ca65e34fe3700397f1c49a933b69780181a5a2a6e964ac57ab495d1733abcb37

Sharing

Copy URL Twitter E-mail

General

Target

ca65e34fe3700397f1c49a933b69780181a5a2a6e964ac57ab495d1733abcb37
Size

717KB
MD5

fa0467d75ad96652088bfcc9be810c58
SHA1

1a0280eb7ff3e4e9586f559682e344ea8d5e5dde
SHA256

ca65e34fe3700397f1c49a933b69780181a5a2a6e964ac57ab495d1733abcb37
SHA512

0500dc8725d93be1304f375bc2385c04f2d3ec6e766284881243e39d016fb7c2ede007b9900557748e5650ccd9018936a83ca22bebe9c0b667cd13e3474febe0
SSDEEP

12288:FQ7P9/v9gZDQXS40sW9yvkpGleAyTw6asNkr:FQ7Px9giXFW9yspGleAyE6a9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca65e34fe3700397f1c49a933b69780181a5a2a6e964ac57ab495d1733abcb37

Files

ca65e34fe3700397f1c49a933b69780181a5a2a6e964ac57ab495d1733abcb37
.exe windows x64

03c72281cc4956833d2e5f78039975a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RtlPcToFileHeader
HeapSize
RtlVirtualUnwind
HeapSetInformation
HeapCreate
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetStdHandle
GetACP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
RaiseException
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
RtlUnwindEx
RtlLookupFunctionEntry
GetStartupInfoA
GetProcessHeap
GetCommandLineA
HeapReAlloc
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
SetErrorMode
FileTimeToLocalFileTime
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DeleteFileA
MoveFileA
FileTimeToSystemTime
GetThreadLocale
GetOEMCP
GetCPInfo
GetModuleFileNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
lstrcmpA
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
FreeResource
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetModuleHandleA
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
SetFileTime
WriteFile
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
SetFilePointer
CreateFileA
LockResource
WideCharToMultiByte
GetLastError
GetFileAttributesA
Sleep
CreateDirectoryA
FindClose
FindFirstFileA
MultiByteToWideChar
GetVersion
CompareStringW
CompareStringA
GetStringTypeExA
LoadLibraryA
GetProcAddress
SizeofResource
LoadResource
FindResourceA
lstrcmpiA
lstrlenW
GetFileType
lstrlenA

user32

SetWindowRgn
CreateMenu
GetTabbedTextExtentA
UnregisterClassA
KillTimer
SetTimer
GetSysColorBrush
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
FillRect
LoadCursorA
DestroyCursor
SetRect
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
CreateDialogIndirectParamA
EndDialog
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
PostQuitMessage
GetMenuStringA
InsertMenuA
RemoveMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
DrawIcon
GetForegroundWindow
DispatchMessageA
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
BeginDeferWindowPos
EndDeferWindowPos
SetParent
GetClientRect
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
PtInRect
GetDC
ReleaseDC
GetWindowRect
IsZoomed
GetSystemMetrics
RegisterWindowMessageA
UnpackDDElParam
CharUpperA
wsprintfA
UpdateWindow
EnableWindow
ReuseDDElParam
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
FindWindowA
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetKeyState
GetDlgCtrlID
PostThreadMessageA
SetCapture
LockWindowUpdate
GetDCEx
GetWindowTextA
WindowFromPoint
TranslateAcceleratorA
IsWindow
GetWindow
ShowWindow
GetWindowLongA
GetDesktopWindow
SetMenu
PostMessageA
BringWindowToTop
GetLastActivePopup
CopyRect
SetRectEmpty
OffsetRect
IntersectRect
GetClassInfoA
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
InsertMenuItemA
SendMessageA
IsIconic
InvalidateRect
IsWindowVisible
SetActiveWindow
GetParent
LoadAcceleratorsA
ReleaseCapture
GetCapture
PeekMessageA
SetCursor
LoadIconA
GetMenu
GetNextDlgTabItem

gdi32

BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetWindowExtEx
CreateSolidBrush
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
CreateCompatibleBitmap
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetStockObject
PatBlt
Rectangle
GetViewportOrgEx
CreatePen
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
CreateDCA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
StretchDIBits
DeleteDC
GetObjectA
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateCompatibleDC
ExcludeClipRect

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

RegDeleteValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysAllocStringLen

Sections

.text
Size: 487KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03c72281cc4956833d2e5f78039975a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 487KB - Virtual size: 487KB

.rdata Size: 156KB - Virtual size: 155KB

.data Size: 15KB - Virtual size: 38KB

.pdata Size: 36KB - Virtual size: 35KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 487KB - Virtual size: 487KB

.rdata
Size: 156KB - Virtual size: 155KB

.data
Size: 15KB - Virtual size: 38KB

.pdata
Size: 36KB - Virtual size: 35KB

.rsrc
Size: 21KB - Virtual size: 21KB