0e7172b2b46a5b59244d7833a6b51adb59eb03968394c93f98f9ee1def13d896

Sharing

Copy URL Twitter E-mail

General

Target

0e7172b2b46a5b59244d7833a6b51adb59eb03968394c93f98f9ee1def13d896
Size

878KB
MD5

bb0c72e9894c2aee5dd88b13ff1eab66
SHA1

f8edde0cb916f2e5948e46c07c0c471b91a6f935
SHA256

0e7172b2b46a5b59244d7833a6b51adb59eb03968394c93f98f9ee1def13d896
SHA512

63d838cdcd5003c49348b92104cbb8ecced6e7e062097fc73982b82622ba207e99e8b6952d332e65b5bb051e7681b40d712ffdc79c599b21d782e7864fda1db2
SSDEEP

12288:1IuNuk7mxQR7w47qFB6qY325CdewMgLv9rJnne7pHQgsl+kPnpnn97U0tWOcF:zNu9+RZLv9rJnUhQfldnT7m5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e7172b2b46a5b59244d7833a6b51adb59eb03968394c93f98f9ee1def13d896

Files

0e7172b2b46a5b59244d7833a6b51adb59eb03968394c93f98f9ee1def13d896
.exe windows x86

71bb03a40546620e52e73d3dec4b4475

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
DestroyWindow
GetWindowLongW
IsIconic
IsZoomed
ClientToScreen
MonitorFromPoint
MonitorFromWindow
GetMonitorInfoW
ScreenToClient
GetClientRect
OffsetRect
PeekMessageW
GetWindowRect
SetWindowRgn
SetWindowLongW
MessageBoxW
MoveWindow
IsWindow
ShowWindow
IsWindowVisible
SetForegroundWindow
SetWindowTextW
SetWindowPos
ReleaseDC
LoadCursorW
RegisterClassW
GetClassInfoExW
GetWindow
EnableWindow
SetFocus
GetSystemMetrics
UnregisterClassW
CallWindowProcW
SetPropW
GetPropW
GetDC
InvalidateRect
GetKeyState
GetCursorPos
GetFocus
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
IsRectEmpty
IntersectRect
UpdateLayeredWindow
PtInRect
UnionRect
PostMessageW
SetCursor
CharNextW
KillTimer
GetSysColor
GetAsyncKeyState
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
FindWindowW
GetDesktopWindow
MapWindowPoints
GetParent
WaitMessage
GetQueueStatus
TranslateMessage
RegisterClassExW
MsgWaitForMultipleObjectsEx
CallMsgFilterW
PostQuitMessage
SendMessageW
DispatchMessageW
DefWindowProcW
CreateWindowExW

winmm

timeGetTime
timeSetEvent
timeKillEvent

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFileExistsW
PathIsRelativeW

gdiplus

GdipDrawEllipseI
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawPath
GdipDrawRectangleI
GdipDrawBezierI
GdipDrawLineI
GdipFillRectangle
GdipDeletePath
GdipTransformPath
GdipIsOutlineVisiblePathPointI
GdipIsVisiblePathPointI
GdipGetPathWorldBoundsI
GdipAddPathPolygonI
GdipAddPathPieI
GdipAddPathArcI
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipAddPathCurveI
GdipAddPathBezierI
GdipAddPathLine2I
GdipAddPathLineI
GdipClosePathFigure
GdipStartPathFigure
GdipGetPathFillMode
GdipSetPathFillMode
GdipResetPath
GdipClonePath
GdipCreatePath
GdipCreateTexture
GdipCreateBitmapFromHBITMAP
GdipCreateSolidFill
GdipGetPenDashStyle
GdipSetPenDashStyle
GdipGetPenLineJoin
GdipSetPenLineJoin
GdipGetPenDashCap197819
GdipGetPenEndCap
GdipFillEllipseI
GdipSetPenDashCap197819
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenColor
GdipGetPenWidth
GdipSetPenWidth
GdipClonePen
GdipLoadImageFromFile
GdipImageRotateFlip
GdipDrawImageRect
GdipSetWorldTransform
GdipRotateMatrix
GdipTranslateMatrix
GdipCreatePen2
GdipSetLineBlend
GdipCloneBrush
GdipDeleteBrush
GdipCreateLineBrushFromRect
GdipDrawArc
GdipDeletePen
GdipCreatePen1
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipFillPath
GdipDeleteMatrix
GdipCreateMatrix
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateHBITMAPFromBitmap
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFile
GdipMeasureString
GdipGetPenStartCap
GdiplusShutdown
GdiplusStartup
GdipScaleMatrix

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

msimg32

AlphaBlend

kernel32

SetStdHandle
WriteConsoleW
OutputDebugStringW
SetEndOfFile
GetACP
IsValidCodePage
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetProcessHeap
HeapSize
GetModuleHandleExW
ExitProcess
GetFileType
GetOEMCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetStartupInfoW
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
HeapReAlloc
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
LoadLibraryExW
ExitThread
CreateThread
GetCommandLineW
GetCPInfo
HeapFree
DecodePointer
EncodePointer
GetStringTypeW
GetEnvironmentVariableW
SetFilePointer
WideCharToMultiByte
GetCurrentProcessId
GetModuleHandleA
GetFileSize
MultiByteToWideChar
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
MulDiv
GetTickCount
VerSetConditionMask
CreateFileW
ReadFile
WriteFile
GetModuleHandleW
CreateIoCompletionPort
PostQueuedCompletionStatus
InterlockedExchange
GetQueuedCompletionStatus
VerifyVersionInfoW
SystemTimeToFileTime
QueryPerformanceCounter
GetSystemTimeAsFileTime
QueryPerformanceFrequency
LocalFileTimeToFileTime
InterlockedCompareExchange
LoadLibraryW
GetFileAttributesW
GetModuleFileNameW
GetProcAddress
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
WaitForSingleObject
SetEvent
CreateEventW
CloseHandle
TerminateThread
Sleep
SetThreadPriority
RaiseException
GetCurrentThreadId
VirtualQuery
GetCurrentProcess
GetStdHandle
GetLastError

gdi32

CreateFontIndirectW
SelectObject
GetStockObject
GetDeviceCaps
CreateDIBSection
StretchBlt
CreateCompatibleDC
DeleteDC
GetObjectW
DeleteObject
CreateRoundRectRgn
BitBlt
ExtSelectClipRgn
CreateRectRgnIndirect
GetObjectA
SetStretchBltMode
SetWindowOrgEx
GetWindowOrgEx
RestoreDC
SaveDC

shell32

ShellExecuteW

ole32

CreateStreamOnHGlobal
CoCreateInstance

Sections

.text
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71bb03a40546620e52e73d3dec4b4475

Headers

DLL Characteristics

File Characteristics

Imports

user32

winmm

comctl32

shlwapi

gdiplus

imm32

msimg32

kernel32

gdi32

shell32

ole32

Sections

.text Size: 458KB - Virtual size: 457KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 21KB - Virtual size: 30KB

.rsrc Size: 267KB - Virtual size: 267KB

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 458KB - Virtual size: 457KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 21KB - Virtual size: 30KB

.rsrc
Size: 267KB - Virtual size: 267KB

.reloc
Size: 29KB - Virtual size: 28KB