eb13a8a49e787a174b9f1da845a8d5774f3b966db5ed4e13cee9412667816925

Sharing

Copy URL Twitter E-mail

General

Target

eb13a8a49e787a174b9f1da845a8d5774f3b966db5ed4e13cee9412667816925
Size

3.3MB
MD5

132e1846f66c999c150967baafd076cd
SHA1

0699987f5e0930fdcdf1ab75dcfaa0d265fe7ab4
SHA256

eb13a8a49e787a174b9f1da845a8d5774f3b966db5ed4e13cee9412667816925
SHA512

cbb2821aa176005a61af23bc1ca27297402e19fea11d3db95262017a5d2eaf981258915920649249ee833e6b446b8156d6098f8a33f38ca048fc51b45ed1bbc3
SSDEEP

98304:eb4IFDxTKN2e+eCqXGXDGqhHCiCFLOAkGkzdnEVomFHKnPb:efxDDGqhHCiCFLOyomFHKnPb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb13a8a49e787a174b9f1da845a8d5774f3b966db5ed4e13cee9412667816925

Files

eb13a8a49e787a174b9f1da845a8d5774f3b966db5ed4e13cee9412667816925
.exe windows x86

2f948283c44a04c1f2064f120b1f3f37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
HeapQueryInformation
SetStdHandle
RtlUnwind
GetCommandLineW
GetSystemInfo
VirtualAlloc
ExitThread
GetFileType
GetStdHandle
ExitProcess
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
VirtualQuery
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetTempFileNameW
FindResourceExW
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
SearchPathW
GetProfileIntW
GetTempPathW
VirtualProtect
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GetFileSize
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadLocale
GlobalGetAtomNameW
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
lstrcpyW
GlobalAddAtomW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetCurrentThread
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventW
WaitForSingleObject
SetEvent
CopyFileW
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
QueryPerformanceCounter
WideCharToMultiByte
QueryPerformanceFrequency
OutputDebugStringW
MultiByteToWideChar
InitializeCriticalSection
GetTickCount
lstrcmpiW
Sleep
GetPrivateProfileStringW
GetFileAttributesW
FindClose
GetModuleFileNameW
FindNextFileW
FindFirstFileW
CloseHandle
GetVersionExW
CreateMutexW
GetProcessHeap
DeleteCriticalSection
LocalFree
DecodePointer
FileTimeToLocalFileTime
HeapAlloc
SizeofResource
FindResourceW
LoadResource
RaiseException
HeapReAlloc
LockResource
FileTimeToSystemTime
GetLastError
HeapSize
LocalAlloc
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
CreateThread
WriteConsoleW

user32

CopyImage
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SystemParametersInfoW
SetLayeredWindowAttributes
RealChildWindowFromPoint
LoadCursorW
SetRectEmpty
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
SetParent
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
InvalidateRect
UpdateWindow
IntersectRect
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CopyRect
MapVirtualKeyW
CopyIcon
LoadMenuW
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
UnhookWindowsHookEx
PtInRect
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetLastActivePopup
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
UnregisterClassW
EnableWindow
IsIconic
RegisterWindowMessageW
GetClientRect
GetWindowThreadProcessId
GetWindowLongW
MessageBoxW
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
DrawFocusRect
GetSysColorBrush
MapWindowPoints
SetWindowRgn
MonitorFromPoint
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
SetCapture
ReleaseCapture
GetSystemMenu
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
SetCursorPos
SetRect
DrawStateW
GetFocus
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
IsMenu
LoadIconW
RedrawWindow
LoadAcceleratorsW
DrawIcon
GetSystemMetrics
SendMessageW
PostMessageW
GetWindowTextW
ReleaseDC
GetParent
KillTimer
SetTimer
FillRect
GetDC
GetWindowRect
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
GetMessageW
TranslateMessage
DispatchMessageW
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
DrawEdge
DrawFrameControl
GetIconInfo
WaitMessage
UpdateLayeredWindow
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetWindowRgn
DestroyCursor
CreateMenu
InvertRect
HideCaret
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
IsClipboardFormatAvailable
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
SubtractRect
CreateAcceleratorTableW
GetKeyNameTextW

gdi32

LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateEllipticRgn
CreateRectRgnIndirect
Ellipse
GetBkColor
IntersectClipRect
PatBlt
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CreateFontIndirectW
GetMapMode
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetStockObject
CreateSolidBrush
GetTextColor
CreatePen
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileW
ShellExecuteW
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW

uxtheme

DrawThemeBackground
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeParentBackground

ole32

CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoDisconnectObject
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth

crypt32

CertGetNameStringW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust

fwupdater

FWU_Get_FW_ErrorCode
RF52810_flag
Step_cont
FWU_Update
FWU_GetDllVersion
model
FWU_GetFileInfo

winmm

PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f948283c44a04c1f2064f120b1f3f37

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

crypt32

wintrust

fwupdater

winmm

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 330KB - Virtual size: 329KB

.data Size: 23KB - Virtual size: 40KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 138KB - Virtual size: 138KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 330KB - Virtual size: 329KB

.data
Size: 23KB - Virtual size: 40KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 138KB - Virtual size: 138KB