8b987e88fd0534c5b3f288e1e0027d53aedf2df6973f10b30747d7d2635191f2

Sharing

Copy URL

Twitter E-mail

General

Target

8b987e88fd0534c5b3f288e1e0027d53aedf2df6973f10b30747d7d2635191f2
Size

353KB
MD5

ed026b2a4127b2ab2c2096572ce0545b
SHA1

61dc7df9cfacc469b6a2ad545e1775570927ba30
SHA256

8b987e88fd0534c5b3f288e1e0027d53aedf2df6973f10b30747d7d2635191f2
SHA512

2cba9d9286efd1eabe7b7a2510f2cec9c94841f2ce09f87a6c02b8ab0983dc5925d63f3afd961aad04ed39fb189bea92f2d433b410d1cade56b2af050df172b0
SSDEEP

6144:k3FsH8UeJNmbYj1FOQ+sJjwI5Mg8QC1N1fdiU:iFMeXm+vtjwcMgilL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b987e88fd0534c5b3f288e1e0027d53aedf2df6973f10b30747d7d2635191f2

Files

8b987e88fd0534c5b3f288e1e0027d53aedf2df6973f10b30747d7d2635191f2
.exe windows:5 windows x86 arch:x86

bd84b3fa783ea557491ab21a0389445c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedExchange
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFileTimeToFileTime
GetLogicalDriveStringsA
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenProcess
OutputDebugStringW
ProcessIdToSessionId
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryA
RtlUnwind
SearchPathW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
WritePrivateProfileStringW
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpyW
GetLocaleInfoA
GetFileType
GetFileSize
GetEnvironmentStringsW
GetEnvironmentStrings
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentProcess
GetComputerNameW
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
ExitThread
ExitProcess
EnumResourceLanguagesA
DosDateTimeToFileTime
DeleteFileA
CreateThread
CreateProcessW
CreateProcessA
CreateFileW
CreateFileA
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CloseHandle
VirtualAlloc
GetModuleHandleW
GetLastError
lstrlenA
GetFileAttributesW
GetDriveTypeW
lstrlenW
GetCurrentProcessId
GetDriveTypeA
GetTickCount
LocalFree
GetFileAttributesA

user32

ShowWindow
SystemParametersInfoA
TabbedTextOutA
TranslateMessage
UnregisterClassA
UnregisterClassW
ShowCursor
SetMenuItemInfoW
SetForegroundWindow
SetDlgItemTextW
SetDlgItemTextA
SetCursor
SendMessageA
SendDlgItemMessageA
RegisterClassW
RegisterClassExW
RegisterClassExA
PostQuitMessage
OpenClipboard
MoveWindow
MessageBoxW
MessageBoxA
LoadStringW
LoadStringA
LoadCursorA
IsDlgButtonChecked
InsertMenuA
ImpersonateDdeClientWindow
IMPSetIMEA
GetWindowRect
GetUpdateRgn
GetTabbedTextExtentA
GetSystemMetrics
GetSubMenu
GetShellWindow
GetMessageA
GetDesktopWindow
GetClientRect
FindWindowW
FindWindowA
EnumWindowStationsW
EnumThreadWindows
EditWndProc
DrawIcon
DrawFrame
DispatchMessageA
DeferWindowPos
DefWindowProcA
DefFrameProcW
DdeSetQualityOfService
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
ClientToScreen
CharPrevExA
CharNextA
AppendMenuA
LoadIconW
GetSysColor
IsWindow
GetKeyState
DestroyWindow
DestroyIcon
LoadIconA

gdi32

GetRasterizerCaps
GetTextFaceAliasW
InvertRgn
OffsetClipRgn
GetPixel
SetPixel
UnrealizeObject
XLATEOBJ_iXlate
cGetTTFFromFOT
GetEnhMetaFileW
GetEnhMetaFileHeader
GetCharacterPlacementA
GdiRealizationInfo
GdiInitSpool
GdiGetSpoolFileHandle
GdiFlush
SetICMProfileA
SelectObject
FixBrushOrgEx
FillPath
ExtCreateRegion
EnumMetaFile
EnumICMProfilesA
EngUnlockSurface
EngFillPath
EngComputeGlyphSet
CreateICW
CreateBitmapIndirect
CloseFigure
CreateCompatibleDC
SetTextAlign
SetBkMode
SetTextColor
GdiEntry7

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetTraceEnableLevel
GetTraceEnableFlags
RegQueryValueExW
RegOpenKeyA
TraceMessage

shell32

SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHGetMalloc
SHGetInstanceExplorer
SHGetIconOverlayIndexW
SHGetFolderPathA
SHGetFileInfoW
SHGetDiskFreeSpaceA
SHGetDataFromIDListA
FindExecutableA
ExtractIconEx
ExtractAssociatedIconExA
CheckEscapesW
ShellExecuteW

Sections

.text
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd84b3fa783ea557491ab21a0389445c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 210KB - Virtual size: 209KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 210KB - Virtual size: 209KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 12KB - Virtual size: 12KB