e1e22560d3307c36f4579658f1b746e5483c3551f6ef71731189c088c7d2359d

Sharing

Copy URL Twitter E-mail

General

Target

e1e22560d3307c36f4579658f1b746e5483c3551f6ef71731189c088c7d2359d
Size

4.2MB
MD5

26c8c357a646c726891af3e6b19e66df
SHA1

776b0f5a74f549372f7880a238c2e8b32d1d1aea
SHA256

e1e22560d3307c36f4579658f1b746e5483c3551f6ef71731189c088c7d2359d
SHA512

c38b20c22cdd9a3e4a1f0f622e3b7c6f37024545dc28da2dc85ae24a949c41e462841058f8d1209996a8230f8d0953c948729b30b0af4570667711a2c09e73e2
SSDEEP

98304:GP6bZvD60UR5zuckoztmdUjnjkblHdlv/v04kdJQ4uYpeCI:GP6b8VmkjgFdlv/5S/pw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1e22560d3307c36f4579658f1b746e5483c3551f6ef71731189c088c7d2359d

Files

e1e22560d3307c36f4579658f1b746e5483c3551f6ef71731189c088c7d2359d
.exe windows x86

1615574b14d10a7e64c4a0e09dc3cd6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetPrivateProfileStringA
GetFileTime
GetTempFileNameA
GetFullPathNameA
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
FileTimeToSystemTime
GetCPInfo
GetOEMCP
GetACP
GetCurrentDirectoryA
DeleteFileA
lstrcmpiA
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
SetErrorMode
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
VirtualAlloc
VirtualQuery
ExitThread
CreateThread
HeapSize
HeapQueryInformation
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
GetStringTypeW
CompareStringW
LCMapStringW
GetTimeZoneInformation
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleHandleW
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
GlobalGetAtomNameA
GlobalAddAtomA
FreeResource
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcessId
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
lstrlenA
WideCharToMultiByte
FindResourceW
GetSystemInfo
WaitForSingleObject
InterlockedIncrement
lstrcpyA
ResumeThread
CloseHandle
GetModuleFileNameA
LockResource
SetThreadPriority
GetFileAttributesA
SizeofResource
Sleep
WriteFile
GetCurrentThread
GetCurrentProcess
InterlockedDecrement
LoadResource
FindResourceA
CreateFileA
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetLastError
GetLastError
DeactivateActCtx
ActivateActCtx

user32

InflateRect
UnregisterClassA
GetSysColorBrush
WindowFromPoint
GetMenuItemInfoA
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
UnionRect
LoadAcceleratorsW
LoadMenuW
CharUpperA
CopyAcceleratorTableA
SetCapture
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
DrawIcon
SetWindowRgn
CreateMenu
RedrawWindow
DestroyAcceleratorTable
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
IsClipboardFormatAvailable
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
GetWindowRgn
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
GetNextDlgTabItem
RealChildWindowFromPoint
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetClassNameA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
SetWindowPos
LoadImageA
DestroyIcon
SetFocus
GetActiveWindow
EqualRect
GetDlgItem
GetDlgCtrlID
LoadIconW
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
UpdateWindow
IsIconic
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
GetMenu
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
TranslateAcceleratorA
SetWindowLongA
InvalidateRect
PtInRect
GetWindowRect
OffsetRect
SetRectEmpty
IsZoomed
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
UnhookWindowsHookEx
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
CopyRect
IsWindow
SendMessageA
LoadBitmapW
GetSystemMetrics
EnableWindow
IntersectRect
GetClientRect
GetKeyState
KillTimer
SetTimer
EndDialog
GetMessageA
LoadCursorW
LoadCursorA
DestroyCursor
SetRect
RegisterClipboardFormatA
TrackPopupMenu
CreateDialogIndirectParamA
TranslateMessage
GetCursorPos
ValidateRect
MapDialogRect
ShowOwnedPopups
PostQuitMessage
MoveWindow
SetWindowTextA
IsDialogMessageA
GetWindowTextLengthA

gdi32

CombineRgn
GetBkColor
CreateDIBitmap
PatBlt
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
CreateSolidBrush
Rectangle
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchBlt
BitBlt
SetRectRgn
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
DPtoLP
GetViewportOrgEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CreateDCA
CopyMetaFileA
CreateHatchBrush
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
GetStockObject
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
SetMapMode
ScaleWindowExtEx
EnumFontFamiliesA
GetTextCharsetInfo
GetTextColor
GetRgnBox
CreateRectRgnIndirect
SetPixelV
SetPaletteEntries
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
GetTextFaceA
GetWindowOrgEx
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
SetPixel
EnumFontFamiliesExA
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA

shell32

SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder

ole32

OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
CreateStreamOnHGlobal
CoLockObjectExternal
OleGetClipboard
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateGuid
OleDuplicateData
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

VariantChangeType
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1615574b14d10a7e64c4a0e09dc3cd6f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 258KB - Virtual size: 257KB

.data Size: 22KB - Virtual size: 52KB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 258KB - Virtual size: 257KB

.data
Size: 22KB - Virtual size: 52KB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB