GetHGlobalFromILockBytes
OleRun
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c861e307122c748e01d07f5df04f28a

Headers

File Characteristics

Imports

rpcrt4

shlwapi

user32

comctl32

gdi32

kernel32

comdlg32

ole32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 18KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 18KB

.lib
Size: 512B - Virtual size: 352KB