3203b26d0eca72cc8ba57d9a51a08b637c626ae9cb112f2bca618643383abaaf

Sharing

Copy URL Twitter E-mail

General

Target

3203b26d0eca72cc8ba57d9a51a08b637c626ae9cb112f2bca618643383abaaf
Size

2.9MB
MD5

4656b8a460c7dbad22236ac1cf5ad44a
SHA1

0df6977dd9a21d011fca5e5e15b0bcc77be021ff
SHA256

3203b26d0eca72cc8ba57d9a51a08b637c626ae9cb112f2bca618643383abaaf
SHA512

68a0e5ae09237ffc87149b38c04e98fc65cc244790bd4d1b7a27311ae7e6caa431eef0a592d93a324a878ecd9560969654820a15c0e51d9e4065f368274c1aff
SSDEEP

49152:mpUMIOWQ4TlHYZc6eIHZMO8GF8LQYVmlegTaSf1kDqZ+UnK:DoWzWZyObF8zklRTftkDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3203b26d0eca72cc8ba57d9a51a08b637c626ae9cb112f2bca618643383abaaf

Files

3203b26d0eca72cc8ba57d9a51a08b637c626ae9cb112f2bca618643383abaaf
.exe windows x86

48459792161ac4b21fb18fb9fb336ff3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripPathA
PathFileExistsA
PathAddBackslashA
PathIsDirectoryA

setupapi

SetupCopyOEMInfA
SetupInstallFileA

kernel32

GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
FreeLibrary
MulDiv
GetCurrentThread
GlobalAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
RtlUnwind
HeapFree
RaiseException
HeapAlloc
GetModuleHandleA
GetCommandLineA
ExitProcess
SetStdHandle
GetFileType
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetACP
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetLastError
GetFileTime
GetFileSize
GetFileAttributesA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
LoadLibraryA
GetProcAddress
InterlockedExchange
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
OutputDebugStringA
lstrcmpA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetLocalTime
GetLogicalDrives
GetDriveTypeA
SetFileAttributesA
FormatMessageA
GetSystemDirectoryA
GetWindowsDirectoryA
GetCurrentProcess
GetVersionExA
CreateMutexA
CloseHandle
GetLongPathNameA
GetModuleFileNameA
lstrcatA
GetTempFileNameA
CreateProcessA
WaitForSingleObject
WritePrivateProfileStringA
Sleep
GetPrivateProfileIntA
GetShortPathNameA
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
GetTempPathA
DeleteFileA
CreateDirectoryA
GetPrivateProfileStringA
CopyFileA
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
GetStartupInfoA

user32

SendDlgItemMessageA
UpdateWindow
PostMessageA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
PostQuitMessage
SetCursor
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
DestroyMenu
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
CharUpperA
wsprintfA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
ExitWindowsEx
KillTimer
RedrawWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SetTimer
LoadIconA
EnableWindow
LoadBitmapA
GetWindowRect
SendMessageA
AdjustWindowRect
GetMessagePos
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteObject
SetViewportExtEx
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectA
GetStockObject
SelectObject
RestoreDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

SHGetSpecialFolderPathA
SHFileOperationA
ShellExecuteA

comctl32

ord17

Exports

Exports

?g_nVerbose@@3HA

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48459792161ac4b21fb18fb9fb336ff3

Headers

File Characteristics

Imports

shlwapi

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 44KB - Virtual size: 41KB