be003e4c782f87027e73bfbb5c2f87fce4b2aff5aea012032d9417b3cd8b2938

Sharing

Copy URL Twitter E-mail

General

Target

be003e4c782f87027e73bfbb5c2f87fce4b2aff5aea012032d9417b3cd8b2938
Size

15.0MB
MD5

d4fe3e56b890b66c4e0db8eddc64e3f2
SHA1

233f0084763651d49d74d7da4c2925994541be5f
SHA256

be003e4c782f87027e73bfbb5c2f87fce4b2aff5aea012032d9417b3cd8b2938
SHA512

40d7fbcf65fe53ec5d8053bfedff5e456fc067ca39681b10ff10bb503feea4f6658fb32b6034e9e2f097c93dc9819cf278272d0da263057e1722f984a5c42b85
SSDEEP

393216:6wjwkTANlWE3hjhC0jhnXxj8WSlR381OWpqpL9f0wX:6wUkAUqJR8fWgZfX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be003e4c782f87027e73bfbb5c2f87fce4b2aff5aea012032d9417b3cd8b2938

Files

be003e4c782f87027e73bfbb5c2f87fce4b2aff5aea012032d9417b3cd8b2938
.exe windows:5 windows x86 arch:x86

d301a06ca4a3460f1bb19ad263eef64f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
HeapReAlloc
GetFileType
LCMapStringW
HeapAlloc
GetStringTypeW
HeapFree
GetModuleHandleExW
FlushFileBuffers
GetStdHandle
GetEnvironmentStringsW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RtlUnwind
OutputDebugStringW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
SetStdHandle
GetConsoleCP
WriteConsoleW
lstrcpyW
GetCommandLineW
GetProcessHeap
LoadLibraryExW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrcpynW
GetLocalTime
GlobalAlloc
FindResourceW
MulDiv
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
FormatMessageW
GetFileAttributesW
CreateDirectoryW
LocalFileTimeToFileTime
SetFilePointer
GetACP
CreateFileW
GetCurrentDirectoryW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
lstrlenW
GetTickCount
GlobalUnlock
GlobalLock
ReadFile
SystemTimeToFileTime
GetCurrentProcessId
LocalFree
LoadResource
LockResource
GetLastError
FreeResource
FindClose
SetFileTime
TerminateProcess
UnmapViewOfFile
WriteFile
GetCurrentProcess
SetLastError
SizeofResource
GetFileSize
WideCharToMultiByte
MultiByteToWideChar
HeapSize
GetProcAddress
LoadLibraryA
GetModuleHandleA
MapViewOfFile
CreateFileMappingA
CloseHandle
ExitProcess

user32

wsprintfA
IsWindowEnabled
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
SetForegroundWindow
SetWindowRgn
GetKeyboardLayout
GetKeyNameTextW
MapVirtualKeyExW
GetCursorPos
ReleaseDC
PtInRect
GetDC
CallWindowProcW
RegisterClassW
GetClassInfoExW
GetWindowRect
SetPropW
GetPropW
SendMessageW
PostMessageW
CreateWindowExW
IsWindow
DestroyWindow
SetWindowPos
IsWindowVisible
IsIconic
SetFocus
EnableWindow
EqualRect
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
ScreenToClient
MapWindowPoints
GetSysColor
IntersectRect
UnionRect
OffsetRect
IsRectEmpty
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
DrawTextA
SetCursor
InflateRect
LoadCursorW
wsprintfW
DefWindowProcW
RegisterClassExW
ShowWindow
UpdateLayeredWindow
MoveWindow
GetWindowRgn
CharPrevW
DrawTextW
FillRect
SetRect
CreatePopupMenu
CreateCaret
TrackPopupMenu
AppendMenuW
EnableMenuItem
CharNextW
DestroyMenu

gdi32

PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SaveDC
GetTextMetricsW
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
CreatePen
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
GetObjectW
DeleteObject
SetWindowOrgEx
CreateRectRgn
PtInRegion
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
GetObjectA
MoveToEx
TextOutW
GdiFlush
CreatePatternBrush
GetTextExtentPointA
GetBitmapBits
SetBitmapBits
RestoreDC
GetTextExtentPoint32W

advapi32

CryptSetKeyParam
CryptImportKey
CryptReleaseContext
CryptGetKeyParam
CryptAcquireContextA
CryptDestroyKey
CryptDecrypt

shell32

DragQueryFileW

ole32

CoCreateInstance
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
DoDragDrop
RegisterDragDrop

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

ws2_32

gethostname
gethostbyname
WSAStartup

comctl32

InitCommonControlsEx
_TrackMouseEvent
ord17

gdiplus

GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangleI
GdipDrawRectangleI
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipGetImageWidth
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStream
GdipSetPenMode
GdipStringFormatGetGenericTypographic
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipSetStringFormatTrimming
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDeleteGraphics
GdipDeletePen

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 489KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d301a06ca4a3460f1bb19ad263eef64f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

comctl32

gdiplus

imm32

Sections

.text Size: 489KB - Virtual size: 489KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 9.6MB - Virtual size: 9.6MB

.rsrc Size: 4.8MB - Virtual size: 4.8MB

.reloc Size: 35KB - Virtual size: 34KB

.text
Size: 489KB - Virtual size: 489KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 9.6MB - Virtual size: 9.6MB

.rsrc
Size: 4.8MB - Virtual size: 4.8MB

.reloc
Size: 35KB - Virtual size: 34KB