1152e8006d335f12121524fc19983916f0fb9fc908d0dbd8e1f0b55cd2b2bd41

Sharing

Copy URL Twitter E-mail

General

Target

1152e8006d335f12121524fc19983916f0fb9fc908d0dbd8e1f0b55cd2b2bd41
Size

715KB
MD5

c031f34a2cc5b1ba44ffe753c0966604
SHA1

a581dbbfccbad58648247451fb01a8766653b4cc
SHA256

1152e8006d335f12121524fc19983916f0fb9fc908d0dbd8e1f0b55cd2b2bd41
SHA512

c3aab0ee156a895a51feefe49e690ce2145b3b885aaa90329b109a362c394ac5a32579dd9c841f3610cba04c3c84b0ba4d3daa81b74e4f16c118383c46dfce0a
SSDEEP

6144:8Xo3iTN+3V004lnmHnJDJfEy2+6UPh8deWLJvp4cPYKwRGLJyG8YRZRCmThx/v2L:8hTIwa59hgjvLwRG0gjRHdk75Tf0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1152e8006d335f12121524fc19983916f0fb9fc908d0dbd8e1f0b55cd2b2bd41

Files

1152e8006d335f12121524fc19983916f0fb9fc908d0dbd8e1f0b55cd2b2bd41
.exe windows:6 windows x86 arch:x86

e2d65fc86486c6c095cea9eeaa101702

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
GetOEMCP
GetCPInfo
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
CreateFileW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcess
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
SetFilePointerEx
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetStdHandle
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetFileType
SetStdHandle
GetModuleHandleExW
RtlUnwind
GetStringTypeW
LCMapStringEx
CompareStringEx
OutputDebugStringW
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
FindResourceA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GetVersionExA
GetCurrentThread
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
CreateFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GetCurrentThreadId
SetEvent
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
LoadLibraryExW
FreeLibrary
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
HeapFree
GlobalAlloc
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
ReadFile
CloseHandle
CreateProcessA
GetStartupInfoA
CreatePipe
MultiByteToWideChar
DeleteFileA
SetCurrentDirectoryA
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
Sleep
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
IsValidCodePage

user32

GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollPos
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
GetWindow
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetDC
UnregisterClassA
PostMessageA
LoadIconW
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
SetCursor
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
SetActiveWindow
GetNextDlgTabItem
LoadIconA
WinHelpA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
IsChild
SendMessageA
SetTimer
GetClientRect
IsIconic
GetSystemMetrics
DrawIcon
MoveWindow
EnableWindow
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetDesktopWindow
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostQuitMessage
IsDialogMessageA
GetSysColorBrush
LoadCursorA
CharUpperA
RealChildWindowFromPoint
KillTimer
InvalidateRect
DestroyMenu
IsWindowEnabled
SetWindowTextA
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem

gdi32

GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetBkColor
SetMapMode
SetTextColor
GetObjectA
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
Escape
DeleteObject
CreateBitmap
GetDeviceCaps
DeleteDC

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
UrlUnescapeA

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

wininet

InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryOptionA
InternetSetOptionA
InternetCrackUrlA
InternetQueryDataAvailable
InternetWriteFile
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA

libcef

cef_string_list_copy
cef_string_multimap_free
cef_string_multimap_alloc
cef_string_utf16_set
cef_string_utf16_cmp
cef_string_utf16_clear
cef_string_utf8_to_utf16
cef_string_userfree_utf16_free
cef_string_list_alloc
cef_string_list_free
cef_v8value_create_function
cef_initialize
cef_shutdown
cef_api_hash
cef_browser_host_create_browser
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_string_map_alloc
cef_string_map_free

ws2_32

closesocket
inet_pton
WSAStartup
socket
WSACleanup
htons
bind

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2d65fc86486c6c095cea9eeaa101702

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

wininet

libcef

ws2_32

oleacc

Sections

.text Size: 442KB - Virtual size: 441KB

.rdata Size: 118KB - Virtual size: 117KB

.data Size: 9KB - Virtual size: 19KB

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 442KB - Virtual size: 441KB

.rdata
Size: 118KB - Virtual size: 117KB

.data
Size: 9KB - Virtual size: 19KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 29KB - Virtual size: 29KB