fe36d9985e803fc4b8f40d39739ec4c1af2b65407dfefebf59820d353f6555db

Sharing

Copy URL Twitter E-mail

General

Target

fe36d9985e803fc4b8f40d39739ec4c1af2b65407dfefebf59820d353f6555db
Size

225KB
MD5

f56c5bfac8c7f5db51494fde2e69d0bb
SHA1

2370d820af96718d97cad0f557764773dd7215e8
SHA256

fe36d9985e803fc4b8f40d39739ec4c1af2b65407dfefebf59820d353f6555db
SHA512

8dead4de2637266c7bd405d692da6e838b213c5be2468ea79aa487a3eb2deea2153495d42548431af5861514f31761e1ba432eb55d50cf85cbd734e4aa18dd2f
SSDEEP

6144:rJsarFP8akukUjAtaj0zu3bkaa55dWwINq+9kbu/L5S:yFB9u13bk/+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe36d9985e803fc4b8f40d39739ec4c1af2b65407dfefebf59820d353f6555db

Files

fe36d9985e803fc4b8f40d39739ec4c1af2b65407dfefebf59820d353f6555db
.exe windows:5 windows x86 arch:x86

0316e752db2e72618f60545ae274f30c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

comctl32

InitCommonControlsEx
CreateStatusWindowW
ord410
PropertySheetW
ord412
ImageList_AddMasked
ImageList_Create
ord413
ImageList_Destroy

shlwapi

PathUnquoteSpacesW
PathAppendW
PathIsRelativeW
StrTrimW
PathIsDirectoryW
SHAutoComplete
StrStrIW
PathFindFileNameW
PathQuoteSpacesW
StrCatBuffW
PathMatchSpecW
StrChrW
PathRenameExtensionW
StrRChrW
StrFormatByteSizeW
PathCompactPathExW
StrStrW
PathCommonPrefixW
PathFindExtensionW
PathCanonicalizeW
PathIsRootW
PathUnExpandEnvStringsW
PathIsPrefixW
PathRelativePathToW
StrDupW
PathRemoveFileSpecW
PathCombineW
PathRemoveBackslashW
PathAddBackslashW
PathIsSameRootW
StrRetToBufW

uxtheme

GetThemeSysFont
IsAppThemed
CloseThemeData
OpenThemeData
SetWindowTheme

kernel32

GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetStringTypeW
GetACP
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetStdHandle
TlsFree
WritePrivateProfileStringW
HeapFree
lstrcpynW
GetShortPathNameW
GetModuleFileNameW
GetPrivateProfileSectionW
GetFileAttributesW
GetVersionExW
GetSystemDirectoryW
HeapSize
SetFileAttributesW
GetPrivateProfileStringW
lstrcatW
GetNativeSystemInfo
HeapAlloc
GetCurrentDirectoryW
lstrcpyW
WritePrivateProfileSectionW
CompareStringW
WaitForSingleObject
GlobalAlloc
GlobalFree
CreateThread
SizeofResource
InterlockedExchange
SearchPathW
GetFullPathNameW
GetCurrentProcess
lstrlenW
ExpandEnvironmentStringsW
GetLocaleInfoW
GetCommandLineA
GetPrivateProfileSectionNamesW
FreeResource
OpenProcess
CreateEventW
GlobalSize
SetEvent
LockResource
CloseHandle
ResetEvent
LoadResource
FindResourceW
GetWindowsDirectoryW
GetProcAddress
GlobalLock
LocalFree
GetModuleHandleW
GlobalUnlock
MulDiv
CreateDirectoryW
GetFileSizeEx
GetCommandLineW
WriteFile
SetErrorMode
FindFirstChangeNotificationW
GetVersion
GetFileAttributesExW
FileTimeToSystemTime
FindCloseChangeNotification
FileTimeToLocalFileTime
FindNextChangeNotification
SetCurrentDirectoryW
GetTimeFormatW
GetProcessHeap
FreeLibrary
CopyFileW
GetDateFormatW
LoadLibraryExW
GetEnvironmentStringsW
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RaiseException
RtlUnwind
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetFileType
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetCPInfo
GetConsoleMode
SetFilePointerEx
WriteConsoleW
CreateFileW
DecodePointer

