a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8

Sharing

Copy URL

Twitter E-mail

General

Target

a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8
Size

663KB
MD5

16d809757e4fe9d7b603efb0508a6242
SHA1

ccc93c678580888a4da405b61a1710297a1c3448
SHA256

a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8
SHA512

b2ebbafba80d94fb729ca5c3eb1f0c5c57cbb414358e181ac804e586bab3a385af49d0e8d9e3e7866c8944000fe1a9c00a5ab6fc5764d18005f5e4b631e32504
SSDEEP

12288:AHcRey4pHcRey4pHcRey4vyqCIkykwW1yaL7TOuCc:ACqCqCj1bykwW11TOnc

Score

1^/10

Malware Config

Signatures

Files

a033824a885207df6a9cf3d33fb0d7b113af10e943c9a6c8856448a374d191f8
.exe windows:4 windows x86 arch:x86

091b938e06f887747da798740da4dd21

Code Sign

56:20:3a:72:ec:0a:bf:b6:4f:62:f4:33:0b:1e:0c:a5
Certificate

Issuer

CN=DIRRTODAWPRIVFWQXE

Not Before

30/09/2020, 12:53

Not After

31/12/2039, 23:59

Subject

CN=DIRRTODAWPRIVFWQXE

Extended Key Usages

ExtKeyUsageCodeSigning

02:19:14:0b:3d:b8:f3:b5:c6:7e:3a:c9:eb:18:df:c4:78:6f:4d:70
Signer

Actual PE Digest

02:19:14:0b:3d:b8:f3:b5:c6:7e:3a:c9:eb:18:df:c4:78:6f:4d:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
lstrlenW
lstrcpynW
LoadLibraryExW
SetErrorMode
MultiByteToWideChar
GetLastError
HeapFree
GetProcessHeap
HeapAlloc
HeapReAlloc
GetCPInfoExW
GetProcAddress
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetVersionExA
GetStartupInfoA
ExitProcess
GetModuleHandleA
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
InterlockedIncrement
SetLastError
InterlockedDecrement
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleW
HeapDestroy
HeapCreate
OutputDebugStringA
GetCPInfo
GetOEMCP
LCMapStringA
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
VirtualProtect
VirtualQuery
FlushFileBuffers
ReadFile
CloseHandle

user32

GetSystemMetrics
SetWindowPos
GetForegroundWindow
GetWindowRect
LoadStringW
LoadCursorW
SetCursor
SetWindowLongW
MessageBoxW
SetWindowTextW
GetWindowTextW
DestroyCursor
SetFocus
PostMessageW
ReleaseDC
GetDC
SystemParametersInfoW
GetDlgItem
SendMessageW
EnableWindow
ShowWindow
LoadCursorFromFileA
LoadCursorFromFileW
LoadIconA
GetClipboardViewer

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps
UnrealizeObject
TextOutA
TextOutW
StretchDIBits
StretchBlt
StartPage
StartDocA
StartDocW
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetDCPenColor
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
OffsetRgn
MoveToEx
MaskBlt
LineTo
LPtoDP
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetViewportOrgEx
GetTextMetricsW
GetTextFaceA
GetTextExtentPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextColor
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetNearestPaletteIndex
GetMapMode
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetCurrentObject
GetClipRgn
GetClipBox
GetBrushOrgEx
GetBkMode
GetBkColor
GetBitmapBits
GdiFlush
FrameRgn
ExtTextOutW
ExtFloodFill
ExcludeClipRect
EnumFontsW
EnumFontFamiliesExW
EndPage
EndDoc
Ellipse
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePenIndirect
CreatePen
CreatePatternBrush
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontA
CreateFontW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineRgn
CloseEnhMetaFile
Chord
BitBlt
ArcTo
Arc
AngleArc
AbortDoc

comctl32

ord17

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

r421
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

r42
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata2
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g2
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r422
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

091b938e06f887747da798740da4dd21

Code Sign

56:20:3a:72:ec:0a:bf:b6:4f:62:f4:33:0b:1e:0c:a5Certificate

Extended Key Usages

02:19:14:0b:3d:b8:f3:b5:c6:7e:3a:c9:eb:18:df:c4:78:6f:4d:70Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

.text Size: 15KB - Virtual size: 15KB

r421 Size: 512B - Virtual size: 1B

r42 Size: 512B - Virtual size: 1B

.rdata2 Size: 98KB - Virtual size: 97KB

.rdata Size: 196KB - Virtual size: 195KB

.data Size: 8KB - Virtual size: 8KB

r4 Size: 3KB - Virtual size: 2KB

g2 Size: 512B - Virtual size: 1B

g Size: 232KB - Virtual size: 231KB

r422 Size: 512B - Virtual size: 1B

.rsrc Size: 106KB - Virtual size: 105KB

56:20:3a:72:ec:0a:bf:b6:4f:62:f4:33:0b:1e:0c:a5
Certificate

02:19:14:0b:3d:b8:f3:b5:c6:7e:3a:c9:eb:18:df:c4:78:6f:4d:70
Signer

.text
Size: 15KB - Virtual size: 15KB

r421
Size: 512B - Virtual size: 1B

r42
Size: 512B - Virtual size: 1B

.rdata2
Size: 98KB - Virtual size: 97KB

.rdata
Size: 196KB - Virtual size: 195KB

.data
Size: 8KB - Virtual size: 8KB

r4
Size: 3KB - Virtual size: 2KB

g2
Size: 512B - Virtual size: 1B

g
Size: 232KB - Virtual size: 231KB

r422
Size: 512B - Virtual size: 1B

.rsrc
Size: 106KB - Virtual size: 105KB