6cda2b81b70caa6ed26d99d6edb0232370316bf6a055896f38591366eeacf767

Sharing

Copy URL

Twitter E-mail

General

Target

6cda2b81b70caa6ed26d99d6edb0232370316bf6a055896f38591366eeacf767
Size

1.1MB
MD5

17bc16e6beb67025579e223279e3520d
SHA1

75796e2f9c08c067176bcee7de418a7554567483
SHA256

6cda2b81b70caa6ed26d99d6edb0232370316bf6a055896f38591366eeacf767
SHA512

1b9b4d2cbdd3a51f0104b3f171da78781820af232932c28fbbc6dc4a6df5c17f0ca9d1c65a6cd5e19b6c8e23339ba3b9570cbc8514d5850252c87978aff48910
SSDEEP

12288:RhadGxEGPQtLGH1lgHDty9uIRHx3iKgMG8dwN/+rK2FOEd:RhCPtLyrgjtyBHx345N/+rK2FOEd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cda2b81b70caa6ed26d99d6edb0232370316bf6a055896f38591366eeacf767

Files

6cda2b81b70caa6ed26d99d6edb0232370316bf6a055896f38591366eeacf767
.exe windows x86

a5c9c2318aec5783b66153c1d22a6f06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCurrentProcessId
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetACP
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetProfileStringA
InterlockedExchange
GetTickCount
SizeofResource
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
MulDiv
lstrlenW
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GetCurrentThread
GlobalFree
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GetModuleFileNameA
SetLastError
FormatMessageA
LocalFree
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
lstrcatA
lstrcpyA
lstrlenA
GlobalLock
lstrcpynA
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
VirtualAlloc
CreateThread
ResetEvent
WaitForSingleObject
LoadLibraryA
GetProcAddress
OpenMutexA
CreateMutexA
GetLastError
ReleaseMutex
CloseHandle
CreateEventA
GetCurrentDirectoryA
SetHandleCount
Sleep

user32

SetCapture
InvertRect
GetDCEx
LockWindowUpdate
InsertMenuA
GetMenuStringA
DestroyIcon
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
InflateRect
RemovePropA
DefWindowProcA
GetWindowDC
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
EndPaint
GetDlgItem
InvalidateRect
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
GetParent
GetSystemMetrics
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SendMessageA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
SetRect
WindowFromPoint
GrayStringA
DrawTextA
CallWindowProcA
TabbedTextOutA
RegisterWindowMessageA
KillTimer
PostMessageA
UpdateWindow
EnableWindow
SetTimer
LoadStringA
GetSysColorBrush
LoadCursorA
EnableMenuItem
GetClassNameA
FillRect
FindWindowA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
ShowOwnedPopups
PostQuitMessage
EndDialog
CreateDialogIndirectParamA
CharUpperA
WaitMessage
GetSystemMenu
DeleteMenu
AppendMenuA
IsRectEmpty
SetParent
PtInRect
GetDC
ReleaseDC
IsZoomed
GetMenuCheckMarkDimensions
CopyRect
BeginPaint
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
GetMessageTime
CheckMenuItem
ClientToScreen

gdi32

DPtoLP
GetDeviceCaps
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetTextAlign
LPtoDP
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
BitBlt
GetTextColor
GetBkColor
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
DeleteDC
GetTextMetricsA
SelectObject
GetTextExtentPoint32A
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegSetValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegCloseKey

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
OleIsCurrentClipboard
CoGetClassObject

olepro32

ord253

oleaut32

SafeArrayAccessData
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysStringLen
SafeArrayUnaccessData

wsock32

accept
ioctlsocket
bind
htonl
WSAAsyncSelect
inet_ntoa
sendto
recv
socket
gethostbyname
htons
connect
WSACleanup
WSAStartup
shutdown
WSAGetLastError
WSASetLastError
recvfrom
send
closesocket

wininet

InternetWriteFile
InternetSetFilePointer
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetSetStatusCallback
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 772KB - Virtual size: 770KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5c9c2318aec5783b66153c1d22a6f06

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 28KB - Virtual size: 44KB

.rsrc Size: 772KB - Virtual size: 770KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 28KB - Virtual size: 44KB

.rsrc
Size: 772KB - Virtual size: 770KB