a3ee78577e3458b0876cdc62c77c15dbc7e970c8aa83d081d568d673f3debb38

Sharing

Copy URL Twitter E-mail

General

Target

a3ee78577e3458b0876cdc62c77c15dbc7e970c8aa83d081d568d673f3debb38
Size

316KB
MD5

efe77bb041b93c0965fb2c74065e2f56
SHA1

9208036f2f25b62e299b10a0255bea288875a188
SHA256

a3ee78577e3458b0876cdc62c77c15dbc7e970c8aa83d081d568d673f3debb38
SHA512

af7c66c2299b0b961655615bdb84fa07034358c465b360f38515dfb6a590794668613fbe5590982031aef831dd9d8d87f4943ecd93f2d785fcd05c475cf77e54
SSDEEP

6144:fmFewyda6E32KVtYQwvc7pn4TBqhH4X0lwPqpAa:fm8wyI6q2Ymv7Tsh/wYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3ee78577e3458b0876cdc62c77c15dbc7e970c8aa83d081d568d673f3debb38

Files

a3ee78577e3458b0876cdc62c77c15dbc7e970c8aa83d081d568d673f3debb38
.exe windows:4 windows x86

4984f2d6527ccccd1dc9cc5d7128771d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
RaiseException
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
WritePrivateProfileStringA
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
SetLastError
MulDiv
FormatMessageA
GlobalLock
GlobalUnlock
InterlockedIncrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetProcAddress
GetFileTime
lstrcpyA
GetFullPathNameA
GetModuleHandleA
GlobalAlloc
GlobalFree
CreateFileA
WriteFile
CloseHandle
FreeResource
GetDriveTypeA
GetCurrentDirectoryA
GetTickCount
GetCurrentProcess
FindFirstFileA
FindClose
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
LocalAlloc
GetFileAttributesA
LocalFree
GetTempPathA
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualFree
InterlockedExchange

user32

ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
IsRectEmpty
LoadCursorA
GetSysColorBrush
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
GetMessageA
GetCursorPos
ValidateRect
wsprintfA
ReleaseDC
GetDC
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
CharNextA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
OffsetRect
GetNextDlgGroupItem
PostThreadMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
ClientToScreen
PeekMessageA
DispatchMessageA
RegisterClipboardFormatA
GetClassLongA
MessageBeep
TranslateMessage
CharUpperA
GetWindowLongA
SetWindowLongA
SetWindowPos
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
IsWindowVisible
GetClientRect
IsIconic
SetMenu
LoadMenuA
EnableMenuItem
CheckMenuItem
DrawIcon
GetDesktopWindow
SetRect
SendMessageA
PostMessageA
EnableWindow
RegisterWindowMessageA

gdi32

GetRgnBox
GetMapMode
GetWindowExtEx
GetViewportExtEx
DeleteObject
PtVisible
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
CreateSolidBrush
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetTextColor
GetBkColor
GetDeviceCaps
GetStockObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
RectVisible

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA

shell32

ShellExecuteA
DragAcceptFiles
DragFinish
DragQueryFileA
SHChangeNotify

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringLen
SysFreeString
OleCreateFontIndirect
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4984f2d6527ccccd1dc9cc5d7128771d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 88KB - Virtual size: 88KB