eca5dc69c1f7592558525effdd1f18027d0375f68ff452b2e441de3b7642b31a

Sharing

Copy URL Twitter E-mail

General

Target

eca5dc69c1f7592558525effdd1f18027d0375f68ff452b2e441de3b7642b31a
Size

218KB
MD5

c4b99514b0b32c845acdc9603b7f3bde
SHA1

9bc43064ea5a75ef4c6bfaa5d05efe12348932b8
SHA256

eca5dc69c1f7592558525effdd1f18027d0375f68ff452b2e441de3b7642b31a
SHA512

b9102461bbf00b05373b97e23f63775e532dd29d3157753ffa12039c83580e64a985b1122654d9ab73faa37c62a2b2d09e6812c331de8be67fe649e304032eae
SSDEEP

6144:BHQHyKpJLQXz+PAOmSwPQ6YpRSxdwJpu2WPGDc:JXKp1PAqx6YedwJJc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eca5dc69c1f7592558525effdd1f18027d0375f68ff452b2e441de3b7642b31a

Files

eca5dc69c1f7592558525effdd1f18027d0375f68ff452b2e441de3b7642b31a
.exe windows:4 windows x86

d6f5a28f0cd7e905544c115199e391d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenServiceA
RegCreateKeyExA
RegEnumKeyExW
RegCreateKeyW
RegConnectRegistryW
RegOpenKeyExA
RegQueryValueExA
DecryptFileW
InitiateSystemShutdownW
RegOpenKeyExW
CreateServiceA
RegDeleteValueW
RegSetValueExW
StartServiceCtrlDispatcherW
CloseServiceHandle
RegEnumValueA
RegOpenKeyW
RegLoadKeyW
RegQueryValueExW
PrivilegeCheck
RegisterServiceCtrlHandlerA
RegLoadKeyA
AreAnyAccessesGranted

gdi32

SwapBuffers
CreateEnhMetaFileA
FillRgn
LineTo
EnumFontFamiliesW
GetTextExtentPoint32W
CreateScalableFontResourceA
RestoreDC
SetEnhMetaFileBits
GetPixel
CreateMetaFileW
StartPage
CreateDCW
PolyPolygon
SelectClipRgn
GetCharABCWidthsA
CopyEnhMetaFileA
CreateBitmap
FrameRgn
SetTextJustification
GetArcDirection
CombineRgn
GetMetaFileA
OffsetRgn
TranslateCharsetInfo
CreatePolygonRgn
CreateSolidBrush
EndPath
IntersectClipRect
SetWindowOrgEx
SetSystemPaletteUse
PolyPolyline
GetMetaFileBitsEx
Chord
GetOutlineTextMetricsA
FlattenPath
UnrealizeObject
RemoveFontResourceA
CreatePen
GetTextCharset
ResizePalette
SetDeviceGammaRamp
SetWinMetaFileBits
StretchDIBits
GetMapMode
DescribePixelFormat
CreateFontW
ResetDCA
CloseEnhMetaFile
GetPaletteEntries
UpdateColors
StartDocA
GetCharABCWidthsFloatW
PlgBlt
SetDIBColorTable
GdiComment
GetDIBColorTable
ArcTo
SetTextAlign
GetBoundsRect
EqualRgn
CreateEllipticRgnIndirect
StartDocW
SelectClipPath
SetBitmapDimensionEx
GetTextFaceW
GetEnhMetaFileDescriptionA
GetNearestColor
GetWindowOrgEx
SetTextCharacterExtra
DeleteObject
SetPolyFillMode
SetPixel
Arc
AbortPath
CreateCompatibleBitmap
ExcludeClipRect
CreateMetaFileA
GetDIBits
CreateFontA
RoundRect
Ellipse
GetDeviceCaps
SetBkColor
CreateDIBitmap
CreateDIBPatternBrush
PtInRegion
SaveDC
GetROP2
PaintRgn
GetCharWidth32A
GetCharWidthW
GetTextExtentPointW
GetStretchBltMode
CreateFontIndirectA
SetMapperFlags
AbortDoc
GetTextExtentExPointA
GetPath
SetBitmapBits
CloseMetaFile
DeleteDC
GetTextMetricsA
TextOutW
ChoosePixelFormat
GetMetaFileW
SetRectRgn
SetAbortProc
GetGraphicsMode
GetKerningPairsA
GetWindowExtEx
GetCharWidth32W
CreateDCA
OffsetViewportOrgEx
AngleArc
Pie
SetTextColor
PolylineTo
GetDCOrgEx
CreateDIBSection
RemoveFontResourceW
GetTextFaceA
GetTextExtentPointA
GetRegionData
SetViewportExtEx
CopyMetaFileW
DeleteEnhMetaFile
PathToRegion
GetTextExtentPoint32A
SetBkMode
CopyMetaFileA
SelectPalette
DPtoLP
CreateEllipticRgn
CreateFontIndirectW
SetMiterLimit
Rectangle
EndPage
WidenPath
GetEnhMetaFileDescriptionW
PolyBezierTo
ScaleViewportExtEx
CreateBitmapIndirect
GetGlyphOutlineA
GetCharABCWidthsW
GdiFlush
EndDoc
DeleteMetaFile
GetFontLanguageInfo
SelectObject
GetBkColor
BeginPath
GetClipRgn
CreateHalftonePalette
GetViewportOrgEx
SetROP2
GetPixelFormat
CreatePalette
ExtCreateRegion
GetEnhMetaFileHeader
GetBitmapBits
SetMetaRgn
OffsetWindowOrgEx
CreateBrushIndirect
PolyDraw
CreatePatternBrush
SetPaletteEntries
PtVisible
ExtCreatePen
SetICMMode
MoveToEx
PlayEnhMetaFile
GetCurrentObject
Polygon
GetNearestPaletteIndex
ExtTextOutA
GetCharacterPlacementW
GetTextCharsetInfo
StrokeAndFillPath
RealizePalette
RectInRegion
SetViewportOrgEx
SetGraphicsMode
SetPixelFormat
GetGlyphOutlineW
GetEnhMetaFileBits
SetBrushOrgEx
LineDDA
GetICMProfileW
GetObjectA
CreateRectRgn
CreateICW
GetEnhMetaFilePaletteEntries
AddFontResourceA
ResetDCW
Polyline
GetSystemPaletteEntries
GetCurrentPositionEx

shell32

SHGetSpecialFolderPathA

wininet

HttpQueryInfoW
FindNextUrlCacheEntryW
InternetCrackUrlW
GopherOpenFileW
FtpOpenFileW
HttpEndRequestW
FtpGetCurrentDirectoryA
GetUrlCacheEntryInfoA
FindFirstUrlCacheEntryExA
InternetCreateUrlW
HttpSendRequestA
InternetOpenA
GopherCreateLocatorW
InternetLockRequestFile
InternetSetCookieA
FtpPutFileW

user32

SetWindowPlacement
SetCaretPos
CharPrevW
OpenInputDesktop
GetWindowThreadProcessId
GetForegroundWindow
GetDCEx
GetMenuState
GetDlgItemInt

msvcrt

_XcptFilter
_controlfp
mblen
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
mblen

kernel32

ExpandEnvironmentStringsA
_lopen
_lopen

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6f5a28f0cd7e905544c115199e391d5

Headers

File Characteristics

Imports

advapi32

gdi32

shell32

wininet

user32

msvcrt

kernel32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 158KB

.rsrc Size: 144KB - Virtual size: 142KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 158KB

.rsrc
Size: 144KB - Virtual size: 142KB