c6c64ae912818ecdfd8bc11b5ebcc08fdf154bbe48d992ef05c7be432c541880

Sharing

Copy URL Twitter E-mail

General

Target

c6c64ae912818ecdfd8bc11b5ebcc08fdf154bbe48d992ef05c7be432c541880
Size

324KB
MD5

587c6a1adbe67e95632c364e32ea9258
SHA1

b80f0ce48754cfbf6c683cadd8bd11fe938698a6
SHA256

c6c64ae912818ecdfd8bc11b5ebcc08fdf154bbe48d992ef05c7be432c541880
SHA512

d93ad8ca5da5330c61534efc2883c26591a2cbb1d7468d3d8db7ddc56b62a7bba77d4bd182c854a3941b486c208466053703dcfbd9b7ef9075c52df6bd429cfd
SSDEEP

6144:S+rv8RFEAkq814H7ysqrTFGb0Qz8lE+zdZYU3Jt3nZK:hAR+Akq3HusOGb088vNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6c64ae912818ecdfd8bc11b5ebcc08fdf154bbe48d992ef05c7be432c541880

Files

c6c64ae912818ecdfd8bc11b5ebcc08fdf154bbe48d992ef05c7be432c541880
.exe windows x86

97108279dc6cffd922d7a1aa0f4bc568

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAAsyncSelect
htons
socket
listen
bind
closesocket
connect
WSAAsyncGetHostByName
ioctlsocket
accept
recv
send
WSAGetLastError
gethostname
WSACancelAsyncRequest
WSACleanup
inet_addr
WSAStartup
gethostbyname

kernel32

GetTickCount
GetFileAttributesA
GetFileSize
GetFileTime
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
CreateThread
ExitThread
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
GetFullPathNameA
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GlobalAlloc
GlobalFree
GetProcAddress
GetModuleHandleA
CloseHandle
WriteFile
CreateFileA
ExitProcess
GetCurrentDirectoryA
CreateEventA
SetEvent
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetThreadLocale
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
WaitForSingleObject
ResetEvent
LoadResource
FindResourceA
LockResource
GlobalUnlock
GlobalLock
lstrcpyA
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GetLastError
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpynA
MulDiv
SetLastError
GetModuleFileNameA
lstrcmpA
GetCurrentThread
FormatMessageA
LocalFree
ReleaseMutex
GlobalDeleteAtom
CreateMutexA
SuspendThread
ResumeThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
HeapCreate

user32

EndPaint
GetClassNameA
PtInRect
GetDesktopWindow
LoadCursorA
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
InflateRect
InvalidateRect
CharUpperA
RegisterClipboardFormatA
LoadStringA
MapDialogRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
BeginPaint
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
MapWindowPoints
DestroyMenu
IsWindowEnabled
wsprintfA
GrayStringA
DrawTextA
TabbedTextOutA
SetRect
FillRect
GetSysColor
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
EnableWindow
PostThreadMessageA
SendMessageA
PostMessageA
SetTimer
KillTimer
GetParent
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetCapture

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PatBlt
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
DeleteObject
CreateDIBitmap
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysAllocString
SysStringLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97108279dc6cffd922d7a1aa0f4bc568

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 64KB - Virtual size: 79KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 64KB - Virtual size: 79KB

.rsrc
Size: 36KB - Virtual size: 32KB