efea943f612de2496fec7014290b31242e4754a329a6e6cfbf7215d2ec138f19

Sharing

Copy URL

Twitter E-mail

General

Target

efea943f612de2496fec7014290b31242e4754a329a6e6cfbf7215d2ec138f19
Size

1.1MB
MD5

e9c79e470be58acc651339394f058abe
SHA1

2a38d1ccfe2f74e11b2b8669f20797b77c93c28e
SHA256

efea943f612de2496fec7014290b31242e4754a329a6e6cfbf7215d2ec138f19
SHA512

c7d7b059855ed7c7ad96261346406fdb40283320259d9be198926802803a8b7c85e37845651673ef638df9bcc8a6ac057d711627b1955ec243ddf9f3fe1dcf6b
SSDEEP

12288:ovkdKNFAiLeFyw8AHPbSAV4zVicBaf76K01f787Onjfc7TTDp/5kC+EH4DM0half:+kdCFAiLe3lSmmjc7TTDt5j3pc8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efea943f612de2496fec7014290b31242e4754a329a6e6cfbf7215d2ec138f19

Files

efea943f612de2496fec7014290b31242e4754a329a6e6cfbf7215d2ec138f19
.exe windows x86

3c7bf3e1c38a13fd0dec309e7d0ec14c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
RaiseException
GetCommandLineA
ExitThread
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetPrivateProfileStringA
GetLastError
GetFileTime
GetCurrentDirectoryA
InterlockedExchange
CreateMutexA
GetModuleFileNameA
FreeLibrary
SetLocalTime
GetPrivateProfileIntA
WinExec
Sleep
LoadLibraryA
GetTickCount
GetProcAddress
CreateDirectoryA
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
FindClose
FindFirstFileA
MultiByteToWideChar
InterlockedDecrement
GetProfileStringA
GetFileAttributesA
GetFileSize
CreateFileA
CloseHandle
CreateThread
ReadFile
CreateProcessA
GetStartupInfoA
CreatePipe
TerminateProcess
WriteFile
DeleteFileA
SetEvent
CreateEventA
WaitForSingleObject
ResetEvent
WideCharToMultiByte
GetOverlappedResult
WaitCommEvent
PurgeComm
SetCommState
SetCommTimeouts
SetupComm
SetCommMask
GetCommState
ClearCommError
LoadResource
FindResourceA
LockResource
GlobalFree
GlobalUnlock
GlobalLock
WritePrivateProfileStringA
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
FindNextFileA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SuspendThread
SetThreadPriority
ResumeThread
GlobalAlloc
lstrcmpA
GetCurrentThread
MulDiv
SetLastError
lstrcpynA
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA

user32

PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
LoadCursorA
PtInRect
GetDesktopWindow
CharUpperA
DestroyMenu
LoadStringA
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
InflateRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
EnableWindow
RedrawWindow
SendMessageA
InvalidateRect
GetWindowRect
GetSysColor
UnregisterClassA
HideCaret
ShowCaret
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
SetWindowTextA
GetWindowTextA
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetClientRect
UpdateWindow
GetParent
DrawFocusRect
GetFocus
wsprintfA
LoadIconA
EnableMenuItem
GetSubMenu
GetMenuState
CheckMenuItem
GetMenu
AppendMenuA
GetClassNameA
GetSystemMenu
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
KillTimer
GetDlgCtrlID
TranslateMessage
DispatchMessageA
PeekMessageA
DrawMenuBar
ModifyMenuA
PostMessageA
OffsetRect
ReleaseDC
GetDC
SetRectEmpty
FillRect
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetWindowLongA
SetWindowLongA
MessageBoxA
IsRectEmpty

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
DeleteObject
OffsetViewportOrgEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateFontA
Rectangle
CreateCompatibleDC
GetTextExtentPointA
BitBlt
CreatePen
CreateDIBitmap

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

EnumPrintersA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoCreateInstance
OleRun
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
SysFreeString
SysAllocString
VariantClear
VariantCopy
GetErrorInfo
VariantInit

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wininet

InternetGetLastResponseInfoA
InternetOpenA
InternetCloseHandle
InternetSetStatusCallback
InternetConnectA
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
FtpGetFileA

ws2_32

WSACleanup
inet_ntoa
gethostbyname
WSAStartup
gethostname

Sections

.text
Size: 824KB - Virtual size: 821KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 144KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c7bf3e1c38a13fd0dec309e7d0ec14c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

version

wininet

ws2_32

Sections

.text Size: 824KB - Virtual size: 821KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 144KB - Virtual size: 161KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 824KB - Virtual size: 821KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 144KB - Virtual size: 161KB

.rsrc
Size: 88KB - Virtual size: 88KB