e5611719fc4b84da16ed826040eb128db349f16b6fce19cc75130cc00956b5f7

Sharing

Copy URL Twitter E-mail

General

Target

e5611719fc4b84da16ed826040eb128db349f16b6fce19cc75130cc00956b5f7
Size

2.9MB
MD5

ce6568c677e5d8fb8a1dfbcb17ad5d36
SHA1

bf4d79941c56c7724dd64f5aef1ec0b693876768
SHA256

e5611719fc4b84da16ed826040eb128db349f16b6fce19cc75130cc00956b5f7
SHA512

9d2cfd0ea04442862f91d4d624e4cce53d8dc74258af27171232dac0e06fe9e5d85a7b43d3a6d709b77b08320604894a7d3763b9e92ff38fa062d53ae6a23293
SSDEEP

49152:SiYajloPV1LOJITA8XsPHx5VWSb6onQxEDOtMH8G6cMtUYKlVZjwf:4afOonQxG/6ZtUY+o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5611719fc4b84da16ed826040eb128db349f16b6fce19cc75130cc00956b5f7

Files

e5611719fc4b84da16ed826040eb128db349f16b6fce19cc75130cc00956b5f7
.exe windows:6 windows x64 arch:x64

c974b456e1b62190fe4dcd0123fef513

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
Sleep
VirtualQuery
WideCharToMultiByte
CopyFileW
GetCurrentProcessId
GetCurrentDirectoryW
DeleteFileW
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetVersionExW
GetCurrentThreadId
GetFileAttributesW
FindClose
TerminateProcess
GetCurrentProcess
FindNextFileW
GetCommandLineW
FindFirstFileW
ReadFile
FreeLibrary
LoadLibraryW
ExitProcess
FindResourceW
LoadResource
LockResource
FreeResource
InitializeCriticalSection
SizeofResource
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
SetThreadPriority
SetEvent
CreateThread
WaitForSingleObject
CreateEventW
lstrcpyW
SetLastError
CloseHandle
SetWaitableTimer
CreateWaitableTimerW
IsDebuggerPresent
GetModuleFileNameW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
GetTickCount
CreateRemoteThread
GetModuleHandleW
GetProcAddress
WriteProcessMemory
VirtualAllocEx
CreateProcessW
IsWow64Process
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
ReadConsoleW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
GetConsoleMode
GetConsoleOutputCP
OutputDebugStringA
GetCurrentThread
GetModuleHandleExW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CompareStringA
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
LocalFree
FormatMessageW
EncodePointer
GlobalFindAtomW
CompareStringW
GlobalGetAtomNameW
VerSetConditionMask
VerifyVersionInfoW
CreateFileW
GetFileSize
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
GetThreadLocale
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
VirtualProtect
SearchPathW
GetProfileIntW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileTime
SetErrorMode
FindResourceExW
GetTempFileNameW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
GetStartupInfoW
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
GetSystemInfo
VirtualAlloc
QueryPerformanceFrequency
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
SetFilePointerEx

user32

SetMenu
TrackPopupMenu
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
SetWindowLongW
SetWindowLongPtrW
GetClassLongPtrW
GetClassNameW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
ShowWindow
BringWindowToTop
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
InvalidateRect
SetRectEmpty
IntersectRect
DestroyIcon
UnpackDDElParam
ReuseDDElParam
SetParent
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
DrawStateW
IsRectEmpty
TrackMouseEvent
CharUpperW
GetAsyncKeyState
SetCapture
SetTimer
KillTimer
GetSystemMenu
DeleteMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
ModifyMenuW
ClientToScreen
PostThreadMessageW
GetWindowPlacement
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongPtrW
CheckDlgButton
GetCapture
SetWindowTextW
IsDialogMessageW
CharNextW
InvalidateRgn
SetRect
GetNextDlgGroupItem
GetNextDlgTabItem
RealChildWindowFromPoint
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetIconInfo
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
CreateMenu
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
DestroyWindow
IsChild
IsMenu
GetClassInfoExW
CallWindowProcW
GetMessageTime
GetMessagePos
GetFocus
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
UnregisterClassW
GetSubMenu
GetMenuState
GetMenuStringW
MessageBoxW
IsWindow
SetFocus
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
ReleaseDC
GetMenu
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
MonitorFromPoint
InflateRect
CopyRect
FillRect
GetSysColor
ScreenToClient
RegisterWindowMessageW
UnhookWindowsHookEx
GetLastActivePopup
GetWindowLongW
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
IsWindowVisible
GetMessageW
PostQuitMessage
PostMessageW
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
GetDesktopWindow
SetWindowPlacement
WaitMessage
EnableMenuItem
GetClientRect
GetKeyState
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData
SetForegroundWindow
CopyImage
DefWindowProcW
CreateWindowExW
SendMessageW
GetWindowLongPtrW
LoadStringW
GetClassInfoW
RegisterClassW
LoadIconW
LoadCursorW
GetParent
LoadImageW
GetWindowRect
GetDC
GetSystemMetrics
GetWindowDC
GetActiveWindow

gdi32

GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
CreateHatchBrush
Escape
ExcludeClipRect
SetPixel
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
CreateRoundRectRgn
PatBlt
GetPixel
GetClipBox
CreateRectRgn
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
CombineRgn
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
DPtoLP
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateSolidBrush
CreateRectRgnIndirect
CreatePatternBrush
CreatePen
CreateDIBitmap
SetTextColor
SetBkColor
CreateDCW
CopyMetaFileW
CreateDIBSection
GetTextExtentPoint32W
CreateBitmap
SelectObject
CreateCompatibleBitmap
BitBlt
SetBkMode
SetPixelV
GetTextFaceW
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetDIBColorTable
SetRectRgn
GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
DeleteDC
DeleteObject
GetObjectW
CreatePalette
SelectPalette
GetSystemPaletteEntries
GetDeviceCaps
GetDIBits
GetStockObject
RealizePalette
StretchBlt
CreateCompatibleDC
CreateFontIndirectW

advapi32

RegEnumKeyW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegQueryValueW

shell32

DragFinish
DragQueryFileW
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
DoDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
ReleaseStgMedium
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoInitialize
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
IsAccelerator

oleaut32

VarBstrFromDate
SafeArrayDestroy
SysStringLen
SysFreeString
VariantClear
VariantChangeType
VariantCopy
OleCreateFontIndirect
LoadTypeLi
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
VariantInit
SysAllocString

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetThemeSysColor
GetCurrentThemeName

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageI
GdiplusShutdown
GdipCreateBitmapFromFile

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 559KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c974b456e1b62190fe4dcd0123fef513

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

shlwapi

uxtheme

oledlg

gdiplus

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 559KB - Virtual size: 558KB

.data Size: 32KB - Virtual size: 62KB

.pdata Size: 89KB - Virtual size: 89KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 343KB - Virtual size: 342KB

.reloc Size: 60KB - Virtual size: 60KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 559KB - Virtual size: 558KB

.data
Size: 32KB - Virtual size: 62KB

.pdata
Size: 89KB - Virtual size: 89KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 343KB - Virtual size: 342KB

.reloc
Size: 60KB - Virtual size: 60KB