f20519ad5ba1ffa084da05bdebb97d951651714cf4e4710f7441683301918ab8

Sharing

Copy URL

Twitter E-mail

General

Target

f20519ad5ba1ffa084da05bdebb97d951651714cf4e4710f7441683301918ab8
Size

446KB
MD5

04509ce200349370e706c4e6898f67c2
SHA1

297a51753258c912192caaa895f47660144124be
SHA256

f20519ad5ba1ffa084da05bdebb97d951651714cf4e4710f7441683301918ab8
SHA512

3b128329c7b7cdea6aef251a7517716f4159e3ced558a9be0c1a964b8bada89f7cbc48f171147ec443b8b174f1d8db8d6892e0cb430d7428e65d5b037ef873c2
SSDEEP

6144:8R4GbVOUtKXVgcNX3RVR+64R8cog9kqn2KRmgWDVb/ii4mnj0De0z:GpVuSG9+VRTYgAx/Jj0z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f20519ad5ba1ffa084da05bdebb97d951651714cf4e4710f7441683301918ab8

Files

f20519ad5ba1ffa084da05bdebb97d951651714cf4e4710f7441683301918ab8
.exe windows:5 windows x86 arch:x86

eadd32d8212b78a97dd6568257557cc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
lstrlenW
lstrlenA
lstrcpynW
lstrcpyW
lstrcmpiW
lstrcmpW
lstrcatW
_hwrite
WriteProfileStringA
WritePrivateProfileStringW
WriteFile
WriteConsoleA
WideCharToMultiByte
VerifyVersionInfoA
UnhandledExceptionFilter
TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetLastError
SetFilePointerEx
SetFilePointer
SetFileAttributesW
SetConsoleCursorInfo
SetComputerNameW
SetCalendarInfoA
SearchPathW
RequestDeviceWakeup
ReadFile
ReadConsoleOutputW
QueryPerformanceCounter
OpenEventA
MultiByteToWideChar
MoveFileExA
Module32Next
LockResource
LocalUnlock
LocalLock
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryA
LCMapStringA
IsBadStringPtrW
IsBadStringPtrA
InterlockedCompareExchange
GlobalUnlock
GlobalSize
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetWindowsDirectoryW
GetVersionExW
GetTickCount
GetTempPathW
GetTempFileNameW
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetStringTypeExA
GetStartupInfoA
GetShortPathNameW
GetProfileStringA
GetProcessHeaps
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
GetModuleFileNameA
GetLocalTime
GetLastError
GetFullPathNameW
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesExA
GetEnvironmentVariableA
GetDiskFreeSpaceW
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleFontSize
GetConsoleAliasW
GetCommandLineW
FreeLibrary
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
EnumSystemLocalesW
EnumSystemLanguageGroupsA
DeleteFileW
CreateTimerQueue
CreateProcessW
CreateFileW
CopyFileW
CompareStringW
CloseHandle
GetModuleHandleA
CreateFileA

user32

ShowWindow
SystemParametersInfoW
TranslateMessage
UpdateWindow
VkKeyScanExA
WinHelpW
keybd_event
wsprintfA
wsprintfW
SetWindowTextW
SetWindowLongW
SetTimer
SetSysColors
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetCursor
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
RemovePropW
ReleaseDC
RegisterDeviceNotificationA
RegisterClassW
RegisterClassA
PtInRect
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
MoveWindow
MessageBoxW
MessageBoxA
MapWindowPoints
MapVirtualKeyW
LockWindowUpdate
LoadStringW
LoadStringA
LoadImageW
LoadIconW
LoadIconA
LoadCursorW
LoadBitmapW
KillTimer
IsWindowEnabled
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsCharAlphaA
InvalidateRect
InsertMenuW
InflateRect
GetWindowRect
GetThreadDesktop
GetSystemMenu
GetSysColorBrush
GetNextDlgTabItem
GetMessageW
GetMenuBarInfo
GetLastActivePopup
GetIconInfo
GetGuiResources
GetDlgItemTextW
GetDlgItem
GetDC
GetAltTabInfo
FindWindowW
FindWindowA
FillRect
EndPaint
EndDialog
EnableWindow
DrawTextW
DrawStateW
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DialogBoxParamW
DefWindowProcA
DefDlgProcW
DdeConnectList
DdeConnect
CreateWindowExA
CreateDialogParamW
CloseWindow
CheckRadioButton
CheckDlgButton
CharPrevW
CharNextW
CallMsgFilter
BringWindowToTop
BeginPaint
CharLowerW
GetClipboardData
LoadCursorFromFileW
DestroyWindow
GetCaretBlinkTime
GetDlgCtrlID
CreatePopupMenu
VkKeyScanA
CharUpperW
GetDesktopWindow
GetListBoxInfo
VkKeyScanW
IsGUIThread
CountClipboardFormats
GetQueueStatus
EndMenu
GetMessagePos
DrawMenuBar
GetMessageExtraInfo
GetWindowTextLengthW
GetProcessWindowStation
GetShellWindow
GetClipboardOwner
GetKeyboardLayout
CharLowerA
GetSystemMetrics
DestroyIcon
IsWindowVisible
OpenIcon
GetSysColor
AnyPopup
GetClipboardViewer
CopyIcon
GetKeyState
CreateMenu
GetActiveWindow
InSendMessage
ReleaseCapture
CloseClipboard
GetMessageTime
GetWindowContextHelpId
EnumClipboardFormats
GetKeyboardType
CharNextA
GetOpenClipboardWindow
DestroyCursor
GetInputState
WindowFromDC
GetParent

