40f23cbd15f11ffb14ca7f0b3066aaa23ad477159788ced1dd4d2303ebf25d62

Sharing

Copy URL Twitter E-mail

General

Target

40f23cbd15f11ffb14ca7f0b3066aaa23ad477159788ced1dd4d2303ebf25d62
Size

1.7MB
MD5

44f77c4e3ac164ef2c225ad530ae5c21
SHA1

12ae2ec174c48264c3b9b52569190bdba6985706
SHA256

40f23cbd15f11ffb14ca7f0b3066aaa23ad477159788ced1dd4d2303ebf25d62
SHA512

5e8ae7b4d878327b04f774b2756c993dc512cb1619d3026aa0e5b3f998cd5ec2289fe1ee29eabf3b56773e3cbf3fbf49c267959fe0da68a5895c12401952a2df
SSDEEP

49152:A1o0RmK16wD0l3YWXUkQnTKymdcybHt7h:A1o0R16wD0pYWRQzybH/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40f23cbd15f11ffb14ca7f0b3066aaa23ad477159788ced1dd4d2303ebf25d62

Files

40f23cbd15f11ffb14ca7f0b3066aaa23ad477159788ced1dd4d2303ebf25d62
.exe windows x86

e2dcdd5aa81b3d875951648f16a4b261

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
WaitForMultipleObjects
InitializeCriticalSection
DeviceIoControl
WriteFile
GetDriveTypeW
GetDiskFreeSpaceExW
GetCurrentProcessId
MoveFileExW
OpenProcess
CreateFileW
WaitForSingleObject
TerminateProcess
CreateDirectoryW
SetLastError
WideCharToMultiByte
FindResourceExW
Process32FirstW
SetEvent
MultiByteToWideChar
CreateToolhelp32Snapshot
FindClose
WriteConsoleW
GetConsoleCP
FlushFileBuffers
SetStdHandle
FindNextFileA
LoadLibraryExW
GetSystemWindowsDirectoryW
FreeLibrary
Process32NextW
GetModuleHandleW
CreateProcessW
GetProcAddress
FindResourceW
LoadResource
LoadLibraryW
LockResource
Sleep
FreeResource
GetSystemDirectoryW
GetVersionExW
LeaveCriticalSection
GetModuleFileNameW
InterlockedCompareExchange
GetCurrentProcess
EnterCriticalSection
SizeofResource
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExA
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
CloseHandle
HeapReAlloc
GetLastError
GetConsoleMode
LCMapStringW
GetStringTypeW
GetACP
GetStdHandle
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
HeapSize
CreateMutexW
InitializeCriticalSectionAndSpinCount
ExitThread
CreateThread
EncodePointer
HeapFree
RtlUnwind
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
GetCommandLineW
ResetEvent
GetTickCount
MulDiv
GetFileSize
ReadFile
GetFileType
SetFilePointer
SetFileTime
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
GetCurrentDirectoryW
IsDebuggerPresent
OutputDebugStringW
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
CreateFileA
GetFileSizeEx
SetFilePointerEx
HeapLock
HeapUnlock
HeapWalk
GetCurrentThreadId
OpenThread
ReleaseMutex
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

PostMessageW
ShowWindow
FindWindowW
CallWindowProcW
AllowSetForegroundWindow
GetWindowThreadProcessId
GetWindowRect
DestroyWindow
IsWindowVisible
MoveWindow
IsZoomed
GetParent
IsIconic
CreateWindowExW
UpdateLayeredWindow
GetKeyState
GetCapture
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetCursorPos
MapWindowPoints
IsRectEmpty
PtInRect
DefWindowProcW
EnableWindow
RegisterClassW
RegisterClassExW
GetClassInfoExW
GetSystemMetrics
SetPropW
GetPropW
RemovePropW
SetCursor
OffsetRect
LoadCursorW
LoadImageW
SystemParametersInfoW
MonitorFromWindow
GetMonitorInfoW
CharNextW
CharPrevW
DrawTextW
FillRect
SetRect
IntersectRect
GetWindowDC
GetWindowTextW
GetWindowTextLengthW
CopyRect
EqualRect
CreateAcceleratorTableW
InvalidateRgn
CreateCaret
HideCaret
ShowCaret
SetCaretPos
ClientToScreen
GetSysColor
GetWindowRgn
SendMessageW
LoadStringW
SetForegroundWindow
GetWindowLongW
GetMessageW
GetWindow
SetWindowPos
ScreenToClient
SetWindowTextW
IsWindow
DispatchMessageW
SetFocus
TranslateMessage
SetWindowLongW
GetClientRect
PostQuitMessage

gdi32

SetStretchBltMode
TextOutW
GetTextColor
SetViewportOrgEx
SetTextColor
MoveToEx
SelectObject
CreateDIBSection
CreateCompatibleDC
CreateRectRgn
DeleteDC
PtInRegion
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateFontIndirectW
CreatePen
GetStockObject
Rectangle
RestoreDC
SaveDC
GetTextMetricsW
GetObjectW
SetWindowOrgEx
GetDeviceCaps
CombineRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt

advapi32

RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExA
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
ord165
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

OleInitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx
OleLockRunning
CoUninitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID

shlwapi

PathRemoveBackslashW
PathCombineW
StrCmpIW
PathAppendW
PathFileExistsW
SHGetValueW
StrStrIW
PathRemoveFileSpecW
StrCmpNIW

comctl32

_TrackMouseEvent
ord17

msimg32

AlphaBlend

psapi

GetModuleFileNameExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 499KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21.2MB - Virtual size: 21.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2dcdd5aa81b3d875951648f16a4b261

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

msimg32

psapi

version

Sections

.text Size: 499KB - Virtual size: 498KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 21.2MB - Virtual size: 21.2MB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 499KB - Virtual size: 498KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 21.2MB - Virtual size: 21.2MB

.reloc
Size: 24KB - Virtual size: 23KB