9aa521c13e14411592e1e8548d55ab0480435376a67420faf12c9dc71be15707

Sharing

Copy URL Twitter E-mail

General

Target

9aa521c13e14411592e1e8548d55ab0480435376a67420faf12c9dc71be15707
Size

396KB
MD5

4e313c7fd527260b6f747d5a358f40e3
SHA1

cdd607ac524f937af9d57d6343315272c528832b
SHA256

9aa521c13e14411592e1e8548d55ab0480435376a67420faf12c9dc71be15707
SHA512

30de7407acdb2411953f873afe307320e442a6224c85155ea508b88e77ee61dd7801c01d0e67385361d50872d82d3d98bff2a73a0238b905c39dac4a3d4964b4
SSDEEP

6144:rSnTzUjOJuzYcHcjooB2aNZC7yp2aNZC7yJgnJL9eQZ:rSnTzGOJGYcHravC7yEavC7yJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aa521c13e14411592e1e8548d55ab0480435376a67420faf12c9dc71be15707

Files

9aa521c13e14411592e1e8548d55ab0480435376a67420faf12c9dc71be15707
.exe windows:4 windows x86 arch:x86

e3dbd91cf970de7ac3dd2fde99ba9985

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
ExitProcess
RtlUnwind
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
FormatMessageW
GetFileTime
GetFileSize
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetThreadLocale
GetProcessVersion
LoadLibraryA
GetVersion
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GetLastError
GetModuleHandleA
SetLastError
MultiByteToWideChar
lstrlenA
InterlockedIncrement
lstrcpyW
lstrcatW
WritePrivateProfileStringW
InterlockedDecrement
GlobalFlags
lstrcmpiW
MulDiv
lstrcpynW
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetTickCount
FindResourceW
LoadResource
LockResource
GlobalFree
CloseHandle
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
LoadLibraryW
GetProcAddress
HeapDestroy
FreeLibrary

user32

CreateDialogIndirectParamW
EndDialog
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableW
CharNextW
LoadStringW
GetSysColorBrush
LoadCursorW
LoadIconW
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
OffsetRect
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
GrayStringW
DrawTextW
TabbedTextOutW
GetWindowDC
ReleaseDC
GetDC
GetMenuItemCount
wsprintfW
UnhookWindowsHookEx
GetDesktopWindow
GetWindowTextW
SetWindowTextW
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
RegisterClipboardFormatW
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
DestroyMenu
CharUpperW
RemovePropW
PostThreadMessageW
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
EnableWindow
SetCursor
SendMessageW
PostMessageW
PostQuitMessage
UnregisterClassW

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetObjectW
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
GetMapMode
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

comctl32

ord17

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

SysStringLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3dbd91cf970de7ac3dd2fde99ba9985

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 224KB - Virtual size: 223KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 224KB - Virtual size: 223KB