234e54b956b99e41fa883d42c49d6b61ba384c2b1957bff8bc117be5f64b4ad8

Sharing

Copy URL Twitter E-mail

General

Target

234e54b956b99e41fa883d42c49d6b61ba384c2b1957bff8bc117be5f64b4ad8
Size

653KB
MD5

27110599655c5e8ebc7a66a42634f0ff
SHA1

4ee7af6fcd1b9171c30b2506de3492a8696052b3
SHA256

234e54b956b99e41fa883d42c49d6b61ba384c2b1957bff8bc117be5f64b4ad8
SHA512

9983e1bda640534704c1152989aa750061986b9a233c4c9841c07795b905b18358bf43d063cf5b83f45982c4140441a233dc64599c12f244662132652a8707e6
SSDEEP

12288:Ij4jRExNlWAW5tiacDspNguMNAQIfZA85EPpS87DhC:s4jREZ65t7rYAjO8O71C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
234e54b956b99e41fa883d42c49d6b61ba384c2b1957bff8bc117be5f64b4ad8

Files

234e54b956b99e41fa883d42c49d6b61ba384c2b1957bff8bc117be5f64b4ad8
.exe windows:5 windows x86

6ac91c3a5706d7c0d1f2288949fa5d74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetErrorMode
GetCommandLineW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
RemoveDirectoryW
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
CreateThread
ExitThread
SetStdHandle
GetFileType
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualProtect
GetUserDefaultUILanguage
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
IsValidCodePage
GetOEMCP
GetCPInfo
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
GetFullPathNameA
GetDriveTypeW
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GetThreadLocale
LoadLibraryA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindClose
DeleteFileW
CreateFileW
FormatMessageW
MulDiv
LocalFree
GetCurrentProcessId
GlobalAddAtomW
ResumeThread
SuspendThread
SetThreadPriority
GlobalUnlock
GlobalFree
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
WideCharToMultiByte
FindNextFileW
FindFirstFileW
GetTickCount
CreateDirectoryW
WaitForSingleObject
SetEvent
Sleep
TerminateThread
WritePrivateProfileStringW
CloseHandle
GetCurrentDirectoryW
CreateEventW
GetLocalTime
GetPrivateProfileIntW
GetPrivateProfileStringW
MultiByteToWideChar
GetCurrentDirectoryA
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteFileA
FreeConsole
VirtualQuery
AllocConsole

user32

RegisterClipboardFormatW
PostThreadMessageW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
CopyRect
ReleaseDC
GetDC
CharUpperW
GetMenuItemCount
GetMenuItemID
SetTimer
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
SetCursor
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
PostMessageW
GetParent
SendDlgItemMessageA
UnregisterClassW
EnableWindow
LoadIconW
RealChildWindowFromPoint
GetWindowRect
DrawTextW
GetSysColor
OffsetRect
FillRect
UpdateWindow
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SetWindowLongW
GetWindowLongW
AppendMenuW
GetSysColorBrush
MessageBeep
GetSystemMenu
SendMessageW
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
InvalidateRect
KillTimer
LoadCursorW
ReleaseCapture
SetCapture
IntersectRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DestroyMenu
IsDialogMessageW
SetWindowTextW
ScreenToClient
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
GetSubMenu
MapWindowPoints

gdi32

ExtTextOutW
DeleteDC
DeleteObject
Escape
GetClipBox
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SetBkMode
SetMapMode
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetObjectW
SetTextColor
SetBkColor
CreateRectRgnIndirect
GetDeviceCaps
CreateBitmap
GetStockObject
SelectObject
GetTextMetricsW
CreateSolidBrush
CreateFontW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFileExistsW
PathIsDirectoryW
PathRemoveFileSpecW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CoCreateGuid
CoUninitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
CoInitializeEx
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
SysFreeString
SysAllocString

oledlg

OleUIBusyW

ws2_32

recv
send
WSAGetLastError
connect
inet_addr
htons
socket
WSAStartup
WSACleanup
closesocket

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 50.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ac91c3a5706d7c0d1f2288949fa5d74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

oleacc

Sections

.text Size: 443KB - Virtual size: 442KB

.rdata Size: 121KB - Virtual size: 120KB

.data Size: 14KB - Virtual size: 50.3MB

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 35KB - Virtual size: 35KB

.text
Size: 443KB - Virtual size: 442KB

.rdata
Size: 121KB - Virtual size: 120KB

.data
Size: 14KB - Virtual size: 50.3MB

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 35KB - Virtual size: 35KB