1aa3610cecde9e670326445de74e1b9fce2c702eb53ef51f6d8ea36d06c469fe

Sharing

Copy URL Twitter E-mail

General

Target

1aa3610cecde9e670326445de74e1b9fce2c702eb53ef51f6d8ea36d06c469fe
Size

399KB
MD5

d04dc2643f66d8cacf02c1b6b40ebe81
SHA1

355ea61259fbe8331975f88da81edb39793cb5ec
SHA256

1aa3610cecde9e670326445de74e1b9fce2c702eb53ef51f6d8ea36d06c469fe
SHA512

4348ab9406ec7a275311075b5d2057bb1cb25114265738d2eb104f5cc6c5a44b2854ecd07f97454cce17cb96188225e439b96aa8f2efae02b6b41a25120459ed
SSDEEP

12288:QHgNf27pUdfA30XVinrcyHV476N+lBlGi:QHgN+FCfGprc8Var/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aa3610cecde9e670326445de74e1b9fce2c702eb53ef51f6d8ea36d06c469fe

Files

1aa3610cecde9e670326445de74e1b9fce2c702eb53ef51f6d8ea36d06c469fe
.exe windows:6 windows x86

50c97e66f6e11031fa26e4b713db8f86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
GetFileSizeEx
SystemTimeToTzSpecificLocalTime
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileType
LCMapStringW
CompareStringW
GetStdHandle
ExitProcess
HeapQueryInformation
GetModuleHandleExW
RtlUnwind
OutputDebugStringW
GetCurrentProcess
GetVolumeInformationA
WriteFile
SetEndOfFile
ReadFile
GetFullPathNameA
FlushFileBuffers
FileTimeToLocalFileTime
FindFirstFileA
FindClose
GetCPInfo
GetOEMCP
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetPrivateProfileIntA
CloseHandle
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
GetCurrentProcessId
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
FindResourceA
SetErrorMode
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
FormatMessageA
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
GetACP
MultiByteToWideChar
WritePrivateProfileStringA
GetConsoleWindow
GetModuleHandleA
GetCommandLineA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
LocalFree
GetCommandLineW
GetPrivateProfileStringA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
FreeEnvironmentStringsW
WriteConsoleW
GetModuleFileNameA

user32

SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyRect
GetSysColor
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetMenuCheckMarkDimensions
GetScrollPos
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
LoadCursorA
SetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
ShowWindow
EnableWindow
LoadIconW
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
WindowFromPoint
ScreenToClient
GetCursorPos
GetKeyState
SetMenuItemInfoA
LoadBitmapW
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
ReleaseDC
ClientToScreen
GetWindowThreadProcessId
GetSysColorBrush
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
PostMessageA
PostQuitMessage
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
SetWindowPos
DestroyMenu
GetMessageA
TranslateMessage
SetCursor
RealChildWindowFromPoint
SetTimer
InvalidateRect
CharUpperA
GetFocus
GetCapture
KillTimer

gdi32

Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
DeleteObject
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
GetDeviceCaps
DeleteDC

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

CommandLineToArgvW

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoInitializeEx
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50c97e66f6e11031fa26e4b713db8f86

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 233KB - Virtual size: 233KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 76KB - Virtual size: 76KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 233KB - Virtual size: 233KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 76KB - Virtual size: 76KB

.reloc
Size: 16KB - Virtual size: 16KB