e67f781fb0c34a71c48ffc70874539ec14dad579bfc2bbb4745f60ecb60820b7

Sharing

Copy URL Twitter E-mail

General

Target

e67f781fb0c34a71c48ffc70874539ec14dad579bfc2bbb4745f60ecb60820b7
Size

2.3MB
MD5

60157b1101466756069487cf88935f82
SHA1

c2b73591a60c334d867942a2161575b2fd5a6d8e
SHA256

e67f781fb0c34a71c48ffc70874539ec14dad579bfc2bbb4745f60ecb60820b7
SHA512

fbaf63cb3bd01217b1bc3bd64ac5e7304e9a3bbf8389be971a864e54f82739784696fe5eaddbbdfc4752131eae85cc98c2d42a3f8de13553122514209bade4ca
SSDEEP

49152:tgFQPbmFY7LaROhAW/kBVXlo72wvkznakZCfqVCZwgpnClADHHQ:XbmFYyohAWYXlo72wvYFZCfqVCZwgpnd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e67f781fb0c34a71c48ffc70874539ec14dad579bfc2bbb4745f60ecb60820b7

Files

e67f781fb0c34a71c48ffc70874539ec14dad579bfc2bbb4745f60ecb60820b7
.exe windows x86

7afaade1956aef5936ab963a4a8fae78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetSystemTimeAsFileTime
SetStdHandle
GetFileType
GetStdHandle
GetProcessHeap
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsValidCodePage
GetACP
GetOEMCP
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
WaitForSingleObject
MultiByteToWideChar
Sleep
GetSystemDirectoryW
GetModuleFileNameW
CloseHandle
HeapSize
GetLastError
FormatMessageW
LocalFree
GetExitCodeProcess
FindFirstFileW
VirtualQuery
FindClose
SizeofResource
LockResource
LoadResource
FindResourceW
GetLocalTime
CreateDirectoryW
GetVersionExW
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
SetCurrentDirectoryW
DeleteFileW
SetFilePointer
SystemTimeToFileTime
SetFileTime
WriteFile
GetFileAttributesW
ReadFile
CreateFileW
GetCurrentDirectoryW
LocalFileTimeToFileTime
GetFileSize
GetTickCount
FileTimeToSystemTime
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
HeapReAlloc
RaiseException
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
HeapFree
HeapAlloc
FindResourceExW
GetUserDefaultLCID
GetEnvironmentVariableW
VirtualAlloc
GetSystemInfo
FindNextFileW
HeapQueryInformation
SetEnvironmentVariableW
CreateToolhelp32Snapshot
Process32FirstW
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetFileTime
GetFileSizeEx
GetFileAttributesExW
lstrcpyW
GetWindowsDirectoryW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
InterlockedExchange
InterlockedIncrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
lstrcmpA
GlobalGetAtomNameW
SetErrorMode
FileTimeToLocalFileTime
InterlockedDecrement
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryW
LoadLibraryA
lstrcmpW
Process32NextW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleA
FreeResource
FreeLibrary
GetVersion
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
DecodePointer
EncodePointer
OutputDebugStringA
GetCurrentProcessId
CopyFileW
GetModuleHandleW
GetCommandLineW
TerminateProcess
OpenProcess

user32

GetWindowRgn
DrawIcon
SetRect
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
IsIconic
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageW
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
CharUpperW
DestroyIcon
InvalidateRect
DeleteMenu
SetCursor
ShowOwnedPopups
LoadMenuW
RealChildWindowFromPoint
GetSysColorBrush
PostQuitMessage
SendDlgItemMessageA
CopyImage
GetMenuItemInfoW
GetSystemMetrics
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
DestroyCursor
InflateRect
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
FillRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
MapVirtualKeyW
GetKeyNameTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
LockWindowUpdate
IntersectRect
SetParent
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
IsWindowEnabled
FindWindowW
SetTimer
KillTimer
SendMessageW
LoadIconW
wsprintfW
GetDesktopWindow
MessageBoxW
EnableWindow
GetClientRect
ReleaseDC
IsWindowVisible
IsWindow
GetDC
LoadCursorW
DefWindowProcW
GetClassInfoW
LoadBitmapW
SystemParametersInfoW
DestroyMenu
ToUnicodeEx

gdi32

CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
CreateRectRgn
CombineRgn
SetRectRgn
DPtoLP
GetTextMetricsW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetObjectW
SetTextColor
SetBkColor
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

DragFinish
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHAppBarMessage
ShellExecuteExW
DragQueryFileW
SHBrowseForFolderW

comctl32

ImageList_AddMasked
ImageList_Draw

shlwapi

PathIsDirectoryW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx

oleaut32

SystemTimeToVariantTime
VariantChangeType
SysAllocStringLen
VariantTimeToSystemTime
VarBstrFromDate
SysStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString

msi

ord113

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7afaade1956aef5936ab963a4a8fae78

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

msi

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 344KB - Virtual size: 343KB

.data Size: 27KB - Virtual size: 58KB

.rsrc Size: 113KB - Virtual size: 113KB

.reloc Size: 403KB - Virtual size: 402KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 344KB - Virtual size: 343KB

.data
Size: 27KB - Virtual size: 58KB

.rsrc
Size: 113KB - Virtual size: 113KB

.reloc
Size: 403KB - Virtual size: 402KB