361148399cc2adb4c2e807f9473fa566ea15e60fc3ab10d1e7a5a2cdc5809f8f

Sharing

Copy URL Twitter E-mail

General

Target

361148399cc2adb4c2e807f9473fa566ea15e60fc3ab10d1e7a5a2cdc5809f8f
Size

1.5MB
MD5

b3f1acd94db643ae066fcff5d4532111
SHA1

72ce686d3b125a44c037dea266d4057af22880c7
SHA256

361148399cc2adb4c2e807f9473fa566ea15e60fc3ab10d1e7a5a2cdc5809f8f
SHA512

46a9999a9f6d2c78a442968d39cca85117b020a547478b6162c66e4308fba2a5ea64125896dbcf704b6f2b5eba54320e5b5f17e13765a66ff4e1264c69e2aa7c
SSDEEP

24576:pwwJdb7JpD3EON4RCCaB+2/6S85ON7LxwkSH4CyxDPyJiTaZfFtinHJN:jdD0OmRCroVONpwkdCGuJhZFApN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
361148399cc2adb4c2e807f9473fa566ea15e60fc3ab10d1e7a5a2cdc5809f8f

Files

361148399cc2adb4c2e807f9473fa566ea15e60fc3ab10d1e7a5a2cdc5809f8f
.exe windows x86

f2c4daa23c86d869abab3bcb8cc0ec4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CompareStringW
CompareStringA
LCMapStringA
LCMapStringW
FlushFileBuffers
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
GetEnvironmentStringsW
GetOEMCP
GetCPInfo
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapCreate
UnhandledExceptionFilter
GetStdHandle
SetEndOfFile
SetStdHandle
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
TerminateProcess
SetUnhandledExceptionFilter
TlsGetValue
ExitProcess
TlsSetValue
TlsAlloc
HeapCompact
GetFileType
RtlUnwind
GetTimeZoneInformation
RaiseException
SetThreadContext
SuspendThread
GetThreadContext
GetSystemTime
GetProfileStringW
GetProfileStringA
GlobalReAlloc
GetACP
GetProfileIntA
IsDBCSLeadByte
GetCurrentProcess
SetProcessWorkingSetSize
Sleep
SetFileAttributesA
GetSystemDefaultLCID
GetVersion
GlobalGetAtomNameA
GlobalDeleteAtom
SetThreadPriority
SetLastError
GetCurrentThreadId
TerminateThread
GetCurrentThread
WaitForMultipleObjects
ResetEvent
CreateThread
ResumeThread
lstrcmpA
lstrcatA
LoadLibraryA
lstrcpyA
LockResource
FreeResource
SizeofResource
DeleteCriticalSection
FindResourceA
LoadResource
GlobalAlloc
IsBadReadPtr
WideCharToMultiByte
SetHandleCount
GlobalFree
lstrcmpiA
FreeLibrary
GetProcAddress
LoadLibraryExA
DeleteFileA
MultiByteToWideChar
CopyFileA
CreateProcessA
GetModuleHandleA
GetModuleFileNameA
GetFullPathNameA
WaitForSingleObject
WinExec
ReadFile
SetFileTime
WriteFile
FindFirstFileA
SetFilePointer
MoveFileA
FindClose
MoveFileExA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTickCount
GetTempPathA
GetTempFileNameA
CreateFileA
OpenFile
lstrlenA
CloseHandle
GetFileAttributesA
GetTimeFormatA
GetLocalTime
GetDateFormatA
SetEvent
GetThreadLocale
GetLocaleInfoA
GetLastError
SetErrorMode
CreateEventA
GlobalSize
GetCommandLineA
GetStartupInfoA
EnterCriticalSection
GlobalLock
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
GlobalMemoryStatus
SetEnvironmentVariableA
MulDiv

