2e304195f159dd4bfeea691767703c66897b8bcdfec3925c813f68599fb157fc

Sharing

Copy URL Twitter E-mail

General

Target

2e304195f159dd4bfeea691767703c66897b8bcdfec3925c813f68599fb157fc
Size

1.4MB
MD5

e26ca525f4703d472a3e32788231d27b
SHA1

6221debbe47d083101f275184c3dc6eb6e1206f0
SHA256

2e304195f159dd4bfeea691767703c66897b8bcdfec3925c813f68599fb157fc
SHA512

0d17c70c75003cd158783f8747594caf6e216625946f57df7b3607501ddfaf63059ec2248bf260b76f2ce058c336751014a18053b79d47625c7a6cef22aa632b
SSDEEP

24576:Hdj7MWsaERzQPMoSxczszgjVtJJRtAQT2fGytx:9j777vszW7Thytx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e304195f159dd4bfeea691767703c66897b8bcdfec3925c813f68599fb157fc

Files

2e304195f159dd4bfeea691767703c66897b8bcdfec3925c813f68599fb157fc
.exe windows x86

65f67fdade657185299408a32df19534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
CoInitialize
CoUninitialize
CoCreateInstance
OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
WriteFmtUserTypeStg
ReadFmtUserTypeStg
CoTaskMemFree

shlwapi

PathRemoveFileSpecA
PathFindExtensionA
PathIsDirectoryA
PathIsNetworkPathA
PathFileExistsA
PathAppendA

user32

OffsetRect
SetWindowPos
ReleaseCapture
SetCapture
IsDialogMessageA
SetActiveWindow
DrawAnimatedRects
GetKeyboardState
GetSystemMenu
SetRectEmpty
IsWindowEnabled
RegisterWindowMessageA
DefWindowProcA
RegisterClassExA
FindWindowA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
InsertMenuItemA
GetSysColor
CreateDialogIndirectParamA
ModifyMenuA
SetMenu
keybd_event
CreateDialogParamA
UnregisterHotKey
RegisterHotKey
IsIconic
FlashWindowEx
InvalidateRgn
HideCaret
GetFocus
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
GetForegroundWindow
SetForegroundWindow
SetTimer
GetSubMenu
EnableMenuItem
SetMenuDefaultItem
DeleteMenu
CheckMenuItem
ClientToScreen
GetKeyState
KillTimer
IsZoomed
CallWindowProcA
ScreenToClient
DialogBoxParamA
CheckRadioButton
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
MonitorFromPoint
GetMonitorInfoA
SystemParametersInfoA
CopyRect
DestroyMenu
LoadMenuA
LoadStringA
CreateWindowExA
GetSystemMetrics
DestroyWindow
EndDialog
LoadBitmapA
GetCursorPos
MoveWindow
InvalidateRect
UpdateWindow
PostQuitMessage
CharLowerA
IsDlgButtonChecked
CheckDlgButton
GetSysColorBrush
GetDlgItemTextA
SetWindowTextA
GetMessagePos
MapWindowPoints
LoadImageA
LoadCursorA
SetCursor
PtInRect
FillRect
DrawTextA
SetFocus
MessageBoxA
EnableWindow
ShowWindow
GetClientRect
GetDC
BeginPaint
ReleaseDC
EndPaint
GetWindowLongA
SetWindowLongA
GetWindowTextA
GetParent
SetDlgItemTextA
GetDlgItem
GetIconInfo
SendMessageA
PostMessageA
GetDesktopWindow
GetWindowRect
CharUpperA

gdi32

RealizePalette
GetDIBits
GetROP2
SetROP2
CreateSolidBrush
GetStockObject
CreateFontA
OffsetWindowOrgEx
SetWindowOrgEx
GetObjectA
CreateFontIndirectA
CreatePen
MoveToEx
LineTo
CreateDCA
GetDeviceCaps
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
BitBlt
DeleteDC
SetTextColor
SetBkColor

comdlg32

ChooseFontA
ChooseColorA
GetOpenFileNameA

advapi32

RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
GetUserNameA
RegCloseKey

shell32

DragAcceptFiles
Shell_NotifyIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

comctl32

PropertySheetA
CreatePropertySheetPageA
ImageList_LoadImageA
ord17
ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_Remove
ord6

winmm

sndPlaySoundA

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

msvcrt

ftell
fseek
fwrite
fread
_purecall
fflush
fclose
_strnicmp
floor
ldiv
memmove
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_ftol
_tzset
localtime
strftime
malloc
free
_stricmp
fputc
getc
fgets
fscanf
calloc
_CIpow
realloc
_setjmp3
__CxxLongjmpUnwind
printf
isprint
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
atol
_itoa
_ultoa
_ltoa
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
fopen
strncat
atoi
abs
??2@YAPAXI@Z
strncmp
__CxxFrameHandler
_endthread
strcmp
strcat
strncpy
_beginthread
longjmp
abort
_snprintf
fprintf
_iob
strtod
sscanf
getenv
_endthreadex
_beginthreadex
setlocale
time
srand
memset
memcpy
strcpy
strlen
sprintf
memcmp
rand

kernel32

CreateFileA
DeleteFileA
WinExec
CreateDirectoryA
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
Sleep
WideCharToMultiByte
CloseHandle
GetLocalTime
MultiByteToWideChar
GetStartupInfoA
GetModuleHandleA
GlobalSize
GlobalLock
GlobalUnlock
DeleteCriticalSection
GetComputerNameA
InitializeCriticalSection
CreateMutexA
GetLastError
ExitProcess
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
Beep
GetTickCount
EnterCriticalSection
CreateEventA
LeaveCriticalSection
GetTempPathA
GetFileAttributesA
ExitThread
CreateThread
TerminateThread
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
WritePrivateProfileStringA
ResetEvent
SetEvent
WaitForSingleObject
GetExitCodeThread

Sections

.text
Size: 532KB - Virtual size: 530KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 820KB - Virtual size: 819KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65f67fdade657185299408a32df19534

Headers

File Characteristics

Imports

ole32

shlwapi

user32

gdi32

comdlg32

advapi32

shell32

comctl32

winmm

wtsapi32

msvcrt

kernel32

Sections

.text Size: 532KB - Virtual size: 530KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 24KB - Virtual size: 413KB

.rsrc Size: 820KB - Virtual size: 819KB

.text
Size: 532KB - Virtual size: 530KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 24KB - Virtual size: 413KB

.rsrc
Size: 820KB - Virtual size: 819KB