user32

FindWindowW
TranslateAcceleratorW
BringWindowToTop
SetFocus
IntersectRect
GetMessageTime
EnumWindows
SetMenuDefaultItem
SetWindowPlacement
SetMenuItemInfoW
SetTimer
OffsetRect
GetSubMenu
TrackPopupMenu
LoadAcceleratorsW
GetWindowPlacement
RegisterClassExW
UnregisterClassW
GetSystemMetrics
DeleteMenu
ShowOwnedPopups
MonitorFromWindow
EqualRect
IsWindowVisible
GetDC
GetFocus
MonitorFromPoint
ShowWindowAsync
LoadMenuW
GetKeyState
AdjustWindowRectEx
DefWindowProcW
GetMenuItemInfoW
GetMessageW
IsZoomed
CheckRadioButton
MessageBoxExW
CreateWindowExW
SendMessageW
KillTimer
SetWindowTextW
MessageBeep
CreatePopupMenu
WindowFromPoint
DestroyCursor
LoadStringW
GetActiveWindow
ShowWindow
BeginDeferWindowPos
wvsprintfW
DestroyIcon
GetDlgCtrlID
SetDlgItemTextW
GetDlgItemTextW
SendDlgItemMessageW
PostQuitMessage
EnableMenuItem
RegisterWindowMessageW
UpdateWindow
IsIconic
ReleaseDC
GetWindowThreadProcessId
DrawAnimatedRects
DeferWindowPos
GetSystemMenu
GetWindow
FindWindowExW
CopyImage
MonitorFromRect
SetActiveWindow
OpenClipboard
DispatchMessageW
RedrawWindow
DdeCreateStringHandleW
DdeConnect
GetMonitorInfoW
CloseClipboard
EmptyClipboard
PeekMessageW
MapWindowPoints
DdeInitializeW
DdeUninitialize
GetSysColor
IsWindowEnabled
IsDlgButtonChecked
DestroyMenu
GetMenuStringW
LoadIconW
LoadCursorW
GetClassNameW
SetCapture
EndDeferWindowPos
SetCursor
wsprintfW
SetWindowLongW
TrackPopupMenuEx
GetComboBoxInfo
GetDlgItem
AppendMenuW
CheckDlgButton
GetParent
ReleaseCapture
InvalidateRect
ChildWindowFromPoint
GetCursorPos
EnableWindow
GetWindowTextW
DialogBoxIndirectParamW
DdeClientTransaction
SetLayeredWindowAttributes
TranslateMessage
InsertMenuW
SetWindowPos
CheckMenuItem
GetClientRect
SetRect
DdeDisconnect
SystemParametersInfoW
DdeFreeStringHandle
SetForegroundWindow
LoadImageW
SetCursorPos
GetPropW
RemovePropW
SetPropW
GetWindowLongW
GetWindowTextLengthW
PostMessageW
CheckMenuRadioItem
GetWindowRect
EndDialog
DestroyWindow
SetClipboardData

gdi32

GetObjectW
GetDeviceCaps
GetStockObject
CreateFontIndirectW
CreateSolidBrush
DeleteObject

comdlg32

ChooseColorW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
OpenProcessToken
RegQueryValueExW
GetTokenInformation
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW

shell32

SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW
ShellExecuteExW
SHGetPathFromIDListW
SHGetFolderLocation
SHGetDataFromIDListW
SHGetDesktopFolder
ord180
SHAppBarMessage
SHOpenFolderAndSelectItems
SHGetFolderPathW
ord190
DragQueryFileW
Shell_NotifyIconW
SHCreateDirectoryExW
DragAcceptFiles
DragFinish
ShellExecuteW

ole32

CoCreateInstance
DoDragDrop
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0316e752db2e72618f60545ae274f30c

Headers

DLL Characteristics

File Characteristics

Imports

psapi

comctl32

shlwapi

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 2KB - Virtual size: 14KB

.rsrc Size: 56KB - Virtual size: 56KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 2KB - Virtual size: 14KB

.rsrc
Size: 56KB - Virtual size: 56KB

.reloc
Size: 11KB - Virtual size: 10KB