eeaa3c71600b95cd697fe1fad48755f3ff2453bfe593a41f5cf9c02bd750f3d5

Sharing

Copy URL

Twitter E-mail

General

Target

eeaa3c71600b95cd697fe1fad48755f3ff2453bfe593a41f5cf9c02bd750f3d5
Size

15.9MB
MD5

ddb17187b545d0cbd27c9da184896c31
SHA1

2863250e55a378f7099f1e8b6651a8d058f118ae
SHA256

eeaa3c71600b95cd697fe1fad48755f3ff2453bfe593a41f5cf9c02bd750f3d5
SHA512

8e9a69f6928f94c6ef0ffe3115d95013d28ee08090a4b377afdcf1017931046ab25386c515eb5d4b7f488a88dd6f59c415c7cce616b9723b224b7f41605ae371
SSDEEP

393216:7TOFIxcF/1m1xnup2cXVb+eOKn1cOpBN57OLkDBMKICqNfkpJno4:mIxgtYUJlb+RI+43ywD6hVN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eeaa3c71600b95cd697fe1fad48755f3ff2453bfe593a41f5cf9c02bd750f3d5

Files

eeaa3c71600b95cd697fe1fad48755f3ff2453bfe593a41f5cf9c02bd750f3d5
.exe windows x64

0998aa46f421401d8c829d7be9350bf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHGetFileInfoA
SHGetFolderPathA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA

kernel32

GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
AreFileApisANSI
GetSystemTimeAsFileTime
GetCommandLineA
GetSystemInfo
VirtualAlloc
VirtualQuery
ExitThread
HeapQueryInformation
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTickCount
GetStartupInfoW
GetStdHandle
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
GetStringTypeW
LCMapStringW
IsValidLocale
WriteConsoleW
OutputDebugStringW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
Sleep
GetCurrentDirectoryA
SetConsoleMode
ReadConsoleInputA
lstrlenA
GetTempFileNameA
TerminateProcess
CreateDirectoryA
DeleteFileA
GetLastError
CreateMutexA
GetCurrentProcess
GetVersionExA
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
SetThreadExecutionState
LoadLibraryA
GetTempPathA
SetConsoleCtrlHandler
CloseHandle
DeviceIoControl
CreateFileA
GetSystemDirectoryA
GetWindowsDirectoryA
CreateThread
LocalFree
ReadFile
WriteFile
CreateNamedPipeA
GetSystemFirmwareTable
GetSystemPowerStatus
SetCurrentDirectoryA
HeapReAlloc
FindResourceW
LoadResource
HeapAlloc
DeleteVolumeMountPointA
HeapFree
GetProcessHeap
WideCharToMultiByte
GetFirmwareEnvironmentVariableA
SizeofResource
LeaveCriticalSection
InitializeCriticalSectionEx
RaiseException
HeapSize
EnterCriticalSection
LockResource
DecodePointer
DeleteCriticalSection
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetCPInfo
GetOEMCP
GetFileAttributesA
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
GetACP
lstrcmpiA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
ExitProcess
SetVolumeLabelA
FindVolumeClose
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SetErrorMode
FileTimeToSystemTime
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
InitializeCriticalSectionAndSpinCount
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
FindResourceA
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
FreeResource
OutputDebugStringA
ResumeThread
SetThreadPriority
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
GetCurrentThread
CopyFileA
FormatMessageA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
GetCurrentProcessId
MultiByteToWideChar
CreatePipe
GetStartupInfoA
FindNextVolumeA
GetDiskFreeSpaceExA
FindFirstVolumeA
GetVolumePathNamesForVolumeNameA
CreateProcessA
SetVolumeMountPointA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
WaitForSingleObject
SetFirmwareEnvironmentVariableA
EnumSystemLocalesW

user32

DestroyCursor
GetWindowRgn
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
MapVirtualKeyExA
IsCharLowerA
PostThreadMessageA
GetComboBoxInfo
RegisterClipboardFormatA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongPtrA
LockWindowUpdate
SetParent
SetRect
SetCursorPos
GetSystemMenu
LoadMenuW
IsZoomed
TrackMouseEvent
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
NotifyWinEvent
InvertRect
HideCaret
MessageBeep
GetMenuDefaultItem
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuItemInfoA
MonitorFromPoint
EnableScrollBar
DestroyMenu
GetAsyncKeyState
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
IntersectRect
CharUpperA
LoadCursorW
WaitMessage
DeleteMenu
RealChildWindowFromPoint
GetSysColorBrush
IsDialogMessageA
SetWindowTextA
CheckDlgButton
GetDlgItemTextA
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
MapDialogRect
SetScrollInfo
UnhookWindowsHookEx
GetWindow
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetIconInfo
DrawIconEx
CopyImage
LoadImageA
DestroyIcon
LoadIconA
PtInRect
IsRectEmpty
OffsetRect
InflateRect
SetRectEmpty
DrawFocusRect
MessageBoxA
wsprintfA
ExitWindowsEx
SystemParametersInfoA
BlockInput
WindowFromPoint
InvalidateRect
ReleaseCapture
SetCapture
GetNextDlgGroupItem
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
SendDlgItemMessageA
CopyRect
ReleaseDC
GetDC
MapVirtualKeyA
GetKeyNameTextA
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
GetScrollInfo
TranslateMDISysAccel
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
RegisterClassExA
CreateWindowExA
UnregisterClassA
LoadCursorA
EnableWindow
UpdateWindow
GetSystemMetrics
PostMessageA
GetDesktopWindow
RedrawWindow
PeekMessageA
LoadIconW
SendMessageA
GetClientRect
DrawIcon
KillTimer
IsIconic
PostQuitMessage
SetTimer
SetCursor
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
ShowOwnedPopups
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
IsWindow
CreatePopupMenu

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
CreateSolidBrush
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32A
CreateFontIndirectA
GetTextMetricsA
CombineRgn
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
CreateRoundRectRgn
GetRgnBox
OffsetRgn
EnumFontFamiliesExA
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPixelV
GetTextFaceA
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateFontA
CreateCompatibleBitmap
DeleteDC
DeleteObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
CloseServiceHandle
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
StartServiceA
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
ControlService

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetThemePartSize
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed

ole32

OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateGuid
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleDuplicateData
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard

oleaut32

SafeArrayGetElement
SafeArrayPutElement
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantCopy
VarBstrFromDate
LoadTypeLi
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantClear

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 680KB - Virtual size: 679KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0998aa46f421401d8c829d7be9350bf4

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 680KB - Virtual size: 679KB

.data Size: 37KB - Virtual size: 147KB

.pdata Size: 100KB - Virtual size: 99KB

.rsrc Size: 217KB - Virtual size: 216KB

.reloc Size: 60KB - Virtual size: 59KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 680KB - Virtual size: 679KB

.data
Size: 37KB - Virtual size: 147KB

.pdata
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 217KB - Virtual size: 216KB

.reloc
Size: 60KB - Virtual size: 59KB