e51ebfb51299c26287be4dbf5c8af17f1d2dd1f739d7b4a61d65a3f92e5dfe2f

Sharing

Copy URL

Twitter E-mail

General

Target

e51ebfb51299c26287be4dbf5c8af17f1d2dd1f739d7b4a61d65a3f92e5dfe2f
Size

3.0MB
MD5

dd29d5904c9a975f4b3cfb9613a0d190
SHA1

315b820dcf6cc26f5cf1d9f28ae2ad9b5dd4fa06
SHA256

e51ebfb51299c26287be4dbf5c8af17f1d2dd1f739d7b4a61d65a3f92e5dfe2f
SHA512

596de810eb35a5f1db27d3409a475876b431003e0cb9c775956510c0b7d7ba891f4fbebed1178325c30c0526936bdcf1dbabbfbc44410a3d4c3cc63397ba9c64
SSDEEP

12288:nR4McC6FrCXswYymOFvS5EE3mJZFKGSm8fjIcZQmQJUGWt2WJvzRr36+:nRFI0swYTvEE3mJZFynfnOmEUGWtXvQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e51ebfb51299c26287be4dbf5c8af17f1d2dd1f739d7b4a61d65a3f92e5dfe2f

Files

e51ebfb51299c26287be4dbf5c8af17f1d2dd1f739d7b4a61d65a3f92e5dfe2f
.exe windows:5 windows x86

7f990956a7fcdc908791df55db5ce537

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
StrToIntW
StrToIntExW
PathAppendW
PathFileExistsW
PathRemoveExtensionW
PathRemoveFileSpecW

kernel32

FindFirstFileA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
Sleep
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetFullPathNameA
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetDriveTypeA
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleFileNameW
MultiByteToWideChar
DeleteFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeLibrary
WideCharToMultiByte
GetProcAddress
LoadLibraryW
CopyFileW
GetLastError
CreateMutexW
SetLastError
MulDiv
lstrlenW
LocalFree
FormatMessageW
GetModuleHandleW
InterlockedDecrement
GetModuleHandleA
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GetVersionExW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
GetCurrentProcessId
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
RaiseException
IsDebuggerPresent
LockFile
UnlockFile
SetEndOfFile
GetFileSize
CloseHandle
DuplicateHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GlobalFlags
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess

user32

PostThreadMessageW
RegisterClipboardFormatW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
MessageBeep
CharUpperW
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetCursorPos
GetWindowThreadProcessId
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
CheckRadioButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
SetMenu
SetForegroundWindow
SetRect
DrawStateW
ModifyMenuW
CopyRect
PtInRect
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
OffsetRect
GetWindowRgn
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
RedrawWindow
GetActiveWindow
GetParent
WindowFromPoint
EnableWindow
SendMessageW
DestroyIcon
FillRect
ReleaseDC
GetDC
DestroyCursor
GetSysColor
LoadBitmapW
IsWindowVisible
UnregisterDeviceNotification
GetKeyState
RegisterDeviceNotificationW
UpdateWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
TabbedTextOutW
DrawTextW
GetSystemMetrics
GetWindow
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringW
DrawTextExW

gdi32

CreateFontW
StretchBlt
GetStockObject
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetMapMode
GetClipBox
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
CreateBitmap
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePen
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetBkColor
SetTextColor
GetCurrentObject
FillRgn
CreateRoundRectRgn
CreateRectRgn
CreateCompatibleBitmap
CreateFontIndirectW
CreateSolidBrush
CreateCompatibleDC
GetObjectW
SelectObject
BitBlt
ExtTextOutW
DeleteDC
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW

shell32

ShellExecuteW

comctl32

_TrackMouseEvent

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
OleFlushClipboard
CoRegisterMessageFilter
CoInitializeEx

oleaut32

SysAllocString
OleCreateFontIndirect
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

setupapi

SetupDiGetClassDevsW
CM_Get_Device_IDW
SetupDiEnumDeviceInfo

Sections

.text
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f990956a7fcdc908791df55db5ce537

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

setupapi

Sections

.text Size: 288KB - Virtual size: 288KB

.rdata Size: 77KB - Virtual size: 76KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 288KB - Virtual size: 288KB

.rdata
Size: 77KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB