ae0e58e157f7e5d38f7e8b17a6f84ce210a0c33082de4790e8679552cc0b091c

Sharing

Copy URL Twitter E-mail

General

Target

ae0e58e157f7e5d38f7e8b17a6f84ce210a0c33082de4790e8679552cc0b091c
Size

3.0MB
MD5

ae44f255eb8ca715f6135b83ca122cea
SHA1

3f5515688c74bbeb4aaadab851b3f276f02bf7ab
SHA256

ae0e58e157f7e5d38f7e8b17a6f84ce210a0c33082de4790e8679552cc0b091c
SHA512

dd6eabb70f24ea2b9f01da2971f25e43c3e91f8c377033cf00f52d2545344da0849c0deb98ffe38a4c7d88f7b5ac69b322d55a481e9382aba8ba242f8e6b6e1e
SSDEEP

49152:pFDjS008T+U0Aue4+bYSx3jqkJLRJY5jkQ6QNUwtNrOVgwOUr+JELPmlfe0i6/Ik:/DjS008CU0te4vSx3OkJLRJwj8Qmwtc8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae0e58e157f7e5d38f7e8b17a6f84ce210a0c33082de4790e8679552cc0b091c

Files

ae0e58e157f7e5d38f7e8b17a6f84ce210a0c33082de4790e8679552cc0b091c
.exe windows x86

9433d5c5e17a9a445243cc12605141e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
MoveFileExW
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
GetStringTypeW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetFileAttributesExW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
QueryPerformanceFrequency
SleepEx
TerminateThread
CreateThread
SetPriorityClass
OutputDebugStringW
CreateFileW
WriteConsoleW
GetTimeZoneInformation
CopyFileA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CloseHandle
CreateMutexA
Sleep
OutputDebugStringA
EncodePointer
SetLastError
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
LockResource
SizeofResource
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
LoadLibraryW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
MultiByteToWideChar
CompareStringA
GlobalLock
GlobalUnlock
GlobalFree
SetEvent
WaitForSingleObject
CreateEventA
SetThreadPriority
SuspendThread
ResumeThread
GetCurrentThread
GetVersionExA
GetModuleFileNameA
GlobalAlloc
lstrcmpA
FindResourceW
WideCharToMultiByte
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentProcessId
GlobalSize
LocalFree
MulDiv
FormatMessageA
DecodePointer
EnterCriticalSection
LeaveCriticalSection
GlobalFlags
InitializeCriticalSection
GetAtomNameA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
GetCurrentDirectoryA
DeleteFileA
CreateFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
FileTimeToSystemTime
SystemTimeToFileTime
lstrcpyA
FindResourceExW
GetWindowsDirectoryA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileAttributesA
SetFileTime
SystemTimeToTzSpecificLocalTime
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
GetTickCount
GetProfileIntA
SearchPathA
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
LocalLock
LocalUnlock
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
LoadImageW
TrackMouseEvent
IntersectRect
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
DestroyIcon
DeleteMenu
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
CopyImage
GetSysColorBrush
RealChildWindowFromPoint
OffsetRect
SetRectEmpty
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageA
GetDesktopWindow
MapVirtualKeyA
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
MonitorFromPoint
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetComboBoxInfo
PostThreadMessageA
GetKeyboardLayout
InvalidateRect
ShowScrollBar
GetClientRect
GetWindowRect
SetCursor
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
UnionRect
GetActiveWindow
UpdateLayeredWindow
GetCursorPos
PtInRect
LoadCursorA
LoadIconW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
DrawIcon
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
TrackPopupMenuEx
UpdateWindow
SetActiveWindow
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
UnregisterClassA
EnableWindow
MessageBoxA
SendMessageA
PostMessageA
IsIconic
GetFocus
SetTimer
KillTimer
GetSystemMetrics
CreatePopupMenu
AppendMenuA
GetTabbedTextExtentW
GetTabbedTextExtentA
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
EnumChildWindows
GetDCEx
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
LoadIconA
ToAsciiEx

gdi32

GetTextFaceA
GetTextExtentPoint32W
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
GetCurrentObject
OffsetRgn
GetRgnBox
Rectangle
StretchDIBits
GetCharWidthA
CreateFontA
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetDIBits
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
CreateCompatibleBitmap
EnumFontFamiliesExA
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
GetTextMetricsA
GetTextExtentPoint32A
CreateFontIndirectA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

winspool.drv

GetJobA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

SystemFunction036
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
DragFinish
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
DragQueryFileA
SHGetMalloc
ShellExecuteA
SHGetDesktopFolder

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor

ole32

StgOpenStorageOnILockBytes
StgIsStorageFile
CreateFileMoniker
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleQueryCreateFromData
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CreateStreamOnHGlobal
CLSIDFromString
StringFromGUID2
CoDisconnectObject
CoInitializeEx
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
GetHGlobalFromILockBytes
OleRun
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData

oleaut32

LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
LoadTypeLi
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysFreeString
SysAllocStringLen
SafeArrayGetLBound
VariantClear
VariantInit

oledlg

ord8

ws2_32

ntohs
htons

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipSetInterpolationMode
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

timeKillEvent
timeSetEvent
PlaySoundA
timeBeginPeriod
timeEndPeriod

wpcap

pcap_sendpacket
pcap_freealldevs
pcap_findalldevs
pcap_open
pcap_close
pcap_next_ex

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 517KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9433d5c5e17a9a445243cc12605141e4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

oleacc

gdiplus

imm32

winmm

wpcap

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 517KB - Virtual size: 517KB

.data Size: 47KB - Virtual size: 301KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 173KB - Virtual size: 173KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 517KB - Virtual size: 517KB

.data
Size: 47KB - Virtual size: 301KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 173KB - Virtual size: 173KB