5155784bae9e7b449e2f955d82a69ac01fea7e74cbc2910cf74fc17350e8fbe9

Sharing

Copy URL Twitter E-mail

General

Target

5155784bae9e7b449e2f955d82a69ac01fea7e74cbc2910cf74fc17350e8fbe9
Size

845KB
MD5

7d8789d837e6b1036dfed60f4307cd02
SHA1

b3bc49988de0b89df62cb3672d20486ca2b8a89c
SHA256

5155784bae9e7b449e2f955d82a69ac01fea7e74cbc2910cf74fc17350e8fbe9
SHA512

9df4bf12af60c36cfb77ec5f44d77eaf07f518b7d109258bca6d649b9fdfbdea1a73bd60ae5b8624c84cc36589af0e9d1bff835e4ed49bddc12572158f61abb3
SSDEEP

12288:NzIIpzdO9lMpAb/uVUpob/8OvHs3tbP0pvxkep5ZNmu:2Ipzdqnzu+pS0+M3tb0pvaep5ZMu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5155784bae9e7b449e2f955d82a69ac01fea7e74cbc2910cf74fc17350e8fbe9

Files

5155784bae9e7b449e2f955d82a69ac01fea7e74cbc2910cf74fc17350e8fbe9
.exe windows x86

1ab096b1d1e25751e02656530d081263

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcessModules
GetModuleBaseNameA
EnumProcesses

kernel32

SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitThread
CreateThread
UnlockFile
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LockFile
SetFilePointer
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetThreadLocale
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalAddAtomA
FreeResource
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
lstrcmpA
GlobalDeleteAtom
CreateEventA
SuspendThread
SetEvent
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalFree
GlobalAlloc
FormatMessageA
MulDiv
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetCurrentProcessId
SetLastError
FlushFileBuffers
WriteFile
GlobalLock
GlobalUnlock
CreateFileA
LocalFree
InterlockedDecrement
GetDriveTypeA
GetLogicalDriveStringsA
SetCurrentDirectoryA
CreateMutexA
GetTempPathA
GetVersion
CloseHandle
CompareStringA
GetModuleFileNameA
CreatePipe
LockResource
FindClose
EnterCriticalSection
CopyFileA
GetLastError
FindFirstFileA
InterlockedExchange
CreateDirectoryA
MultiByteToWideChar
CompareStringW
ReadFile
TerminateProcess
CreateProcessA
LeaveCriticalSection
SizeofResource
Sleep
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
OpenProcess
WaitForSingleObject
GetCurrentProcess
LoadResource
PeekNamedPipe
lstrlenA
FindResourceA
ExitProcess

user32

RegisterClipboardFormatA
PostThreadMessageA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
DestroyMenu
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetDesktopWindow
SetActiveWindow
GetTopWindow
SendMessageA
CharUpperA
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
PostMessageA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
GetActiveWindow
IsWindowVisible
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
LoadIconA
GetSystemMenu
AppendMenuA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
PostQuitMessage
EnableWindow
WindowFromDC
GetClassLongA
GetSysColor
FillRect
GetParent
DrawEdge
SetTimer
KillTimer
RedrawWindow
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
UnhookWindowsHookEx
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
CreateRectRgnIndirect
GetTextColor
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
GetObjectA
CreateRectRgn
GetTextExtentPoint32A
BitBlt
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
SelectClipRgn

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA

shell32

SHCreateDirectoryExA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemFree
CoInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocStringByteLen
SysFreeString
VariantInit
VariantCopy
VariantClear
SysAllocString
VariantChangeType
SysStringLen
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ab096b1d1e25751e02656530d081263

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 20KB - Virtual size: 17KB