9e404ae35d885f14406ac18b7f12f90f68570a234a7a21ee30d64d7e9b06ef9c

Sharing

Copy URL

Twitter E-mail

General

Target

9e404ae35d885f14406ac18b7f12f90f68570a234a7a21ee30d64d7e9b06ef9c
Size

302KB
MD5

84736abcd4cf39888cbacc52801577bd
SHA1

a1260b40c6e09b481d246c47fb8ffdfb5ee1da60
SHA256

9e404ae35d885f14406ac18b7f12f90f68570a234a7a21ee30d64d7e9b06ef9c
SHA512

02874f5724b1b94751bf4c77a3e878d23b4c551aba6cddce8b99e5c949104548c88ac7c15d60ea8989f6d5f3f52d4759463ada032347206a2910246852b34032
SSDEEP

6144:Wcda04Sz+fYBI3scafrBzUiMX1OKLOQrp/RAB3I0X/L6Qxj04ONNVo8wnRU0irP:tda04Sz+fYBIccafrBPMX11LOPtXzJKh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e404ae35d885f14406ac18b7f12f90f68570a234a7a21ee30d64d7e9b06ef9c

Files

9e404ae35d885f14406ac18b7f12f90f68570a234a7a21ee30d64d7e9b06ef9c
.exe windows x86

92c0c8997708086ce0ce7c81576d5d87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
UnmapViewOfFile
FreeLibrary
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LoadLibraryExW
GetModuleFileNameW
GlobalUnlock
GlobalLock
GlobalAlloc
GetLocalTime
GetModuleFileNameA
CopyFileA
GetTickCount
SetFileAttributesA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileIntA
InitializeCriticalSectionAndSpinCount
SetCommState
GetCommState
SetCommTimeouts
PurgeComm
SetupComm
CreateFileA
WriteFile
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
CreateFileW
GetFileSize
ReadFile
CloseHandle
FreeResource
lstrlenA
MultiByteToWideChar
Sleep
Beep
InitializeCriticalSection
MulDiv
lstrcpynW
LocalFree
lstrlenW
WideCharToMultiByte
GetModuleHandleW
GetProcAddress
GetLastError
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
SetLastError
GetCurrentThreadId
GetVersion
GetCurrentProcess
FlushInstructionCache
FindResourceExW
FindResourceW
InterlockedExchange
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
DecodePointer
EnterCriticalSection
RaiseException
EncodePointer
GetPrivateProfileStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation

user32

PostThreadMessageW
SetCursor
CreateWindowExW
MessageBoxW
SetWindowLongW
GetWindowRect
GetClientRect
ReleaseDC
SendMessageW
InvalidateRect
GetParent
SetWindowPos
GetWindowLongW
GetClassInfoExW
LoadCursorW
PtInRect
InflateRect
OffsetRect
CopyRect
DrawTextW
CallWindowProcW
DefWindowProcW
BeginPaint
EndPaint
UnregisterClassA
GetActiveWindow
SetActiveWindow
SystemParametersInfoW
CharNextW
DestroyWindow
GetWindow
MapWindowPoints
wsprintfW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
MessageBoxA
SetCapture
DrawIconEx
LoadIconW
DrawFrameControl
GetDlgCtrlID
IsWindowVisible
EqualRect
ShowWindow
DestroyIcon
GetDesktopWindow
SetRect
GetKeyState
GetDC
MonitorFromWindow
GetMonitorInfoW
LoadBitmapW
SetRectEmpty
SetWindowRgn
GetDlgItem
EnableWindow
KillTimer
SetTimer
ClientToScreen
MoveWindow
GetWindowTextW
SetWindowTextW
ReleaseCapture
IsWindow
FrameRect
IsRectEmpty
IsWindowEnabled
LoadImageW
RegisterClassExW

advapi32

RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

ole32

CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

shell32

ShellExecuteW
SHGetFileInfoA

oleaut32

VarUI4FromStr

shlwapi

StrToIntA
StrToIntW
StrCmpNIW
StrDupW
StrStrIW
StrStrA
PathFileExistsA

gdi32

CreateCompatibleDC
SelectObject
SetBkColor
SetBkMode
SetTextColor
BitBlt
StretchBlt
DeleteObject
CreateBitmap
GetObjectW
MoveToEx
LineTo
ExtTextOutW
CreatePen
CreateFontIndirectW
GetStockObject
CreateSolidBrush
CreateRectRgn
CreateRectRgnIndirect
SetRectRgn
CombineRgn
OffsetRgn
DPtoLP
GetDeviceCaps
RectInRegion
SelectClipRgn
RoundRect
GetClipRgn
SaveDC
RestoreDC
TextOutW
GetTextExtentPoint32W
CreateDIBSection
CreateCompatibleBitmap
Rectangle
DeleteDC

comctl32

_TrackMouseEvent

gdiplus

GdipDrawImageRectRectI
GdipAlloc
GdipLoadImageFromStream
GdipDrawImageI
GdipFree
GdipDisposeImage
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageWidth
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipGetImageHeight

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

msvcr100

_wtoi
_beginthreadex
_mbsstr
_mbsicmp
strnlen
_mbschr
wcschr
wcscpy_s
sprintf
vsprintf_s
_vscprintf
_vsnwprintf_s
wcsstr
_vswprintf
strstr
calloc
_mbscmp
__CxxFrameHandler3
_recalloc
??_U@YAPAXI@Z
malloc
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
memmove_s
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
free
wcsncpy_s
strrchr
fflush
fwrite
fopen
vsprintf
getc
feof
swprintf_s
wmemcpy_s
strchr
strncmp
isalnum
isalpha
tolower
sprintf_s
memcpy_s
exit
??2@YAPAXI@Z
memcpy
memmove
_purecall
fprintf
atoi
rand
_chkesp
_unlock
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
_invoke_watson
_controlfp_s
wcsrchr
isspace
wcsnlen
??3@YAXPAX@Z
memset
??_V@YAXPAX@Z
_vscwprintf
clock
__dllonexit
_stricmp
fclose
fseek
_vsnprintf_s
vswprintf_s

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

libxl

xlCreateBookW
xlCreateXMLBookW

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92c0c8997708086ce0ce7c81576d5d87

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

comctl32

gdiplus

version

msvcr100

msvcp100

libxl

Sections

.text Size: 176KB - Virtual size: 176KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 75KB - Virtual size: 75KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 176KB - Virtual size: 176KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 75KB - Virtual size: 75KB

.reloc
Size: 15KB - Virtual size: 14KB