56a0a93141f827e5eabb614a1c652fb60201816ba2dadd20eadb8fb735702cf0

Sharing

Copy URL

Twitter E-mail

General

Target

56a0a93141f827e5eabb614a1c652fb60201816ba2dadd20eadb8fb735702cf0
Size

2.2MB
MD5

e419c14966a0b651ebfd4fc0a638e4a1
SHA1

242a2609a3657c0d62d66ac465af342f294bdd37
SHA256

56a0a93141f827e5eabb614a1c652fb60201816ba2dadd20eadb8fb735702cf0
SHA512

ee8d0e61bef5c67bdfe78930a04fb686710a00fa4f873beaf29cde331f062fc06d5226c9d1e94a5ec9f2a3f42d1dd7b0556d6f78371061e6b3aa5a5603e00f1f
SSDEEP

49152:A7MWTYdM2hjiiOP8oMT4L7hG71wt8S04b:WMv2qoM7KRb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56a0a93141f827e5eabb614a1c652fb60201816ba2dadd20eadb8fb735702cf0

Files

56a0a93141f827e5eabb614a1c652fb60201816ba2dadd20eadb8fb735702cf0
.exe windows x64

e120447a8020f30a12d7ea8feb60d32a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

ord380
InitCommonControlsEx
ord8
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_AddMasked
ord412
ord410
CreateStatusWindowW
ord413

shlwapi

PathCombineW
StrCmpLogicalW
UrlUnescapeW
StrFormatByteSizeW
StrRetToBufW
StrStrW
StrCatBuffW
PathFindExtensionW
PathUnquoteSpacesW
PathIsUNCW
StrTrimW
SHAutoComplete
StrStrIW
PathRemoveFileSpecW
PathFindFileNameW
PathQuoteSpacesW
PathRenameExtensionW
PathIsDirectoryW
StrRChrW
PathRemoveExtensionW
PathCompactPathExW
PathStripToRootW
PathGetDriveNumberW
PathCommonPrefixW
PathCanonicalizeW
PathIsRootW
PathUnExpandEnvStringsW
PathIsPrefixW
PathRelativePathToW
StrDupW
StrStrIA
StrDupA
UrlEscapeW
StrTrimA
PathMatchSpecW
PathIsRelativeW
PathAppendW
StrChrW

imm32

ImmEscapeW
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmSetCompositionStringW
ImmNotifyIME
ImmGetContext
ImmSetCandidateWindow

uxtheme

GetThemeSysFont
IsAppThemed
CloseThemeData
OpenThemeData
SetWindowTheme

kernel32

GlobalAlloc
GlobalLock
WideCharToMultiByte
GetTickCount
GlobalUnlock
HeapFree
lstrlenW
GetTimeFormatEx
GetLocaleInfoEx
GetDateFormatEx
lstrcatW
GetLocalTime
WritePrivateProfileStringW
lstrcpynW
GetPrivateProfileIntW
GetModuleFileNameW
GetFileAttributesW
GetVersionExW
FormatMessageW
GlobalFree
CreateThread
HeapAlloc
GetCurrentDirectoryW
LocalFree
lstrcpyW
CompareStringOrdinal
ReadFile
GetFileSizeEx
IsDBCSLeadByteEx
GetFullPathNameW
WriteFile
SetEndOfFile
LocalAlloc
CreateThreadpoolWork
GetACP
HeapSize
GetPrivateProfileStringW
GetTimeZoneInformation
GetLastError
GlobalMemoryStatusEx
GetOEMCP
IsValidCodePage
SizeofResource
GetFileInformationByHandleEx
GetCurrentProcess
ExpandEnvironmentStringsW
GetFinalPathNameByHandleW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
FreeResource
CreateEventW
LCMapStringEx
SetEvent
LockResource
HeapReAlloc
ResetEvent
LoadResource
FindResourceW
GetWindowsDirectoryW
WritePrivateProfileSectionW
GetCommandLineW
GetLongPathNameW
SetErrorMode
FindFirstChangeNotificationW
GetVersion
SetFileAttributesW
GetFileAttributesExW
FindCloseChangeNotification
DeleteFileW
FindNextChangeNotification
SetCurrentDirectoryW
GetCurrentProcessId
GetProcessHeap
CreateProcessW
GetSystemTimeAsFileTime
GetSystemTime
IsValidLocaleName
RaiseException
RtlPcToFileHeader
RtlUnwindEx
TerminateProcess
InitializeSListHead
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
GetNativeSystemInfo
CloseHandle
WaitForSingleObject
CreateWaitableTimerW
SetWaitableTimer
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
GlobalSize
Sleep
LoadLibraryExW
MulDiv
QueryPerformanceCounter
FreeLibrary
GetModuleHandleW
GetProcAddress
QueryPerformanceFrequency
MultiByteToWideChar
AcquireSRWLockExclusive
GetFileInformationByHandle
ReleaseSRWLockExclusive
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
CreateFileW

