e7ae56d77d3137c289142fe7e31f15eb766ab665822dcd256bd1b0b6058387e6

Sharing

Copy URL Twitter E-mail

General

Target

e7ae56d77d3137c289142fe7e31f15eb766ab665822dcd256bd1b0b6058387e6
Size

3.9MB
MD5

fb19c21103f1c8b108e2dc13008097ce
SHA1

5b37ca5b45ec2331ef997ca3617e11551b26dcb6
SHA256

e7ae56d77d3137c289142fe7e31f15eb766ab665822dcd256bd1b0b6058387e6
SHA512

852ebc1b78cb2a43d9acf6b9b21ef3e4083efc0fe6ed90f0cd1bfa6d53b62823d8ebfc213c5cc095a483f52e27f18cc8ca543fe441d4633115cfe2a0abf540b4
SSDEEP

98304:9MS0uSPsWwxbY8c60FLOAkGkzdnEVomFHKnP:HHSP+m60FLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7ae56d77d3137c289142fe7e31f15eb766ab665822dcd256bd1b0b6058387e6

Files

e7ae56d77d3137c289142fe7e31f15eb766ab665822dcd256bd1b0b6058387e6
.exe windows:6 windows x64

e3f233370f0ce3bd3c2ec8982846f519

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

uxtheme

IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeSysColor
GetThemePartSize

kernel32

QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
IsProcessorFeaturePresent
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
TerminateProcess
GetTempFileNameW
FindResourceExW
GetTempPathW
Sleep
GetProfileIntW
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
LoadLibraryA
FormatMessageA
LoadLibraryExA
RtlUnwindEx
RtlPcToFileHeader
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
FreeLibraryAndExitThread
SearchPathW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
VirtualProtect
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
FileTimeToSystemTime
GlobalGetAtomNameW
InitializeCriticalSectionAndSpinCount
GlobalFlags
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GetProcAddress
GetModuleHandleW
GetSystemDirectoryW
EncodePointer
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
CopyFileW
FormatMessageW
LocalFree
GlobalSize
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
MulDiv
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetProcessHeap
GetModuleFileNameA
RaiseException
DecodePointer
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
InitializeCriticalSectionEx
GetLastError
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
RtlVirtualUnwind
HeapQueryInformation
QueryPerformanceFrequency
GetSystemInfo
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
LCMapStringW
ExitProcess

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegCloseKey

shell32

SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHAppBarMessage
DragQueryFileW
DragFinish
SHBrowseForFolderW
ShellExecuteA

gdi32

GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
SetPaletteEntries
ExtFloodFill
LPtoDP
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
GetBkColor
Ellipse
CreateEllipticRgn
OffsetRgn
GetRgnBox
GetTextColor
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateDIBSection
CreateCompatibleBitmap
CreateRoundRectRgn
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextMetricsW
GetTextExtentPoint32W
CreateFontIndirectW
CreateDCW
CopyMetaFileW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
GetObjectW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteDC
SetPixelV
GetTextFaceW
ExtTextOutW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindExtensionW

gdiplus

GdiplusShutdown
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc

msimg32

AlphaBlend
TransparentBlt

user32

GetWindowRect
GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
DrawStateW
UpdateWindow
InvalidateRect
GetClassNameW
LoadBitmapW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
GetForegroundWindow
SetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
MapWindowPoints
CopyRect
EqualRect
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetClassLongPtrW
GetTopWindow
GetWindow
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
SystemParametersInfoW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetMessageW
TranslateMessage
ShowOwnedPopups
SetCursor
ShowWindow
GetFocus
CheckDlgButton
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
RealChildWindowFromPoint
IntersectRect
GetSysColorBrush
LoadCursorW
CopyImage
DeleteMenu
SetTimer
KillTimer
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
SetCapture
ReleaseCapture
LoadMenuW
SetWindowRgn
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
MapDialogRect
WaitMessage
DestroyIcon
LoadImageW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawIconEx
SetRect
RegisterClipboardFormatW
DrawEdge
DrawFrameControl
DrawFocusRect
SetClassLongPtrW
SetParent
CharUpperBuffW
LockWindowUpdate
ModifyMenuW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
BringWindowToTop
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SetCursorPos
CopyIcon
FrameRect
PostThreadMessageW
GetNextDlgGroupItem
GetIconInfo
HideCaret
InvertRect
GetKeyNameTextW
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
GetComboBoxInfo
GetUpdateRect
CreateMenu
SubtractRect
GetWindowRgn
PostQuitMessage
PostMessageW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetParent
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetSystemMenu
AppendMenuW
IsIconic
SendMessageW
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconW
UnregisterClassW
EnableWindow
MoveWindow

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
CoDisconnectObject
CoCreateInstance
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoCreateGuid
CoInitialize

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SysFreeString
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

winmm

PlaySoundW

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_BSSg_la
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 573KB - Virtual size: 573KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3f233370f0ce3bd3c2ec8982846f519

Headers

DLL Characteristics

File Characteristics

Imports

winspool.drv

uxtheme

kernel32

advapi32

shell32

gdi32

shlwapi

gdiplus

msimg32

user32

ole32

oleaut32

oleacc

winmm

imm32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

_BSSg_la Size: - Virtual size: 8B

.rdata Size: 573KB - Virtual size: 573KB

.data Size: 29KB - Virtual size: 61KB

.pdata Size: 83KB - Virtual size: 82KB

.data1 Size: 4KB - Virtual size: 3KB

.trace Size: 5KB - Virtual size: 5KB

_RDATA Size: 5KB - Virtual size: 4KB

.debug_o Size: 1KB - Virtual size: 1KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 60KB - Virtual size: 60KB

.text
Size: 1.8MB - Virtual size: 1.8MB

_BSSg_la
Size: - Virtual size: 8B

.rdata
Size: 573KB - Virtual size: 573KB

.data
Size: 29KB - Virtual size: 61KB

.pdata
Size: 83KB - Virtual size: 82KB

.data1
Size: 4KB - Virtual size: 3KB

.trace
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 5KB - Virtual size: 4KB

.debug_o
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 60KB - Virtual size: 60KB