1e3c4b87abb7638a9894af2c3edd13bbf58862454a0a2dc2f76f0bada6b80af6

Sharing

Copy URL Twitter E-mail

General

Target

1e3c4b87abb7638a9894af2c3edd13bbf58862454a0a2dc2f76f0bada6b80af6
Size

2.2MB
MD5

da0dc8a38e7dd09718c4676697483849
SHA1

68fbccd68cd5f11ae1430cafc25ad0174c31407d
SHA256

1e3c4b87abb7638a9894af2c3edd13bbf58862454a0a2dc2f76f0bada6b80af6
SHA512

75d3df0368828b8ef6bcc861922b1b1e5aeb28e2b25c43886e9530d32af63ea32316ceb5145ca51ee237790b3472592f1a14c8aeb6eb827700401a6bac7e37e7
SSDEEP

24576:I6y9NOvP35AZsOXek48SXBcrX6raDhtvsnOgkwVBE8G2ZbS1ZTedfi6qC0YmKY8:OZ4Ab8lrGfvTcip0dt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e3c4b87abb7638a9894af2c3edd13bbf58862454a0a2dc2f76f0bada6b80af6

Files

1e3c4b87abb7638a9894af2c3edd13bbf58862454a0a2dc2f76f0bada6b80af6
.exe windows x86

234cdccf90014dd66be008a9fbfe1aa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

AllocateAndInitializeSid
CryptAcquireContextA
CryptCreateHash
CryptDecrypt
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptGetHashParam
CryptGetProvParam
CryptHashData
CryptReleaseContext
EqualSid
FreeSid
GetTokenInformation
OpenProcessToken
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegSetValueA
RegSetValueExA

comctl32

ImageList_Draw
ImageList_GetIcon
InitCommonControls

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PrintDlgA

gdi32

BeginPath
BitBlt
CloseEnhMetaFile
CloseMetaFile
CombineRgn
CopyMetaFileA
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBitmap
CreateEllipticRgn
CreateEnhMetaFileA
CreateFontA
CreateFontIndirectA
CreateICA
CreateMetaFileA
CreatePalette
CreatePatternBrush
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EndPath
EnumFontFamiliesA
EnumFontFamiliesExA
EnumMetaFile
Escape
ExcludeClipRect
ExtSelectClipRgn
ExtTextOutA
ExtTextOutW
FrameRgn
GetBkColor
GetCharacterPlacementW
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetDIBits
GetEnhMetaFileHeader
GetFontLanguageInfo
GetMapMode
GetMetaFileBitsEx
GetNearestColor
GetObjectA
GetOutlineTextMetricsA
GetPaletteEntries
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetTextExtentPointA
GetTextMetricsA
GetWinMetaFileBits
IntersectClipRect
LineTo
LPtoDP
MoveToEx
OffsetRgn
OffsetViewportOrgEx
PatBlt
PlayEnhMetaFile
PlayMetaFile
PlayMetaFileRecord
Polygon
RealizePalette
Rectangle
ResetDCA
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetDIBits
SetEnhMetaFileBits
SetMapMode
SetMetaFileBitsEx
SetPaletteEntries
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartPage
StretchBlt
StretchDIBits
StrokeAndFillPath
UnrealizeObject

kernel32

AreFileApisANSI
CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateSemaphoreA
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
DuplicateHandle
EnterCriticalSection
EnumResourceNamesA
ExitProcess
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeLibrary
FreeResource
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetProfileIntA
GetProfileStringA
GetShortPathNameA
GetStartupInfoA
GetStringTypeExW
GetTempFileNameA
GetTempPathA
GetThreadContext
GetTickCount
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalGetAtomNameA
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalFileTimeToFileTime
LocalFree
LockFile
LockResource
lstrcmpA
lstrcmpiA
lstrcmpiW
lstrcpyA
MoveFileA
MulDiv
MultiByteToWideChar
OpenFile
OpenMutexA
OutputDebugStringA
RaiseException
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFileTime
SetLastError
SetThreadContext
SizeofResource
Sleep
SleepEx
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
WriteProfileStringA
_hread
_hwrite
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite

mpr

WNetGetConnectionA

ole32

CoInitialize
CoUninitialize
CreateILockBytesOnHGlobal
GetClassFile
OleGetClipboard
StgCreateDocfileOnILockBytes

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit

oledlg

OleUIAddVerbMenuA
OleUIInsertObjectA
OleUIPasteSpecialA

shell32

DragAcceptFiles
DragQueryFileA
ExtractIconA
SHBrowseForFolderA
ShellExecuteExW
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA

user32

ActivateKeyboardLayout
AdjustWindowRect
AdjustWindowRectEx
AppendMenuA
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharLowerA
CharNextA
CharPrevA
CharToOemA
CharToOemBuffA
CharUpperA
CheckMenuItem
ChildWindowFromPointEx
CloseClipboard
CopyIcon
CopyRect
CreateDialogParamA
CreateIconFromResourceEx
CreateMDIWindowA
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefDlgProcA
DeferWindowPos
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawStateA
DrawTextA
DrawTextExA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EqualRect
FillRect
FrameRect
FreeDDElParam
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetClipboardData
GetClipboardFormatNameA
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemTextA
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayout
GetKeyboardState
GetKeyState
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetUpdateRgn
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InSendMessage
InsertMenuA
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharUpperA
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
keybd_event
KillTimer
LoadBitmapA
LoadCursorA
LoadCursorFromFileA
LoadIconA
LoadImageA
LoadStringA
LookupIconIdFromDirectoryEx
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
MsgWaitForMultipleObjects
OemToCharA
OemToCharBuffA
OffsetRect
OpenClipboard
PackDDElParam
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ReplyMessage
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageW
SendNotifyMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowsHookExA
SetWindowTextA
ShowCaret
ShowScrollBar
ShowWindow
SystemParametersInfoA
ToAscii
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UpdateWindow
ValidateRect
VkKeyScanA
WindowFromPoint
WinHelpA
wsprintfA
wvsprintfA

winspool.drv

ClosePrinter
DeviceCapabilitiesA
DocumentPropertiesA
OpenPrinterA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cwtls
Size: 1KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 643KB - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

234cdccf90014dd66be008a9fbfe1aa1

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

mpr

ole32

oleaut32

oledlg

shell32

user32

winspool.drv

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 161KB - Virtual size: 173KB

.cwtls Size: 1KB - Virtual size: 207KB

.idata Size: 15KB - Virtual size: 15KB

.rsrc Size: 643KB - Virtual size: 643KB

.reloc Size: 49KB - Virtual size: 48KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 161KB - Virtual size: 173KB

.cwtls
Size: 1KB - Virtual size: 207KB

.idata
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 643KB - Virtual size: 643KB

.reloc
Size: 49KB - Virtual size: 48KB