3a76fa4fad0abb8aa8fc28b8eac611efea2b89a0f401443797aabd2788a6e23d

Sharing

Copy URL Twitter E-mail

General

Target

3a76fa4fad0abb8aa8fc28b8eac611efea2b89a0f401443797aabd2788a6e23d
Size

543KB
MD5

8f06cfb45eab27aa5d2f89038182c475
SHA1

b4b4069a76201b2bd03704be497f0010df50e989
SHA256

3a76fa4fad0abb8aa8fc28b8eac611efea2b89a0f401443797aabd2788a6e23d
SHA512

7655bef109391f19ced170e7e89a018d3b8683086bffac61c8f6cc9b4419fe0eb7da77ae94d6277b41d575dfedeac49924ab9eebebf86c43b04880e68ca61fca
SSDEEP

12288:bOB++gy4u5eQsrwD60301YLi42aYaXruG9r2N7+XHYf39pGHNu4B2UV:bOY+arwD60301YLi42aYaXrt9ra+XHSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a76fa4fad0abb8aa8fc28b8eac611efea2b89a0f401443797aabd2788a6e23d

Files

3a76fa4fad0abb8aa8fc28b8eac611efea2b89a0f401443797aabd2788a6e23d
.exe windows:6 windows x64

dfae3d0b58f3f6e9a3ce446c1ba98e1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SystemTimeToTzSpecificLocalTime
GetTickCount
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetFileType
ExitProcess
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
VirtualProtect
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
GetThreadLocale
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FormatMessageW
LocalFree
MulDiv
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
CreateEventW
SetEvent
CloseHandle
GlobalUnlock
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
GlobalFree
FreeResource
FindResourceW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
HeapFree

user32

IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
DrawTextW
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
ClientToScreen
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
EnableWindow
LoadIconW
SendMessageW
IsIconic
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
SetCursor
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
SetRect
IsWindowVisible
PeekMessageW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
UpdateWindow
ReleaseDC
GetSystemMetrics
GetClientRect
DrawIcon
UnregisterClassW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
PostMessageW
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetSubMenu
GetWindowRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
SetCapture
ReleaseCapture
LoadCursorW
RealChildWindowFromPoint
SetTimer
KillTimer
InvalidateRect
CharNextW
CopyAcceleratorTableW
PostThreadMessageW
RegisterClipboardFormatW
CharUpperW
GetSysColorBrush
DestroyMenu
InvalidateRgn
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
IsMenu

gdi32

GetDeviceCaps
GetStockObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectObject
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetClipBox
Escape
DeleteObject
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
DeleteDC

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

SystemFunction036
RegOpenKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey

shell32

DragQueryFileW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW

ole32

CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoRevokeClassObject
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysFreeString

oledlg

OleUIBusyW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfae3d0b58f3f6e9a3ce446c1ba98e1d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

Sections

.text Size: 287KB - Virtual size: 287KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 11KB - Virtual size: 31KB

.pdata Size: 19KB - Virtual size: 19KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 287KB - Virtual size: 287KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 11KB - Virtual size: 31KB

.pdata
Size: 19KB - Virtual size: 19KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 7KB - Virtual size: 6KB