e64cb3cfa382d96baf794170776a44124c4f103fbe8b202177223f26b091d8a9

Sharing

Copy URL Twitter E-mail

General

Target

e64cb3cfa382d96baf794170776a44124c4f103fbe8b202177223f26b091d8a9
Size

5.0MB
MD5

24f38029b4d578cf538f0fac95a9b3ca
SHA1

cddd2e38fbaf2507a446f73afbaf2853e37b4a3a
SHA256

e64cb3cfa382d96baf794170776a44124c4f103fbe8b202177223f26b091d8a9
SHA512

59381ad593120d29db0ee4f0f8f901fec6837a17db13222adeff6a49447b3d80427ca6754e8e91d8c7c18541944338c0763670776f45ae739867b8fa8e96b567
SSDEEP

98304:76ax4mqSzBhG8tpWDS7ydIO2/chT9V0RXB6VeCXr5Z58uzkXDMknQqXYIjEYhOf:7LnWxx20hT9V5b58VXDDnpYIH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e64cb3cfa382d96baf794170776a44124c4f103fbe8b202177223f26b091d8a9

Files

e64cb3cfa382d96baf794170776a44124c4f103fbe8b202177223f26b091d8a9
.exe windows x86

328eebb2fdeb898ed5aa976ae627c5c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetProfileIntA
GetTickCount
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
lstrcpyA
GetCurrentDirectoryA
HeapQueryInformation
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetLocalTime
IsDBCSLeadByte
CreateDirectoryA
DosDateTimeToFileTime
lstrlenA
FindResourceExW
GetUserDefaultUILanguage
GetVersionExA
GlobalFlags
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
CompareStringA
SetFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
LocalReAlloc
GlobalHandle
GlobalReAlloc
InitializeCriticalSection
SystemTimeToFileTime
GlobalGetAtomNameA
lstrcmpA
SetErrorMode
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
WaitForSingleObject
SetEvent
CopyFileA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetVolumeInformationA
LoadLibraryA
lstrcmpiA
GetVersion
DuplicateHandle
OutputDebugStringA
UnlockFile
SetFilePointer
LockFile
GetFullPathNameA
GetFileSize
GetFileAttributesW
FindFirstFileA
FindClose
CreateFileA
FileTimeToSystemTime
FormatMessageA
LocalFree
LocalAlloc
FileTimeToLocalFileTime
ReadConsoleW
ReadFile
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
HeapReAlloc
LoadLibraryExW
FreeLibrary
InterlockedExchange
LCMapStringW
CompareStringW
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetProcessHeap
CloseHandle
GetStartupInfoW
DeleteCriticalSection
GetFileType
LeaveCriticalSection
EnterCriticalSection
GetTimeZoneInformation
HeapAlloc
HeapFree
GetModuleFileNameW
WriteFile
GetStdHandle
HeapSize
AreFileApisANSI
GetProcAddress
GetModuleHandleExW
GetCurrentThreadId
SetLastError
GetLastError
GetCPInfo
WideCharToMultiByte
GetOEMCP
GetACP
IsValidCodePage
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
FreeResource
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameA
LockResource
SizeofResource
Sleep
InitializeCriticalSectionAndSpinCount
GetCommandLineA
LoadResource
FindResourceW
FindResourceA
ExitProcess
MultiByteToWideChar
VirtualProtect

user32

NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
IntersectRect
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
DestroyIcon
RealChildWindowFromPoint
FillRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CreatePopupMenu
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
DrawIcon
SendMessageA
GetClientRect
IsIconic
EnableMenuItem
CheckMenuItem
GetFocus
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
GetMenuDefaultItem
MapVirtualKeyA
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
LoadImageW
DrawEdge
DrawFrameControl
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CopyRect
InsertMenuItemA
PostQuitMessage
GetWindowRect
ScreenToClient
SetWindowRgn
GetDesktopWindow
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
GetMenuStringA
GetMenuState
GetGUIThreadInfo
InvalidateRgn
GetCaretPos
ShowCaret
CharPrevA
SetCaretPos
GetCaretBlinkTime
CreateCaret
RegisterClassExA
CharNextA
UnpackDDElParam
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
GetWindowRgn
DestroyCursor
MapDialogRect
SetWindowsHookExA
CallNextHookEx
GetWindowTextA
GetWindowTextLengthA
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongA
LockWindowUpdate
SetParent
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetSystemMenu
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
GetKeyNameTextA
ReuseDDElParam
TrackPopupMenu

gdi32

GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreatePalette
ExcludeClipRect
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CloseEnhMetaFile
CreateEnhMetaFileA
GetEnhMetaFileHeader
PlayEnhMetaFile
CreatePenIndirect
GetCharABCWidthsA
GdiFlush
CopyMetaFileA
DeleteObject
GetNearestPaletteIndex
GetWindowExtEx
CreateRoundRectRgn

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

SHBrowseForFolderA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHAppBarMessage
ShellExecuteA
DragFinish

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
UrlUnescapeA
StrFormatKBSizeA

uxtheme

GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetThemePartSize

ole32

OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CLSIDFromProgID
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

SysStringLen
SysFreeString
VariantClear
VariantChangeType
VarBstrFromDate
VariantInit
SysAllocString
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
ImmSetCompositionWindow

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipGetImageHeight
GdipAlloc
GdipGetPropertyItem
GdipGetImageWidth
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageGraphicsContext
GdipDisposeImage
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangleI
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipGetPropertyItemSize
GdipFree

ws2_32

gethostname
gethostbyname
WSAStartup

wininet

InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryOptionA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundA

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

328eebb2fdeb898ed5aa976ae627c5c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

imm32

gdiplus

ws2_32

wininet

oleacc

winmm

comctl32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 357KB - Virtual size: 357KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 430KB - Virtual size: 430KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 357KB - Virtual size: 357KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 430KB - Virtual size: 430KB