02ee31e2e80cebab48aa3035137f321577d0865410d03aedcdc52428222e41e8

Sharing

Copy URL Twitter E-mail

General

Target

02ee31e2e80cebab48aa3035137f321577d0865410d03aedcdc52428222e41e8
Size

3.2MB
MD5

4aa32be538ec767385e6ed15fb8780bc
SHA1

0944171c34d6582f402f265c533f4bd962cba035
SHA256

02ee31e2e80cebab48aa3035137f321577d0865410d03aedcdc52428222e41e8
SHA512

b43a7d06bd2c830d2d8690eec6593a48fe867f8cfdced41f4d668a214b74f7d563da424ab6ff7c1350ab65c2313ec633f1fb31f83b389331f54cc2432d7778f7
SSDEEP

24576:NOfi6IW+aWFewwLa1wBfTur6Ut1spONYtSuMBdZiZ+g7+sJt/vsL4O6wts:Y3+aWFewwLaYTS6Ut1swNYA/A+sULM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02ee31e2e80cebab48aa3035137f321577d0865410d03aedcdc52428222e41e8

Files

02ee31e2e80cebab48aa3035137f321577d0865410d03aedcdc52428222e41e8
.exe windows x86

5af06f489123d8ae24607b7cd20b6d26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
GetProfileStringA
InterlockedExchange
GetCommandLineA
GetStartupInfoA
RaiseException
TerminateProcess
ExitProcess
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetThreadLocale
SizeofResource
GetProcessVersion
GetLastError
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FormatMessageA
LocalFree
MulDiv
LoadLibraryA
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetLastError
FreeLibrary
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
WritePrivateProfileStringA
GetFileSize
VirtualAlloc
ReadFile
CreateFileA
WriteFile
VirtualFree
CloseHandle

user32

InflateRect
RegisterClipboardFormatA
PostThreadMessageA
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetSysColorBrush
WaitMessage
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
GetMenuState
CharNextA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
GetSystemMetrics
DrawIcon
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
SetCursor
PostQuitMessage
PostMessageA
LoadBitmapA
LoadIconA
EnableWindow
KillTimer
SetTimer
InvalidateRect
GetDC
GetClientRect
GetWindowRect
CharUpperA
MessageBeep
GetNextDlgGroupItem
SetRect
IntersectRect
CopyAcceleratorTableA
IsIconic
GetSystemMenu
AppendMenuA
SendMessageA
PtInRect
GetClassNameA
GetDesktopWindow
LoadCursorA
DestroyMenu
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetSysColor
ReleaseDC
ClientToScreen
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
ModifyMenuA
UpdateWindow
SendDlgItemMessageA
GetWindowPlacement
MapWindowPoints
GetWindowDC

gdi32

DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
GetObjectA
DeleteObject
ExtSelectClipRgn
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateFontA
CreatePen
StretchBlt
CreateCompatibleDC
OffsetRgn
CombineRgn
CreateEllipticRgnIndirect
CreateRectRgnIndirect
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
OleIsCurrentClipboard
CoGetClassObject

olepro32

ord253

oleaut32

SysAllocStringLen
SysFreeString
VariantChangeType
SysAllocString
SysAllocStringByteLen
VariantClear
SysStringLen
VariantCopy
VariantTimeToSystemTime

wsock32

connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
bind
ioctlsocket
accept
getpeername
ntohs
inet_addr
WSAGetLastError
listen
WSACleanup
WSAStartup
WSASetLastError

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msimg32

TransparentBlt

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SSSSXXX
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5af06f489123d8ae24607b7cd20b6d26

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

msimg32

Sections

.text Size: 192KB - Virtual size: 188KB

SSSSXXX Size: 4KB - Virtual size: 1KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.text
Size: 192KB - Virtual size: 188KB

SSSSXXX
Size: 4KB - Virtual size: 1KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB