e3410d5281e6211c8ea89a315acd867de5801552f36c1e5ca89efd0666718cee

Sharing

Copy URL Twitter E-mail

General

Target

e3410d5281e6211c8ea89a315acd867de5801552f36c1e5ca89efd0666718cee
Size

1.9MB
MD5

f4db76d754c5dea540dd59d531ad9c1b
SHA1

e119cc82778d95449ff759cc7532690baa6b33c7
SHA256

e3410d5281e6211c8ea89a315acd867de5801552f36c1e5ca89efd0666718cee
SHA512

d90925b8921200e962740ea07806ca7e0ca1e37fa3cb1ad29b67d655fd170ad3fd27c93c4bac13ac8137b3c10742e4eb8a56a1a82ee456ecd192d009d940ebf2
SSDEEP

49152:0b0sjouRvNihkjlEScNptCueTfjmEhqGHb84qAznklu0/iBT9Vy:9sjouRQhKzcztCueTfjmE8G7Tzkw0/iY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3410d5281e6211c8ea89a315acd867de5801552f36c1e5ca89efd0666718cee

Files

e3410d5281e6211c8ea89a315acd867de5801552f36c1e5ca89efd0666718cee
.exe windows x86

9092aed7cd002fe07824e29d4ccbbca1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
GetModuleHandleW
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
SetLastError
DeactivateActCtx
ActivateActCtx
CompareStringA
GetLocaleInfoA
GetModuleFileNameA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
MultiByteToWideChar
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
WaitForSingleObject
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
GetCurrentProcessId
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
MulDiv
LocalFree
FormatMessageA
GlobalSize
CopyFileA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
lstrcmpW
LoadLibraryW
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
FileTimeToSystemTime
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
RaiseException
RtlUnwind
EncodePointer
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
ExitThread
CreateThread
VirtualAlloc
VirtualQuery
HeapReAlloc
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
IsProcessorFeaturePresent
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetStdHandle
GetTimeZoneInformation
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
LocalFileTimeToFileTime
lstrcpyA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
InterlockedDecrement
lstrlenW
GetSystemInfo
CreateFileA
CloseHandle
FindFirstFileA
FindClose
GetLastError
lstrlenA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
ResumeThread
Sleep
GetTempPathA
GetTickCount
DeleteFileA
GetDriveTypeW

user32

CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
DeleteMenu
RealChildWindowFromPoint
InvalidateRect
KillTimer
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
LoadCursorA
GetSysColorBrush
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperA
UnregisterClassA
IntersectRect
IsRectEmpty
OffsetRect
IsZoomed
RedrawWindow
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
GetSystemMenu
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
GetNextDlgGroupItem
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
GetMonitorInfoA
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
MapDialogRect
DestroyCursor
GetWindowRgn
RegisterWindowMessageA
GetMenuItemCount
RemoveMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
wsprintfA
PostMessageA
PtInRect
DrawIcon
GetSubMenu
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
InsertMenuA
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetScrollRange
RegisterClassA
AdjustWindowRectEx
GetWindowRect
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CopyRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
LoadMenuW
SendMessageA
IsIconic
SetWindowRgn
GetClientRect
SetTimer
LoadIconW
GetCursorPos
EnableWindow
GetSystemMetrics
SetWindowsHookExA
ShowWindow
SetWindowLongA
GetWindowLongA
GetWindowTextA
GetForegroundWindow
ScreenToClient
GrayStringA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
UnhookWindowsHookEx
GetMenuStringA
AppendMenuA
SetMenuDefaultItem
GetMenuItemID

gdi32

GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
GetObjectA
SelectObject
Escape
ExtTextOutA
TextOutA
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
CreatePen
CreateSolidBrush
CreatePatternBrush
CreateEllipticRgn
SetPixel
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
GetTextFaceA
CreateBitmap
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
DPtoLP
PatBlt
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateDIBitmap
GetTextExtentPoint32A
CreateFontIndirectA
CreateHatchBrush
GetDeviceCaps
SetPixelV
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RectVisible

advapi32

RegCloseKey
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
CryptImportKey
RegDeleteValueA
RegEnumKeyA
RegQueryValueA
RegEnumValueA

shell32

SHGetFileInfoA
SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
DragFinish
DragQueryFileA
SHGetDesktopFolder

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
VariantInit
VariantClear
SysFreeString
SysStringLen
VarBstrFromDate
SysAllocString

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

wldap32

ord22
ord211
ord143
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60

ws2_32

sendto
getaddrinfo
freeaddrinfo
connect
WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
WSAIoctl
setsockopt
getsockname
getpeername
bind
htons
getsockopt
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl
socket
closesocket
ntohs

crypt32

CertFreeCertificateContext

winmm

PlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipCreateFromHDC
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdiplusStartup
GdipDrawImageI

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9092aed7cd002fe07824e29d4ccbbca1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

wldap32

ws2_32

crypt32

winmm

oleacc

gdiplus

imm32

winspool.drv

comdlg32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 306KB - Virtual size: 305KB

.data Size: 23KB - Virtual size: 53KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 174KB - Virtual size: 174KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 306KB - Virtual size: 305KB

.data
Size: 23KB - Virtual size: 53KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 174KB - Virtual size: 174KB