cacd590eb4fdb114b165844e6d331896d8b05c6b8331c47322752e6283efc54d

Sharing

Copy URL Twitter E-mail

General

Target

cacd590eb4fdb114b165844e6d331896d8b05c6b8331c47322752e6283efc54d
Size

977KB
MD5

7eaf1df6e555863cc9a108ca37c47942
SHA1

3b93a6061d81a26eaf1c134355805c93e35bb886
SHA256

cacd590eb4fdb114b165844e6d331896d8b05c6b8331c47322752e6283efc54d
SHA512

e4bfa4e3bb86b0729a7b77dc20ae27a6e09f07854d73e07d1fbc7c8931b5f34331bec32203bacd02485ff4c1b58d10d4d8faf6becd13cf99393f74a0fe509981
SSDEEP

12288:xNgDZ31tbzMkmxC5FzpQdNmbMbqyVvGJJiTY6k:K5bzMkmIzpQdNmVycUY6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cacd590eb4fdb114b165844e6d331896d8b05c6b8331c47322752e6283efc54d

Files

cacd590eb4fdb114b165844e6d331896d8b05c6b8331c47322752e6283efc54d
.exe windows x64

6b2645f3b6f6b568d5415de0ec4cfb6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

efpmres

r

user32

GetDlgItemInt
SetWindowPos
SetDlgItemInt
GetWindowThreadProcessId
GetFocus
GetWindow
GetTopWindow
SystemParametersInfoW
DrawIconEx
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
GetForegroundWindow
SetWindowsHookExW
UpdateWindow
GetWindowLongW
IsIconic
GetSystemMenu
GetScrollInfo
DeleteMenu
ReleaseCapture
SetCapture
UnhookWindowsHookEx
PostQuitMessage
EnableMenuItem
GetWindowLongPtrW
RegisterClassExW
UnregisterClassW
GetClassInfoExW
CreateWindowExW
SetWindowTextW
SetWindowTextA
GetWindowTextW
GetWindowTextLengthW
SetWindowLongPtrW
GetClassLongPtrW
SetClassLongPtrW
PostMessageW
InvalidateRect
DrawTextW
IsWindow
IsWindowVisible
SetFocus
MessageBeep
MessageBoxW
MessageBoxA
DialogBoxParamW
CheckMenuItem
TrackPopupMenuEx
GetSystemMetrics
GetMenuItemInfoW
PeekMessageW
GetMenuItemCount
DefWindowProcW
SetMenuItemInfoW
CharLowerW
CharUpperW
CharUpperA
WindowFromPoint
GetSysColorBrush
GetSysColor
LoadBitmapW
GetMessageTime
GetWindowPlacement
SetWindowPlacement
SetClipboardData
EmptyClipboard
FindWindowW
DestroyWindow
ShowWindow
EnableWindow
IsWindowEnabled
DrawStateW
DrawFocusRect
DrawFrameControl
FrameRect
ExitWindowsEx
BringWindowToTop
SetForegroundWindow
SetActiveWindow
GetActiveWindow
CheckMenuRadioItem
CreateMenu
SetMenu
CreatePopupMenu
LoadImageW
MoveWindow
DestroyIcon
SetWindowLongW
WinHelpW
SetTimer
GetDC
ReleaseDC
GetCursorPos
ScreenToClient
GetDlgItem
CallNextHookEx
CreateAcceleratorTableW
DestroyAcceleratorTable
VkKeyScanW
GetParent
BeginPaint
EndPaint
CallWindowProcW
OemToCharBuffW
FillRect
EndDialog
OpenClipboard
GetClipboardData
CloseClipboard
GetMenu
IsMenu
DestroyMenu
GetClientRect
SendMessageW
LoadCursorW
SetCursor
InsertMenuItemW
GetWindowRect
GetDesktopWindow
KillTimer

gdi32

Rectangle
GetTextMetricsW
SetBkColor
MoveToEx
LineTo
CreatePen
GetStockObject
BitBlt
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
CreateBitmap
CreatePatternBrush
GetTextExtentPoint32W
GetDeviceCaps
GetObjectW
CreateFontIndirectW
SetBkMode
PatBlt
SelectObject
SetTextColor
DeleteObject

advapi32

RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitiateSystemShutdownW
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

shell32

SHGetPathFromIDListW
SHFileOperationW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
ord727
SHGetFileInfoW
CommandLineToArgvW
ShellExecuteExW
SHGetDataFromIDListW

ole32

OleInitialize
OleUninitialize

comdlg32

GetOpenFileNameW
ChooseColorW
ChooseFontW
GetSaveFileNameW

comctl32

ImageList_SetBkColor
InitCommonControlsEx
ord17
ImageList_Destroy
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Create
CreateToolbarEx
ImageList_AddMasked

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
SetStdHandle
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
WriteConsoleA
ExpandEnvironmentStringsW
GetConsoleCP
LCMapStringW
LCMapStringA
HeapCreate
HeapSetInformation
GetFileType
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
CreateMutexW
Sleep
GetLocalTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
DeviceIoControl
GetVersionExW
GetDiskFreeSpaceW
SetLastError
CreateDirectoryW
DeleteFileW
SetErrorMode
GetModuleFileNameW
GetUserDefaultLangID
GetModuleHandleW
lstrlenW
lstrcpyW
GlobalUnlock
GlobalLock
SuspendThread
GetComputerNameW
GetCurrentProcessId
GetSystemInfo
GetProcessVersion
GetDateFormatW
GetTickCount
SetCurrentDirectoryW
RemoveDirectoryW
CopyFileW
SetFileTime
MoveFileW
MoveFileExW
SetThreadPriority
CreateThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
SearchPathW
GetSystemTimeAsFileTime
GetProcessTimes
GetPriorityClass
OpenProcess
FreeLibrary
SetPriorityClass
GetCurrentThreadId
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
WaitForSingleObject
ReleaseMutex
LoadLibraryW
GetCommandLineW
GlobalFree
LeaveCriticalSection
EnterCriticalSection
CloseHandle
SetFilePointer
SetEndOfFile
GetFileTime
FileTimeToLocalFileTime
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
CompareStringA
VirtualProtect
QueryPerformanceCounter
GetTimeFormatW
LocalFileTimeToFileTime
MulDiv
GlobalAlloc
GetLastError
LocalFree
FormatMessageW
TerminateProcess
GetSystemDefaultLangID
GetLocaleInfoW
DeleteCriticalSection
GetFullPathNameW
ReadFile
WriteFile
UnhandledExceptionFilter
GetShortPathNameW
GetWindowsDirectoryW
GetCurrentProcess
GetTempPathW
GetFileAttributesW
SetFileAttributesW
CreateFileW
GetBinaryTypeW
FindNextFileW
FindClose
FindFirstFileW
FindFirstFileExW
GetFileInformationByHandle
GetFileSize
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
RaiseException
RtlPcToFileHeader

Sections

.text
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b2645f3b6f6b568d5415de0ec4cfb6e

Headers

DLL Characteristics

File Characteristics

Imports

efpmres

user32

gdi32

advapi32

shell32

ole32

comdlg32

comctl32

version

kernel32

Sections

.text Size: 357KB - Virtual size: 357KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 19KB - Virtual size: 36KB

.pdata Size: 23KB - Virtual size: 23KB

.rsrc Size: 512KB - Virtual size: 511KB

.text
Size: 357KB - Virtual size: 357KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 19KB - Virtual size: 36KB

.pdata
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 512KB - Virtual size: 511KB