e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20

Sharing

Copy URL

Twitter E-mail

General

Target

e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20
Size

3.5MB
MD5

b331ff135846956a414cdcaec85e420f
SHA1

2fd49427e95d9093645bfc6f9d7ba7280bf1fee8
SHA256

e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20
SHA512

0b979fa28171966be656da99aa9abcc00ffe1fc364f3914f96ddb4fbda52368966d3ad7b81673909dbbc888a05160233cce163a599fb41465f19130c8d96939c
SSDEEP

49152:W2dcEdgh8Lrj3vU6/ltO/byhW/XJ+2hCLXqTluciTst2u0+vs6xFw7G:xdcEFjvUwtOWbq0z6w7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20

Files

e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20
.exe windows:5 windows x86 arch:x86

6c0bb034af310cd102cd8880ea9eabc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
FindResourceW
CreateFileMappingA
SetEnvironmentVariableA
CreateFileW
GetProcessHeap
GetTimeZoneInformation
CompareStringW
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
HeapAlloc
IsProcessorFeaturePresent
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
IsValidCodePage
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
ExitThread
CreateThread
LCMapStringW
IsBadReadPtr
HeapValidate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
GetNumberFormatA
GetWindowsDirectoryA
FindResourceExW
InitializeCriticalSectionAndSpinCount
GetFileAttributesExA
GetFileSizeEx
GetUserDefaultLCID
GetFileTime
SearchPathA
GetTickCount
GetOEMCP
GetCPInfo
GetACP
GetProfileIntA
VirtualProtect
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
OpenEventA
GetHandleInformation
GetTempPathA
GetTempFileNameA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
FileTimeToSystemTime
GetAtomNameA
lstrcmpW
GlobalGetAtomNameA
GlobalFindAtomA
ResumeThread
SetThreadPriority
SetEvent
WaitForSingleObject
FreeResource
GlobalAddAtomA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
GetModuleHandleW
GlobalDeleteAtom
lstrcmpA
GetCurrentThreadId
GetLocaleInfoA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
LoadLibraryW
FreeLibrary
lstrcpyA
GetVersionExA
GetModuleFileNameA
SetErrorMode
MulDiv
GlobalFree
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
ActivateActCtx
DeactivateActCtx
GetLastError
SetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
DecodePointer
EncodePointer
InterlockedIncrement
LocalFileTimeToFileTime
GetCurrentDirectoryA
ReadFile
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
SetFilePointer
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
MultiByteToWideChar
Sleep
OpenProcess
WriteFile
GetCurrentThread
Process32First
InterlockedDecrement
lstrlenA
FindResourceA
CreateFileA
GetThreadContext
ExitProcess
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
DuplicateHandle

user32

SetClipboardData
CopyImage
LoadImageW
GetIconInfo
OffsetRect
UpdateLayeredWindow
MonitorFromPoint
LoadImageA
DestroyIcon
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
WaitMessage
SetClassLongA
SetRectEmpty
SetCursorPos
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
LoadAcceleratorsW
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyAcceleratorTable
CharUpperA
MessageBeep
ReleaseCapture
GetAsyncKeyState
RealChildWindowFromPoint
DestroyMenu
MapVirtualKeyA
GetKeyNameTextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
CreateWindowExA
GetClassInfoExA
RegisterClassA
SendDlgItemMessageA
MonitorFromWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
LoadIconW
LoadIconA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
NotifyWinEvent
GetForegroundWindow
SetForegroundWindow
HideCaret
CloseClipboard
OpenClipboard
WindowFromPoint
SetParent
IsChild
GetTopWindow
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
GetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
InvalidateRect
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
wsprintfA
GetSysColorBrush
LoadBitmapW
GetClassNameA
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetKeyState
PeekMessageA
ValidateRect
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
MapDialogRect
SetWindowPos
GetWindow
EmptyClipboard
CopyIcon
GetDoubleClickTime
GetClipboardFormatNameA
UnregisterClassA
RegisterClipboardFormatA
PtInRect
IsRectEmpty
CharUpperBuffA
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
RegisterWindowMessageA
DrawIconEx
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
IsWindow
MessageBoxA
GetWindowLongA
GetParent
GetLastActivePopup
IsClipboardFormatAvailable
IsCharLowerA
MapVirtualKeyExA
DestroyCursor
SubtractRect
UnionRect
IntersectRect
InflateRect
SetRect
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
CreateMenu
CreatePopupMenu
IsMenu
DeleteMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMenuItemInfoA
GetSubMenu
InsertMenuA
InsertMenuItemA
ModifyMenuA
RemoveMenu
SetMenuItemBitmaps
LoadMenuA
LoadMenuW
GetFocus
GetMenuCheckMarkDimensions
GetSystemMetrics
SystemParametersInfoA
EnumDisplayMonitors
GetMonitorInfoA
GetSysColor
SetLayeredWindowAttributes
DefWindowProcA
GetClassInfoA
LoadCursorA
LoadCursorW
PostQuitMessage
SetCursor
SendMessageA
GetWindowThreadProcessId
EnableWindow
IsWindowEnabled

gdi32

GetPixel
SetPixel
ExtFloodFill
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
Escape
GetBoundsRect
SetPixelV
CopyMetaFileA
EnumFontFamiliesA
GetTextCharsetInfo
DeleteObject
CreateDIBitmap
StretchBlt
RectVisible
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectPalette
PatBlt
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetLayout
SetLayout
ExtSelectClipRgn
CreateDIBSection
SetDIBColorTable
EnumFontFamiliesExA
GetSystemPaletteEntries
RealizePalette
SelectObject
BitBlt
PtVisible
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetTextColor
Rectangle
Polygon
Ellipse
Polyline
SetBkMode
GetBkColor
SetRectRgn
GetDeviceCaps
CreateCompatibleDC
CreateDCA
PtInRegion
GetRgnBox
OffsetRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
GetNearestPaletteIndex
SetPaletteEntries
GetPaletteEntries
CreatePalette
CreateCompatibleBitmap
CreateBitmap
CreateFontIndirectA
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
GetStockObject
GetObjectA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

SetThreadToken
OpenThreadToken
RegEnumKeyExA
RegEnumValueA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RevertToSelf

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA
PathIsDirectoryA

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CoInitializeEx
CoCreateInstance
CoUninitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CreateStreamOnHGlobal
CoCreateGuid
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
OleDuplicateData
CoInitialize

oleaut32

SysStringLen
SysAllocStringLen
VariantChangeType
SysFreeString
VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantInit
VariantClear
SysAllocString

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdiplusStartup
GdipCreateBitmapFromStreamICM

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 721KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c0bb034af310cd102cd8880ea9eabc1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 387KB - Virtual size: 386KB

.data Size: 25KB - Virtual size: 56KB

.rsrc Size: 721KB - Virtual size: 720KB

.reloc Size: 230KB - Virtual size: 230KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 387KB - Virtual size: 386KB

.data
Size: 25KB - Virtual size: 56KB

.rsrc
Size: 721KB - Virtual size: 720KB

.reloc
Size: 230KB - Virtual size: 230KB