gdi32

EndPage
StartPage
AbortDoc
SetAbortProc
SetROP2
CloseEnhMetaFile
GetBkMode
CreateEnhMetaFileA
CreateMetaFileA
CloseMetaFile
EndDoc
StartDocA
ResetDCA
SetBrushOrgEx
OffsetWindowOrgEx
AnimatePalette
SetBitmapBits
TextOutA
SetTextAlign
GetMetaFileBitsEx
PlayEnhMetaFileRecord
GdiFlush
GetObjectType
EnumEnhMetaFile
SetBkMode
Rectangle
GetCurrentObject
MoveToEx
LineTo
ExtTextOutA
UnrealizeObject
GetTextExtentPoint32A
PatBlt
SetMetaFileBitsEx
SetTextColor
SetStretchBltMode
GetTextMetricsA
GetTextFaceA
SetBkColor
CopyMetaFileA
DeleteMetaFile
CopyEnhMetaFileA
SetDIBits
DeleteEnhMetaFile
GetCharWidthA
GetTextExtentPointA
GetRasterizerCaps
ExtEscape
EnumFontFamiliesA
GetSystemPaletteUse
GetDeviceCaps
Escape
BitBlt
StretchBlt
GetSystemPaletteEntries
Polyline
Polygon
IntersectClipRect
SelectClipRgn
CombineRgn
OffsetRgn
CreateRectRgnIndirect
CreatePalette
CreateFontIndirectA
CreateCompatibleBitmap
CreateFontA
CreateBitmap
RestoreDC
CreateCompatibleDC
CreateICA
SaveDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateDCA
CreateSolidBrush
CreatePen
DeleteObject
CreateRectRgn
SelectObject
GetRgnBox
GetObjectA
SetRectRgn
LPtoDP
DPtoLP
GetStockObject
SetMapMode
GetWindowExtEx
GetMapMode
GetViewportExtEx
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
GetViewportOrgEx
GetWindowOrgEx
CreateDIBSection
SelectPalette
SetViewportOrgEx
DeleteDC
RectVisible
GetClipBox
RealizePalette

user32

SetCaretPos
CreateCaret
TranslateMDISysAccel
GetTopWindow
GetCaretBlinkTime
DestroyCaret
RedrawWindow
MapWindowPoints
GetKeyboardLayout
SetWindowPlacement
CopyAcceleratorTableA
DefMDIChildProcA
DefMDIChildProcW
EndDialog
GetDlgItemTextA
DialogBoxParamA
CreateDialogParamA
EnableMenuItem
CheckMenuItem
GetWindow
SetActiveWindow
CreateMDIWindowA
GetSubMenu
TrackPopupMenu
CheckRadioButton
ScrollDC
CharToOemBuffA
SetKeyboardState
GetKeyboardState
SetClassLongA
ValidateRect
IsWindowUnicode
RemoveMenu
AdjustWindowRectEx
SendMessageA
ShowCursor
SetCursor
DestroyCursor
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetUpdateRgn
LoadBitmapA
IntersectRect
UnionRect
OffsetRect
PtInRect
InflateRect
LoadStringA
MessageBoxA
InvertRect
DefWindowProcW
TranslateAcceleratorA
ChangeClipboardChain
SetClipboardViewer
IsZoomed
GetWindowThreadProcessId
DefFrameProcW
DefFrameProcA
EqualRect
GetMenu
SetMenu
DrawMenuBar
GetWindowPlacement
LoadImageA
CreateMenu
RegisterClassExW
RegisterClassExA
RegisterClassW
GetForegroundWindow
FrameRect
GetActiveWindow
GetClassLongA
ValidateRgn
ScrollWindow
SetRectEmpty
InvalidateRgn
BeginPaint
EndPaint
TranslateMessage
DispatchMessageW
DispatchMessageA
WaitMessage
GetMessageW
GetMessageA
PeekMessageW
GetAsyncKeyState
GetMessageTime
PostMessageW
GetDoubleClickTime
GetDesktopWindow
ReleaseCapture
SetCapture
DrawEdge
SetParent
KillTimer
SetTimer
DrawIcon
UpdateWindow
DefWindowProcA
RegisterClassA
IsDlgButtonChecked
CheckDlgButton
GetMenuItemCount
MessageBeep
SendMessageW
CreateWindowExW
CreateWindowExA
DrawTextW
DrawTextA
GetWindowTextW
GetDlgItem
SetRect
MapDialogRect
GetKeyState
SetForegroundWindow
InvalidateRect
GetUpdateRect
FillRect
GetNextDlgTabItem
ActivateKeyboardLayout
WinHelpA
ChildWindowFromPoint
IsIconic
GetWindowRect
SetWindowPos
ShowWindow
SetWindowTextW
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetFocus
SystemParametersInfoA
GetClientRect
MoveWindow
DestroyWindow
CreateDialogIndirectParamW
CreateDialogIndirectParamA
EnableWindow
CallWindowProcW
CallWindowProcA
SetFocus
IsWindow
GetWindowLongW
GetWindowLongA
SetWindowLongW
SetWindowLongA
IsChild
IsDialogMessageW
IsDialogMessageA
GetParent
ClientToScreen
IsWindowVisible
SetMenuItemInfoA
GetClassNameA
DestroyMenu
DestroyIcon
LoadAcceleratorsA
LoadMenuA
LoadIconA
PeekMessageA
AttachThreadInput
PostMessageA
RegisterWindowMessageA
GetSystemMetrics
RegisterClipboardFormatA
GetCapture
GetCursorPos
WindowFromPoint
ScreenToClient
InsertMenuA
CreatePopupMenu
EnumWindows
IsWindowEnabled
BringWindowToTop