gdi32

GdiReleaseDC
GetStockObject
GetBitmapDimensionEx
GetCharWidth32A
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetGlyphOutlineWow
GetICMProfileW
GetMetaFileBitsEx
GetNearestColor
GetNearestPaletteIndex
GetObjectW
GetPaletteEntries
GetTextExtentExPointA
GetTextExtentPoint32W
GetTextMetricsW
IntersectClipRect
PatBlt
PathToRegion
GdiGetPageHandle
RectInRegion
RestoreDC
EngPlgBlt
SelectObject
SelectPalette
SetBitmapDimensionEx
SetBkColor
SetBkMode
SetBoundsRect
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetPaletteEntries
SetStretchBltMode
SetTextColor
StretchBlt
StretchDIBits
TextOutA
TextOutW
bInitSystemAndFontsDirectoriesW
GdiConvertFont
FillPath
ExtFloodFill
PlayMetaFileRecord
ExtCreateRegion
CreatePen
CreatePatternBrush
CreatePalette
CreateICW
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateCompatibleBitmap
CreateBitmap
ColorCorrectPalette
BitBlt
BRUSHOBJ_hGetColorTransform
CreateSolidBrush
GetTextCharacterExtra
EndDoc
CancelDC
DeleteMetaFile
GetBkMode
CreateHalftonePalette
GetTextColor
GetLayout
GdiGetBatchLimit
CreateMetaFileA
GetBkColor
SetMetaRgn
CreateCompatibleDC
GetPixelFormat
DeleteDC
CloseMetaFile
SwapBuffers
BeginPath
AbortPath
SelectClipRgn
SaveDC
RealizePalette
UnrealizeObject
CloseEnhMetaFile
GetEnhMetaFileA
GetSystemPaletteUse
DeleteEnhMetaFile
DeleteObject

comdlg32

GetOpenFileNameW
GetFileTitleW
CommDlgExtendedError
GetSaveFileNameW

advapi32

OpenProcessToken
StartServiceW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegOpenKeyW
LookupAccountSidW
IsValidSid
GetUserNameW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
FreeSid
EqualSid
CloseServiceHandle
AllocateAndInitializeSid
RegQueryValueExW

shell32

DragAcceptFiles
SHGetSpecialFolderLocation
SHGetDataFromIDListA
SHEmptyRecycleBinA
SHChangeNotify
SHBindToParent
DragQueryFileAorW
SHGetFolderPathW

ole32

CoInitialize
CoTaskMemFree
CoUninitialize
CoCreateInstance

shlwapi

StrStrA
StrRStrIW
StrRChrIA
StrRChrIW

comctl32

PropertySheetW

msvcrt

_cexit
wcstombs
sprintf
memmove
mbstowcs
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_controlfp
_except_handler3
_exit
_getmbcp
_initterm
exit
free
malloc

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eadd32d8212b78a97dd6568257557cc7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

msvcrt

Sections

.text Size: 235KB - Virtual size: 234KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 72KB - Virtual size: 71KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 235KB - Virtual size: 234KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 9KB - Virtual size: 9KB