4e2b8fb076dd33685f6465d34d36a8d6bb41f381195563620c3059c88ea8a69f

Sharing

Copy URL Twitter E-mail

General

Target

4e2b8fb076dd33685f6465d34d36a8d6bb41f381195563620c3059c88ea8a69f
Size

2.5MB
MD5

287cc4c2d8fe12485f867c68c0d92358
SHA1

05af9d33b73e888c5f16c3b2e4bec1353c5c6316
SHA256

4e2b8fb076dd33685f6465d34d36a8d6bb41f381195563620c3059c88ea8a69f
SHA512

7051b82fd70d3219bd4c56f37e87fcad4bf64378b22fcb03e4449ff2fa7e49620bd5563254f8972866dbc37d2f957050e82bb6ff1d2a5483c93742ec82f7ed13
SSDEEP

49152:Q55KvEJpVO0IvJDJbdAkOrQB9z6h5WjIK1VGaBPqekYQqg7Zh6:FvEJpARDpOrQB9z6h5WjJ1VGaByekYDS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e2b8fb076dd33685f6465d34d36a8d6bb41f381195563620c3059c88ea8a69f

Files

4e2b8fb076dd33685f6465d34d36a8d6bb41f381195563620c3059c88ea8a69f
.exe windows x86

cb87c7dff8d1219cee094867cd400c96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryA
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
DeleteFileA
GetThreadLocale
GlobalFindAtomA
FileTimeToSystemTime
lstrcpyA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
VerSetConditionMask
VerifyVersionInfoA
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
SetErrorMode
GetTickCount
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
GetTempPathA
GetTempFileNameA
FindResourceExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
TlsGetValue
GetCommandLineW
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetStdHandle
GetFileType
HeapQueryInformation
QueryPerformanceFrequency
ExitProcess
GetStdHandle
GetStringTypeW
LCMapStringW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
CreateFileW
lstrcmpW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
ResumeThread
SetThreadPriority
WaitForSingleObject
SetEvent
InitializeCriticalSectionAndSpinCount
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
LoadLibraryA
LoadLibraryW
GlobalUnlock
GetModuleFileNameW
SetLastError
OutputDebugStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FindResourceA
GlobalFree
FreeResource
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
TlsAlloc
InitializeCriticalSection
GetCommandLineA
GlobalGetAtomNameA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
SetCommMask
ReadFile
Sleep
WriteFile
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
SetupComm
CreateFileA
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
GetACP
WideCharToMultiByte

user32

MessageBeep
GetSysColorBrush
LoadCursorA
TrackMouseEvent
IsZoomed
CharUpperA
GetAsyncKeyState
SetWindowRgn
WindowFromPoint
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
DestroyIcon
SetLayeredWindowAttributes
EnumDisplayMonitors
LoadImageW
RegisterClipboardFormatA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawIconEx
LoadImageA
DrawEdge
DrawFrameControl
DrawFocusRect
SetClassLongA
SetParent
CharUpperBuffA
LockWindowUpdate
ModifyMenuA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
SetCursorPos
CopyIcon
FrameRect
PostThreadMessageA
WaitMessage
GetIconInfo
HideCaret
InvertRect
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsCharLowerA
MapVirtualKeyExA
GetComboBoxInfo
GetUpdateRect
CreateMenu
SubtractRect
GetWindowRgn
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
CharNextA
GetForegroundWindow
GetNextDlgGroupItem
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
GetClassNameA
InvalidateRect
UpdateWindow
DrawStateA
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PtInRect
GetCursorPos
GetWindowRect
GetFocus
FillRect
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxA
SystemParametersInfoA
InflateRect
GetSysColor
GetMenuItemInfoA
DestroyMenu
GetMenuStringA
CopyRect
ReleaseDC
GetDC
MapVirtualKeyA
GetKeyNameTextA
GetDesktopWindow
GetWindowLongA
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
RegisterWindowMessageA
MapDialogRect
GetWindow
GetParent
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
PostMessageA
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuA
SendMessageA
LoadMenuW
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
UnregisterClassA
KillTimer
RealChildWindowFromPoint
DeleteMenu
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
ReleaseCapture
SetCapture
CopyImage
OffsetRect
SetRectEmpty
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
SetForegroundWindow
WinHelpA

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
PatBlt
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetTextExtentPoint32A
GetObjectA
ExtTextOutA
CreateDCA
GetDeviceCaps
CreateBitmap
CreateHatchBrush
DeleteDC
MoveToEx
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteObject
Escape
CopyMetaFileA
TextOutA
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetTextAlign
SetTextColor
CreateRectRgnIndirect
GetTextFaceA
SetPixelV
SetLayout
GetLayout
SetPolyFillMode
SetROP2
GetRgnBox
GetTextMetricsA
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateCompatibleBitmap
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx

advapi32

RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHAppBarMessage
DragQueryFileA
DragFinish
SHCreateDirectoryExA
ShellExecuteA
SHGetDesktopFolder

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx

shlwapi

StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

GetThemePartSize
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
IsAppThemed

oledlg

ord8

gdiplus

GdipDrawImageI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipDeleteGraphics
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winmm

PlaySoundA

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

ole32

RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoRegisterMessageFilter
CoUninitialize
CoRevokeClassObject
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid

oleaut32

VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantCopy
VarBstrFromDate

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 465KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb87c7dff8d1219cee094867cd400c96

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msimg32

comctl32

shlwapi

uxtheme

oledlg

gdiplus

oleacc

winmm

imm32

winspool.drv

ole32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 311KB - Virtual size: 311KB

.data Size: 22KB - Virtual size: 47KB

.gfids Size: 106KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 465KB - Virtual size: 464KB

.reloc Size: 122KB - Virtual size: 121KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 311KB - Virtual size: 311KB

.data
Size: 22KB - Virtual size: 47KB

.gfids
Size: 106KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 465KB - Virtual size: 464KB

.reloc
Size: 122KB - Virtual size: 121KB