user32

TrackPopupMenuEx
FindWindowW
TranslateAcceleratorW
IntersectRect
EnumWindows
SetMenu
GetForegroundWindow
SetMenuDefaultItem
CountClipboardFormats
SetWindowPlacement
ChangeClipboardChain
DestroyIcon
IsDialogMessageW
OffsetRect
IsWindow
GetSubMenu
LoadAcceleratorsW
GetWindowPlacement
ShowOwnedPopups
SetClipboardViewer
EqualRect
IsWindowVisible
CheckMenuRadioItem
MapVirtualKeyW
ShowWindowAsync
LoadMenuW
GetMessageW
GetMessagePos
GetMenuItemInfoW
IsZoomed
GetDlgItem
UpdateWindow
SetCursorPos
SetScrollInfo
RegisterClipboardFormatW
GetKeyState
GetUpdateRgn
PostMessageW
HideCaret
ScreenToClient
NotifyWinEvent
GetScrollInfo
MsgWaitForMultipleObjects
SetCaretPos
OpenClipboard
SetTimer
GetKeyboardLayoutNameW
GetDlgCtrlID
CloseClipboard
EmptyClipboard
IsChild
CreateCaret
ValidateRect
TrackMouseEvent
GetKeyboardLayout
PostQuitMessage
SetFocus
GetClipboardData
DestroyCaret
SetClipboardData
IsClipboardFormatAvailable
GetCaretBlinkTime
ShowCaret
KillTimer
PtInRect
GetWindowLongW
DefWindowProcW
AdjustWindowRectEx
MonitorFromPoint
GetWindowRect
DestroyWindow
InflateRect
GetDC
SetWindowPos
CopyImage
MonitorFromRect
MonitorFromWindow
SetWindowLongPtrW
FillRect
CreateWindowExW
GetIconInfo
SendMessageW
GetSystemMetrics
UnregisterClassW
GetWindowLongPtrW
RegisterClassExW
DestroyCursor
TrackPopupMenu
ShowWindow
DrawTextA
GetMonitorInfoW
CreateIconIndirect
ClientToScreen
MapWindowPoints
GetDoubleClickTime
FrameRect
GetSysColor
DestroyMenu
EnableMenuItem
RegisterWindowMessageW
IsIconic
DrawAnimatedRects
DeferWindowPos
GetSystemMenu
GetMenuState
GetWindow
FindWindowExW
GetMenu
SetActiveWindow
DispatchMessageW
RedrawWindow
PeekMessageW
DialogBoxIndirectParamW
SetLayeredWindowAttributes
GetMenuStringW
TranslateMessage
GetClassNameW
InsertMenuW
SetWindowLongW
SetRect
CreateDialogIndirectParamW
SetForegroundWindow
GetNextDlgTabItem
IsCharLowerW
CharUpperW
CharLowerW
GetFocus
GetCapture
GetComboBoxInfo
ChildWindowFromPoint
IsCharUpperW
GetWindowTextW
GetWindowTextLengthW
LoadCursorW
SetCapture
SetCursor
GetClientRect
DrawTextW
SystemParametersInfoW
GetParent
ReleaseCapture
InvalidateRect
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
CheckRadioButton
GetPropW
MessageBoxExW
EndDialog
RemovePropW
SetWindowTextW
MessageBeep
CheckMenuItem
GetActiveWindow
BeginDeferWindowPos
wvsprintfW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
IsWindowEnabled
IsDlgButtonChecked
IsCharAlphaNumericW
SetPropW
LoadIconW
EndDeferWindowPos
GetDlgItemInt
CheckDlgButton
GetSysColorBrush
SetDlgItemInt
wsprintfW
EnableWindow
LoadStringW
GetMessageTime
SendDlgItemMessageW
LoadImageW

gdi32

DeleteDC
CreatePatternBrush
GetTextMetricsW
GetDeviceCaps
GetTextExtentExPointA
Polyline
GetStockObject
StretchBlt
GdiAlphaBlend
MoveToEx
CreateCompatibleDC
GetTextExtentPoint32A
CreateDIBSection
SelectObject
ExtTextOutA
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CombineRgn
CreateBitmap
CreateRectRgn
CreateRectRgnIndirect
EndPage
DPtoLP
StartDocW
CreateFontW
EndDoc
StartPage
TranslateCharsetInfo
SetMapMode
EnumFontFamiliesExW
SetTextColor
SetBkMode
LineTo
CreatePen
ExtCreatePen
GetObjectW
SaveDC
SetBkColor
Ellipse
RestoreDC
DeleteObject
CreateSolidBrush
CreateFontIndirectW
SetTextAlign
RoundRect
ExtTextOutW
Polygon
GetTextExtentExPointW
IntersectClipRect

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW
PrintDlgW
ChooseColorW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegDeleteTreeW
RegCreateKeyExW
RegCloseKey
IsTextUnicode
GetTokenInformation
RegQueryValueExW
OpenProcessToken
RegSetValueExW

shell32

SHGetDataFromIDListW
SHGetDesktopFolder
ord180
SHAppBarMessage
SHOpenFolderAndSelectItems
SHGetKnownFolderPath
SHGetPathFromIDListW
DragQueryFileW
DragQueryPoint
Shell_NotifyIconW
SHCreateDirectoryExW
DragAcceptFiles
DragFinish
SHAddToRecentDocs
SHGetFileInfoW
ShellExecuteExW
SHBrowseForFolderW
ord190
ShellExecuteW

ole32

OleUninitialize
CoCreateGuid
OleInitialize
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
DoDragDrop
ReleaseStgMedium
CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 698KB - Virtual size: 697KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e120447a8020f30a12d7ea8feb60d32a

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

imm32

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 698KB - Virtual size: 697KB

.data Size: 69KB - Virtual size: 156KB

.pdata Size: 44KB - Virtual size: 44KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 106KB - Virtual size: 106KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 698KB - Virtual size: 697KB

.data
Size: 69KB - Virtual size: 156KB

.pdata
Size: 44KB - Virtual size: 44KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 106KB - Virtual size: 106KB

.reloc
Size: 11KB - Virtual size: 10KB