0581dab2fe118b621c7a1712c9b5e7cf138faa8bf89a80e2c14530d3476e6728

Sharing

Copy URL Twitter E-mail

General

Target

0581dab2fe118b621c7a1712c9b5e7cf138faa8bf89a80e2c14530d3476e6728
Size

3.6MB
MD5

8ca8b8012a34a0bdfae44d0b88d0d2a8
SHA1

3b49abd2224691d93bf20b0b0041948b88d31980
SHA256

0581dab2fe118b621c7a1712c9b5e7cf138faa8bf89a80e2c14530d3476e6728
SHA512

82d4ffbde49eeb9d5ae819d18937543dab97792a510e75ceee7e523fe1fbb648d5bb1b275e8fe703cfb7995fa89e5847f61b1b579250415bfddb80db7dcc7df5
SSDEEP

49152:UnWr+VPH2EPq5WAnuoSKFbC9N9wBKqPDQ4lxKBa:Ukmq5trnG9N96LJxi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0581dab2fe118b621c7a1712c9b5e7cf138faa8bf89a80e2c14530d3476e6728

Files

0581dab2fe118b621c7a1712c9b5e7cf138faa8bf89a80e2c14530d3476e6728
.exe windows:4 windows x86

a017ff7b389cd510488a0d8f21b7e46c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
RaiseException
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateProcessA
GetModuleFileNameA
TerminateProcess
ExitProcess
GetProfileStringA
InterlockedExchange
Sleep
SetUnhandledExceptionFilter
InitializeCriticalSection
WinExec
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
CreateThread
GetVersion
GetFileAttributesA
ResumeThread
TerminateThread
GetLastError
VirtualFree
VirtualAlloc
SetFileAttributesA
GetVersionExA
CreateFileA
GetCurrentProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateEventA
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
RtlUnwind
GetTickCount
GetOEMCP
GetCPInfo
GetProcessVersion
GetCurrentDirectoryA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
DeleteCriticalSection
TlsAlloc
GetFileTime
GetFileSize
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindFirstFileA
FindClose
lstrcpynA
GetThreadLocale
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
LoadLibraryA
FreeLibrary
lstrcatA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
SetLastError
SuspendThread
SetThreadPriority
lstrcmpA
lstrcmpiA
GetCurrentThread
FormatMessageA
LocalAlloc
LocalFree
lstrlenA
GlobalGetAtomNameA
GlobalDeleteAtom
CreateMutexA
ReleaseMutex
GlobalAddAtomA
ExitThread
GetCurrentThreadId
SetEvent
ResetEvent
CloseHandle

user32

GetNextDlgGroupItem
CopyAcceleratorTableA
MessageBeep
GetSysColorBrush
GetClassNameA
WindowFromPoint
ReleaseCapture
SetCapture
LoadCursorA
PtInRect
SetRectEmpty
CharUpperA
InflateRect
DestroyMenu
CharNextA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
MapDialogRect
SetWindowContextHelpId
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetWindow
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndDialog
SetActiveWindow
DestroyWindow
GrayStringA
DrawTextA
TabbedTextOutA
MessageBoxA
LoadIconA
SendMessageA
AppendMenuA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetSystemMenu
DrawIcon
GetClientRect
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
IsWindowEnabled
SetCursor
LockWindowUpdate
GetDCEx
RegisterClipboardFormatA
PostQuitMessage
wsprintfA
GetLastActivePopup
BringWindowToTop
IsWindowVisible
BroadcastSystemMessage
RegisterWindowMessageA
PostThreadMessageA
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
SetMenuDefaultItem
GetSystemMetrics
IsIconic
SetTimer
EnableWindow
RedrawWindow
ShowWindow
GetDlgItem
KillTimer
PostMessageA
GetForegroundWindow
GetWindowLongA
GetDesktopWindow
CreatePopupMenu
ClientToScreen
ScreenToClient
GetCursorPos
UpdateWindow
LoadStringA
LoadBitmapA
GetParent
GetWindowRect
SetParent
IsWindow
CloseWindow
SetWindowPos
GetKeyState
EnableMenuItem
GetSubMenu
LoadMenuA
SetRect
ReleaseDC
GetDC
InvalidateRect
FillRect
GetSysColor
CopyRect
CreateDialogIndirectParamA

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
IntersectClipRect
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
GetObjectA
GetTextColor
GetBkColor
GetMapMode
SetRectRgn
CombineRgn
CreateFontIndirectA
DPtoLP
StretchDIBits
GetCharWidthA
CreateFontA
GetTextMetricsA
LPtoDP
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
GetStockObject
RestoreDC
SaveDC
CreateBitmap
BitBlt
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
PtVisible
CreateDIBitmap
GetTextExtentPointA
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges

shell32

DragAcceptFiles
Shell_NotifyIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create
ord17

oledlg

ord8

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReleaseStgMedium
OleDuplicateData
OleCreateStaticFromData
CreateStreamOnHGlobal
OleUninitialize
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree

olepro32

ord251
ord253

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
VariantTimeToSystemTime
SysStringLen
GetErrorInfo
VariantCopy

winmm

waveOutPrepareHeader
waveOutWrite
waveOutClose
waveOutOpen
waveInOpen
waveInPrepareHeader
waveInStart
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveInAddBuffer
PlaySoundA

ws2_32

bind
accept
inet_ntoa
WSAGetLastError
listen
WSAStartup
recvfrom
setsockopt
sendto
gethostbyname
recv
gethostname
connect
send
htons
htonl
inet_addr
shutdown
closesocket
socket

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a017ff7b389cd510488a0d8f21b7e46c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

winmm

ws2_32

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 24KB - Virtual size: 42KB

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 24KB - Virtual size: 42KB

.rsrc
Size: 3.2MB - Virtual size: 3.2MB