43563b33d397f4fc531d6e27953efe75ebb516051da231d9eebe9414b366985e[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

43563b33d397f4fc531d6e27953efe75ebb516051da231d9eebe9414b366985e.exe
Size

304KB
MD5

50d7ba7726d71cf89b575f58ae858eb0
SHA1

4d76ece9e1a6096a96c18b6ea39cde5560e7ce96
SHA256

43563b33d397f4fc531d6e27953efe75ebb516051da231d9eebe9414b366985e
SHA512

6233081bff0461550ff19cdfa1108f870713f2ca26af856a0809eb7d4b6aafcdea6b4636660bbd7714294019c383fa9fe929af178b3310dea79a762bae989ff2
SSDEEP

6144:Z9BOn/SxQbXbqImrbzVR8SeRnZQ6SS/PTRu/3XrD:KbqImrfVR8S0ZQ6tD4/nrD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43563b33d397f4fc531d6e27953efe75ebb516051da231d9eebe9414b366985e.exe

Files

43563b33d397f4fc531d6e27953efe75ebb516051da231d9eebe9414b366985e.exe
.exe windows:4 windows x86 arch:x86

b26fa37a73a8990fed7c3dd42c9c2493

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\checkpoints\TPDrv\Do_Not_Release_v11_0_4\Access\SynMood\Release\SynMood.pdb

Imports

kernel32

SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GlobalFlags
WritePrivateProfileStringW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
FormatMessageW
MulDiv
FreeResource
GlobalAddAtomW
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
MultiByteToWideChar
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetModuleHandleW
lstrlenW
WideCharToMultiByte
GetCurrentProcessId
GetModuleFileNameW
GetLastError
CreateThread
SetThreadPriority
WaitForSingleObjectEx
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
SetEvent
WaitForSingleObject
TerminateThread
CreateEventW
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
GetTickCount
LocalAlloc
LocalFree
SetLastError
DeviceIoControl
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
InitializeCriticalSection
ExitProcess
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileW
GlobalUnlock
GlobalFree
UnmapViewOfFile
VirtualFree
CloseHandle

user32

LoadCursorW
GetSysColorBrush
ShowWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetSysColor
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextW
TabbedTextOutW
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
UnregisterClassW
DestroyMenu
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
RegisterClassW
CreateWindowExW
PeekMessageW
DestroyWindow
DefWindowProcW
PostMessageW
PostQuitMessage
GetSystemMetrics
EnableWindow
LoadIconW
SetTimer
InvalidateRect
ReleaseDC
GetDC
GetClientRect
IsIconic
SendMessageW
DrawIcon
DrawTextExW
UnregisterClassA

gdi32

SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetObjectW
RealizePalette
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
DeleteObject
CreatePalette
StretchDIBits
SelectPalette

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindExtensionW
PathFindFileNameW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b26fa37a73a8990fed7c3dd42c9c2493

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 128KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 128KB

.rsrc
Size: 108KB - Virtual size: 108KB