6298d7669cde087fb0bae0dbef12a2a722ad81dad75cc931c30e4f46084f1358

Sharing

Copy URL Twitter E-mail

General

Target

6298d7669cde087fb0bae0dbef12a2a722ad81dad75cc931c30e4f46084f1358
Size

1.4MB
MD5

008770b9ac1df657071f0ddab0a8d3ca
SHA1

b9ff811030ff99525e8d3e7ec6451ec76ef267ec
SHA256

6298d7669cde087fb0bae0dbef12a2a722ad81dad75cc931c30e4f46084f1358
SHA512

a2272a479aa92e090fc3cb32ee083d30164cdccd83aa295ea2908d3eb372f085dc9270b2b3c2679ce6d8b553da64f549fa4265a68349c7fadf2ff0855817ddac
SSDEEP

24576:Diee0wzjwRCILKjZi3FPgJegfLPkhJsQ/EJKZa5sY/:Diee0wzsQILK0IJesL831sJaa5sM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6298d7669cde087fb0bae0dbef12a2a722ad81dad75cc931c30e4f46084f1358

Files

6298d7669cde087fb0bae0dbef12a2a722ad81dad75cc931c30e4f46084f1358
.exe windows x86

e39d3eb770db4cd01a711b5e91a1367b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCA
PathFindExtensionA
PathAppendA
PathStripToRootA
PathFindFileNameA
PathRemoveBackslashA
PathCombineA
PathAddBackslashA
PathRemoveFileSpecA
PathIsDirectoryA
PathFileExistsA

setupapi

SetupInstallFileA

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetModuleHandleW
GetCurrentDirectoryA
SetErrorMode
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
VirtualAlloc
HeapReAlloc
ExitProcess
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
VirtualFree
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
WriteFile
ReadFile
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GlobalAlloc
GetCurrentProcessId
MulDiv
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
SetLastError
FreeLibrary
lstrcmpW
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
FindResourceExA
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
GetLocalTime
FlushFileBuffers
OutputDebugStringA
CreateFileA
GetFileAttributesA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempFileNameA
MultiByteToWideChar
FormatMessageA
RemoveDirectoryA
CopyFileA
GetSystemDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetVersionExA
GetShortPathNameA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
Sleep
WritePrivateProfileStringA
GetLongPathNameA
CloseHandle
CreateMutexA
DeleteFileA
GetPrivateProfileIntA
CreateDirectoryA
GetPrivateProfileStringA
GetTempPathA
GetDriveTypeA
GetLogicalDrives
SetFileAttributesA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetLastError
GetFileSize
GetModuleFileNameA
CreateFileW

user32

UnregisterClassA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
CharUpperA
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
GetFocus
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
EnableWindow
LoadBitmapA
GetWindowRect
RemovePropA
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
SendMessageA
LoadIconA
GetSystemMenu
AppendMenuA
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
RedrawWindow
KillTimer
MessageBoxA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow

gdi32

GetDeviceCaps
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectA
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
SetMapMode

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegFlushKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteExA
SHFileOperationA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

?g_nVerbose@@3HA

Sections

.text
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e39d3eb770db4cd01a711b5e91a1367b

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 253KB - Virtual size: 253KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 253KB - Virtual size: 253KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 45KB - Virtual size: 44KB