e36b738c7f8245950e72fe26b00f75d2189f5c69b96f66eb1c7bcf4980bea83d

Sharing

Copy URL Twitter E-mail

General

Target

e36b738c7f8245950e72fe26b00f75d2189f5c69b96f66eb1c7bcf4980bea83d
Size

3.6MB
MD5

17f11506e01227f69098443898dd3623
SHA1

0f6822f67f50797ed69c3b776030ac5848caab71
SHA256

e36b738c7f8245950e72fe26b00f75d2189f5c69b96f66eb1c7bcf4980bea83d
SHA512

83ee5949a4ad960be1c96ca89797ed64c8ffce53320a8bb80a48cd9158a4c35065d78eb2c6714cb1c832552fe48f3879e383141b0a9007f28ceef76732d5664a
SSDEEP

49152:wjEBQ0uRBgGwQrKsuXK88CdPRWKZfKYrTIGkH42Uuz2uZDN7x:wgK3QPpPM1z2uZDN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e36b738c7f8245950e72fe26b00f75d2189f5c69b96f66eb1c7bcf4980bea83d

Files

e36b738c7f8245950e72fe26b00f75d2189f5c69b96f66eb1c7bcf4980bea83d
.exe windows x86

d97830d33905dd8396374eaf786ca48b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
SetEnvironmentVariableA
CreateFileW
LCMapStringW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
HeapQueryInformation
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
WaitForSingleObjectEx
SetStdHandle
GetSystemTimeAsFileTime
WriteConsoleW
OutputDebugStringW
GetFileType
GetStdHandle
VirtualQuery
VirtualAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
ExitProcess
ExitThread
CreateThread
GetSystemInfo
HeapValidate
GetCommandLineA
RtlUnwind
GetModuleHandleExW
SearchPathA
Sleep
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetTickCount
GetTempFileNameA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetWindowsDirectoryA
FindResourceExW
GetCPInfo
GetOEMCP
ResetEvent
FileTimeToSystemTime
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetACP
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFlags
VirtualProtect
GetProfileIntA
GetAtomNameA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
LoadLibraryA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThread
SuspendThread
GetCurrentThreadId
WaitForSingleObject
SetEvent
FindResourceA
LoadLibraryW
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
CreateEventA
SetLastError
GetLastError
CloseHandle
OutputDebugStringA
CreateFileA
CancelIo

user32

GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ScrollWindow
TrackPopupMenu
SetMenu
GetMenu
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
SetFocus
CopyRect
GetSysColor
InvertRect
FrameRect
FillRect
DrawFocusRect
GetSysColorBrush
DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
IsMenu
SetWindowPos
GetWindowThreadProcessId
MessageBoxA
SetCursor
NotifyWinEvent
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
GetWindow
GetLastActivePopup
GetTopWindow
WinHelpA
SetParent
DestroyMenu
WindowFromPoint
GetClipboardFormatNameA
ScreenToClient
ClientToScreen
HideCaret
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
InvalidateRgn
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetCapture
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageA
PostQuitMessage
CallNextHookEx
IntersectRect
DestroyIcon
CharUpperA
LoadAcceleratorsA
RegisterDeviceNotificationA
CharUpperBuffA
GetSystemMetrics
UnregisterClassA
SendMessageA
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetDesktopWindow
GetWindowLongA
SetActiveWindow
IsWindowEnabled
EnableWindow
GetActiveWindow
GetDlgItem
EndDialog
MonitorFromWindow
GetMonitorInfoA
ShowWindow
MoveWindow
CheckDlgButton
SetWindowTextA
IsDialogMessageA
SetRect
OffsetRect
SetRectEmpty
ReleaseCapture
InflateRect
GetAsyncKeyState
RealChildWindowFromPoint
TranslateAcceleratorA
LoadImageA
ReuseDDElParam
PostMessageA
IsWindow
TabbedTextOutA
MapDialogRect
GetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
DestroyWindow
CreateDialogIndirectParamA
UnpackDDElParam
CopyImage
SystemParametersInfoA
MapWindowPoints
LoadAcceleratorsW
WaitMessage
CharNextA
CopyAcceleratorTableA
IsRectEmpty
MessageBeep
DestroyCursor
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
GetKeyNameTextA
IsClipboardFormatAvailable
CopyIcon
GetDoubleClickTime
SetClassLongA
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetIconInfo
DrawIconEx
RegisterClipboardFormatA
UnionRect
GetParent
MapVirtualKeyA
DefFrameProcA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetMapMode
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsA
GetObjectA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
DeleteDC
DeleteObject
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
EnumFontFamiliesExA
GetSystemPaletteEntries
CombineRgn
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
ExtTextOutA
SetDIBColorTable
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeText
OpenThemeData

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
StringFromGUID2
CoGetClassObject
CoInitializeEx
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
DoDragDrop
OleGetClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
ReleaseStgMedium

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SysAllocString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
VariantInit
VariantClear
SysAllocStringByteLen
SysAllocStringLen
SysFreeString

oledlg

ord8

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

hid

HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetHidGuid

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdiplusStartup
GdipFree
GdipCloneImage
GdiplusShutdown
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipAlloc
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d97830d33905dd8396374eaf786ca48b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

setupapi

hid

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 419KB - Virtual size: 418KB

.data Size: 25KB - Virtual size: 63KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 174KB - Virtual size: 174KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 419KB - Virtual size: 418KB

.data
Size: 25KB - Virtual size: 63KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 174KB - Virtual size: 174KB