e0bb1455bd82c54b81a41ab9d66aafe64756105d31308d905b3c256d6b31f3b1

Sharing

Copy URL Twitter E-mail

General

Target

e0bb1455bd82c54b81a41ab9d66aafe64756105d31308d905b3c256d6b31f3b1
Size

5.1MB
MD5

933f3da641f81527d1fce52db1f656cf
SHA1

a0b940c06727b3788ede5443da971f2f54a6f474
SHA256

e0bb1455bd82c54b81a41ab9d66aafe64756105d31308d905b3c256d6b31f3b1
SHA512

f5b1f1ae3b88c99db181032a3062fac83e42786539be653175a36a43fc1fd58b288f880ca62d384261d1898c25260c577384fbf010de14b1e01c47469bd78e0d
SSDEEP

49152:mjPYZ1JoTbQZX8oI/AonGIVFAkn/YLQ90o:m2XoTbQi/Cw5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0bb1455bd82c54b81a41ab9d66aafe64756105d31308d905b3c256d6b31f3b1

Files

e0bb1455bd82c54b81a41ab9d66aafe64756105d31308d905b3c256d6b31f3b1
.exe windows x86

5a22e0edce4541b1e710ff29f4d94475

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileAttributesW
GetFileSizeEx
SetErrorMode
GetStartupInfoW
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitProcess
ExitThread
CreateThread
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
SystemTimeToFileTime
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
FatalAppExitA
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
FileTimeToSystemTime
lstrlenA
GetAtomNameW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentDirectoryW
GlobalFlags
GetModuleHandleA
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
CopyFileW
GlobalSize
MulDiv
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
InterlockedDecrement
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrlenW
GetCurrentProcessId
GlobalAddAtomW
SetThreadPriority
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GlobalAlloc
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FreeResource
FindResourceW
LoadResource
SizeofResource
SetCommBreak
ClearCommBreak
ReadFile
ClearCommError
WriteFile
FormatMessageW
LocalFree
SuspendThread
ResumeThread
WaitForMultipleObjects
InitializeCriticalSection
EnterCriticalSection
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
PurgeComm
LeaveCriticalSection
CreateFileW
GetLastError
CloseHandle
WideCharToMultiByte
Sleep
WaitForSingleObject
GetSystemTime
SetEvent
ResetEvent
CreateEventW
MultiByteToWideChar
FreeLibrary
QueryPerformanceCounter
LoadLibraryW

user32

SetWindowRgn
GetDialogBaseUnits
GetSysColorBrush
DestroyIcon
CharUpperW
UnregisterClassW
UnionRect
SetRect
GetDCEx
LockWindowUpdate
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
DestroyCursor
SetCursorPos
RedrawWindow
ReleaseDC
GetDC
InflateRect
WaitMessage
LoadCursorW
WindowFromPoint
SetCapture
ClientToScreen
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetMenuBarInfo
ReleaseCapture
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
LoadMenuW
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
DrawIcon
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
UnhookWindowsHookEx
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
ScrollWindowEx
SetFocus
ShowWindow
MoveWindow
UpdateWindow
EnableWindow
KillTimer
SendMessageW
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
MapVirtualKeyW
GetKeyNameTextW
SystemParametersInfoW
GetMenuItemInfoW
SetParent
ShowOwnedPopups
SetCursor
GetSystemMenu
DeleteMenu
IsRectEmpty
EndPaint
BeginPaint
ScrollWindow
GetWindowDC
LoadBitmapW
GetSubMenu
SetMenuItemBitmaps
MessageBoxW
PostMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
SetTimer
GetWindowRect
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
SetWindowsHookExW
CallNextHookEx
GetMessageW
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetDesktopWindow
GetActiveWindow
GetScrollRange

gdi32

ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
SetWindowExtEx
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
GetTextMetricsW
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
CreateRectRgn
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreatePen
CreateBitmap
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
StretchDIBits
DeleteDC
CreateFontW
GetCharWidthW
DeleteObject
SelectObject
PatBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SelectClipPath

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyW
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegSetValueW
RegDeleteValueW
RegQueryValueW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

DragFinish
ExtractIconW
SHGetFileInfoW
DragQueryFileW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW
PathRemoveFileSpecW

ole32

StringFromGUID2
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromString
CoUninitialize
CoInitializeEx
CreateBindCtx

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate

Sections

.textbss
Size: - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 713KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a22e0edce4541b1e710ff29f4d94475

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.textbss Size: - Virtual size: 322KB

.text Size: 713KB - Virtual size: 712KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 2.6MB - Virtual size: 2.6MB

.idata Size: 15KB - Virtual size: 15KB

.didat Size: 1024B - Virtual size: 793B

.rsrc Size: 1.7MB - Virtual size: 1.8MB

.textbss
Size: - Virtual size: 322KB

.text
Size: 713KB - Virtual size: 712KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 2.6MB - Virtual size: 2.6MB

.idata
Size: 15KB - Virtual size: 15KB

.didat
Size: 1024B - Virtual size: 793B

.rsrc
Size: 1.7MB - Virtual size: 1.8MB