shell32

DragQueryFileA
DragFinish
DragAcceptFiles

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA

comctl32

ord17

winspool.drv

DocumentPropertiesA
ClosePrinter
GetPrinterA
OpenPrinterA
EnumPrintersA
DeviceCapabilitiesA
GetPrinterDriverA

ole32

StgOpenStorage
GetRunningObjectTable
CreateDataAdviseHolder
OleRegEnumFormatEtc
OleGetIconOfClass
OleCreateEmbeddingHelper
CoRevokeClassObject
CoRegisterClassObject
CoFileTimeNow
OleRegGetUserType
OleSetMenuDescriptor
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgIsStorageFile
CoGetClassObject
OleSave
OleLoad
OleIsRunning
OleRun
CoDisconnectObject
OleCreateFromFile
OleCreateLinkToFile
OleCreateFromData
OleCreateLinkFromData
CreateOleAdviseHolder
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
StgCreateDocfile
OleRegEnumVerbs
ReadClassStg
WriteClassStg
CreateBindCtx
OleDuplicateData
ProgIDFromCLSID
CreateFileMoniker
CLSIDFromProgID
StringFromCLSID
CoGetMalloc
OleInitialize
CoCreateInstance
ReleaseStgMedium
OleRegGetMiscStatus
CreateItemMoniker
CreateGenericComposite
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleCreate

comdlg32

GetOpenFileNameA
PrintDlgA

mso97v

ord781
ord680
ord683
ord916
ord467
ord406
ord970
ord641
ord525
ord741
ord388
ord351
ord744
ord389
ord508
ord415
ord493
ord689
ord337
ord543
ord900
ord894
ord13
ord993
ord499
ord589
ord925
ord502
ord897
ord909
ord911
ord932
ord295
ord671
ord968
ord655
ord391
ord359
ord321
ord394
ord405
ord739
ord740
ord561
ord562
ord877
ord306
ord483
ord924
ord933
ord688
ord844
ord292
ord290
ord287
ord652
ord815
ord893
ord312
ord313
ord760
ord601
ord813
ord514
ord803
ord667
ord947
ord52
ord899
ord887
ord390
ord456
ord978
ord977
ord802
ord294
ord836
ord378
ord742
ord634
ord846
ord746
ord479
ord850
ord556
ord605
ord555
ord606
ord607
ord335
ord422
ord571
ord340
ord308
ord430
ord702
ord409
ord720
ord649
ord402
ord403
ord755
ord464
ord471
ord666
ord880
ord610
ord778
ord915
ord866
ord864
ord307
ord929

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2c4daa23c86d869abab3bcb8cc0ec4d

Headers

File Characteristics

Imports

kernel32

gdi32

user32

shell32

advapi32

comctl32

winspool.drv

ole32

comdlg32

mso97v

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 21KB - Virtual size: 36KB

.idata Size: 13KB - Virtual size: 13KB

.tls Size: 2KB - Virtual size: 1KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 21KB - Virtual size: 36KB

.idata
Size: 13KB - Virtual size: 13KB

.tls
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 112KB - Virtual size: 112KB