1474f13ac113280b3490ed1b61330e2cd1ac43d3867bc544fe972f2078388025

Sharing

Copy URL Twitter E-mail

General

Target

1474f13ac113280b3490ed1b61330e2cd1ac43d3867bc544fe972f2078388025
Size

296KB
MD5

acc460ae52c26ef1b0966124c4284960
SHA1

6972650db1aef14597a728e84abce95f86fdaa91
SHA256

1474f13ac113280b3490ed1b61330e2cd1ac43d3867bc544fe972f2078388025
SHA512

a8393908bfddf4a6190e2f9abcaa7fb8e59c6d592954fd24da7b038fad3ef3abf252ddf9b5390a68d51e4678362dcedef9b95b634c6e2aaef064e351bd7cd9e2
SSDEEP

6144:ZKasi4XbB7q92brZBMBy4qRKktukuQLbASZjM0AOKwqp:ZKdiLMPKktukuQLLI0P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1474f13ac113280b3490ed1b61330e2cd1ac43d3867bc544fe972f2078388025

Files

1474f13ac113280b3490ed1b61330e2cd1ac43d3867bc544fe972f2078388025
.exe windows:6 windows x86

c5d69db1f64906512a961486efa4229b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteFile
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
GetConsoleMode
GetConsoleOutputCP
GetFileType
SetFilePointerEx
GetStdHandle
HeapQueryInformation
GetModuleHandleExW
GetCommandLineA
RtlUnwind
GetCPInfo
GetStringTypeW
RaiseException
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
FileTimeToSystemTime
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
CloseHandle
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GetSystemDirectoryW
EncodePointer
SetErrorMode
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
FormatMessageW
GlobalFree
GlobalLock
GetCurrentProcess
GlobalUnlock
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
GetACP
MultiByteToWideChar
GetModuleHandleW
ExitProcess
WideCharToMultiByte
FreeLibrary
LocalFree
OutputDebugStringW
Sleep
GetCommandLineW
GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree
VirtualProtect
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree

user32

CharUpperW
DestroyMenu
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
ClientToScreen
SetCursor
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetWindowThreadProcessId
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
SetWindowTextW
IsWindowEnabled
MessageBoxA
GetClientRect
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
GetLastActivePopup
GetTopWindow
EnableMenuItem
SetRectEmpty
OffsetRect
GetParent
DestroyWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
PostMessageW
PostQuitMessage
SendMessageW
GetScrollPos
GetWindowTextW
GetWindowLongW
GetWindow
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
SetWindowsHookExW
IsWindow
IsMenu
BeginDeferWindowPos
SetWindowPos

gdi32

ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
TextOutW
SetMapMode
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetClipBox
Escape
DeleteDC
GetDeviceCaps
SetBkColor
SetTextColor
CreateBitmap
DeleteObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

ole32

OleRun
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid

oleaut32

VariantChangeType
SysAllocString
VariantInit
SysFreeString
GetErrorInfo
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��rf0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5d69db1f64906512a961486efa4229b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 7KB - Virtual size: 18KB

.����rf0 Size: 3KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 7KB - Virtual size: 18KB

.��rf0
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB