APRO23_Win_ESD1_WWEFG[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

APRO23_Win_ESD1_WWEFG.exe
Size

478.3MB
MD5

ce5d9c7b1ee3d383f510422f6ef9f81c
SHA1

bbedb72cdac806ff9e765b323af79dca73e65e5e
SHA256

17f601ff0657b5c50ce88ad66d9092a183c9fb65808159e7562930b24681b9ad
SHA512

a915e70a20497f1c4c9df256f3178594f1d45f206abb75946f44084c3f2e68ec1f6ce9e189ca50cd8120b456a85c0d5ec9fcca7384058fe03f65b82d2a504200
SSDEEP

12582912:qg/g9WSADZgawKNFzkL2l/kkLuBWkpg0A:qgSuNNkm/LuUkpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
APRO23_Win_ESD1_WWEFG.exe

Files

APRO23_Win_ESD1_WWEFG.exe
.exe windows x86

27840f49196beb1e3326a4acafadae4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt

shlwapi

PathCompactPathW

kernel32

EnterCriticalSection
LeaveCriticalSection
FileTimeToLocalFileTime
GetLastError
ReadFile
GetStdHandle
WriteFile
Sleep
FreeLibrary
LoadLibraryExA
LoadLibraryA
AreFileApisANSI
LoadLibraryExW
LoadLibraryW
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryW
GetSystemDirectoryW
SetFileAttributesW
SetFileAttributesA
RemoveDirectoryW
RemoveDirectoryA
MoveFileW
MoveFileA
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
GetShortPathNameA
lstrlenA
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryW
SetCurrentDirectoryA
GetCurrentDirectoryW
SearchPathA
SearchPathW
GetTempPathA
GetTempPathW
GetTempFileNameA
GetTempFileNameW
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
CreateFileA
CreateFileW
ResetEvent
SetFilePointer
GetFileInformationByHandle
SetFileTime
SetEndOfFile
CompareFileTime
FileTimeToSystemTime
GetProcAddress
GetModuleHandleW
CreateEventA
VirtualAlloc
VirtualFree
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
ExpandEnvironmentStringsA
GetCommandLineW
GetVersionExA
GetUserDefaultLangID
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
SetConsoleCtrlHandler
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
WaitForSingleObject
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
HeapSize
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
ExitProcess
RtlUnwind
RaiseException
CreateThread
SetEvent
WaitForMultipleObjects
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
VirtualProtect
GetFileSize
GetSystemInfo

user32

EnableWindow
EnumChildWindows
GetWindowDC
GetWindowInfo
CharPrevExA
CheckDlgButton
GetDlgItemTextW
DrawFocusRect
PostMessageA
LoadBitmapA
SendDlgItemMessageA
LoadIconA
SetClassLongA
ShowWindow
GetWindowRect
OffsetRect
MoveWindow
CharToOemA
CharLowerW
CharLowerA
CharUpperW
CharUpperA
DialogBoxParamW
CreateDialogParamW
DialogBoxParamA
GetWindowLongA
SetWindowLongA
CreateDialogParamA
GetWindowTextLengthW
GetWindowTextW
GetWindowTextA
GetWindowTextLengthA
SetWindowTextW
SetWindowTextA
CreateWindowExW
RegisterClassW
RegisterClassA
SendMessageW
LoadStringW
LoadStringA
CharPrevA
CharNextA
MessageBoxW
KillTimer
SetTimer
IsDlgButtonChecked
EndDialog
GetDlgItem
SendMessageA
CreateWindowExA

gdi32

SetBkColor
GetPixel
CreateCompatibleDC
GetObjectA
CreateFontIndirectA
GetDeviceCaps
SelectObject
SetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteW
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
DragFinish
DragQueryFileA
DragQueryFileW

ole32

CoInitialize
CoUninitialize

oleaut32

VariantCopy
VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 460KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27840f49196beb1e3326a4acafadae4c

Headers

File Characteristics

Imports

msimg32

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 344KB - Virtual size: 342KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 40KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 460KB - Virtual size: 458KB

.text
Size: 344KB - Virtual size: 342KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 40KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 460KB - Virtual size: 458KB