e533a43edbdb42cc0898084e27c05e98

Sharing

Copy URL Twitter E-mail

General

Target

e533a43edbdb42cc0898084e27c05e98
Size

1.5MB
MD5

e533a43edbdb42cc0898084e27c05e98
SHA1

d92d75ee3176c6b2164340b645dc8daecd04084f
SHA256

3ca5eb111e1cb933766ec1254e48eff8d1d3d2bd6abe726a48bbabc9d0e480af
SHA512

9c05cca35b6e935f571773ba60c289422499698c45026c62d222fe5faf45e07b2b924e1bc07b56322b85aadce953a0d48a2ea3ea4d783dce4257c0d407cfb565
SSDEEP

24576:uOrIbdsd+4X/6B5nIPph+oTdnAZEcGad6sCRaH59wgMrzy:uH4XGyWF63aYgSy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e533a43edbdb42cc0898084e27c05e98

Files

e533a43edbdb42cc0898084e27c05e98
.exe windows:4 windows x86 arch:x86

1f2eeeef48180b1de6c5ad704a3f16ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCaretPos
CreateCaret
ShowCaret
GetClipboardData
RegisterClipboardFormatW
SetCursorPos
GetMessageTime
GetDoubleClickTime
HideCaret
DefWindowProcW
LoadCursorW
SetCursor
IsClipboardFormatAvailable
UnpackDDElParam
IsWindowUnicode
ReuseDDElParam
EnableMenuItem
GetMenu
GetMessagePos
GetWindowLongW
TranslateAcceleratorW
TranslateMDISysAccel
ModifyMenuW
DestroyAcceleratorTable
IsChild
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
WinHelpW
LoadStringW
RemoveMenu
GetKeyboardLayout
CreateAcceleratorTableW
CopyAcceleratorTableW
FindWindowW
OpenClipboard
IsCharUpperW
IsCharLowerW
IsWindowEnabled
GetActiveWindow
SetActiveWindow
EmptyClipboard
SetClipboardData
CloseClipboard
ClientToScreen
DrawTextW
wsprintfA
MessageBeep
GetFocus
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
IsCharAlphaNumericW
AppendMenuW
GetMenuStringW
InsertMenuW
DestroyMenu
GetWindow
DrawMenuBar
SetForegroundWindow
LoadMenuW
GetSubMenu
DeleteMenu
GetCaretPos
GetMenuItemID
TrackPopupMenuEx
DialogBoxParamW
LoadAcceleratorsW
GetDlgItem
SetWindowLongW
GetDesktopWindow
GetSysColor
GetSysColorBrush
EndDialog
CallWindowProcW
SystemParametersInfoW
SetWindowPos
DdeClientTransaction
DdeDisconnect
DdeCreateStringHandleW
DdeConnect
DdeFreeStringHandle
DdeInitializeW
DdeUninitialize
RegisterWindowMessageW
InvalidateRgn
GetDC
ReleaseDC
InvalidateRect
LoadBitmapW
InflateRect
GetNextDlgGroupItem
PostThreadMessageW
GetTabbedTextExtentA
LockWindowUpdate
GetDCEx
InvertRect
DestroyIcon
SetRect
OffsetRect
IsIconic
UpdateWindow
ChangeClipboardChain
SetClipboardViewer
IsZoomed
GetKeyState
CharUpperW
IsWindow
IsWindowVisible
GetClassLongW
SetClassLongW
CharLowerW
TabbedTextOutW
FillRect
EnableWindow
GetCapture
KillTimer
GetCursorPos
ScreenToClient
PtInRect
SetCapture
SetTimer
ReleaseCapture
PostMessageW
GetParent
SendMessageW
GetWindowRect
GetClientRect
SetFocus
GetTabbedTextExtentW
GetScrollPos
PostQuitMessage
SetRectEmpty
keybd_event
DrawFocusRect
GetKeyNameTextW
MapVirtualKeyW
GetMenuItemInfoW
CreatePopupMenu
GetForegroundWindow
GetMenuItemCount
wsprintfW
MapDialogRect
SetWindowContextHelpId
CharNextW
GetClassNameW
GetSystemMenu
IsRectEmpty
SetParent
WindowFromPoint
GetWindowThreadProcessId
WaitMessage
GetMessageW
TranslateMessage
ValidateRect
ShowOwnedPopups
DestroyCursor
SetMenu
RedrawWindow
DefMDIChildProcW
DefFrameProcW
BringWindowToTop
GrayStringW
EndPaint
BeginPaint
GetWindowDC
wvsprintfW
ShowWindow
MoveWindow
IsDialogMessageW
ScrollWindowEx
SetDlgItemTextW
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
GetSystemMetrics
GetWindowPlacement
IntersectRect
GetLastActivePopup
RemovePropW
GetPropW
UnhookWindowsHookEx
SetPropW
CallNextHookEx
SetWindowsHookExW
CreateWindowExW
DestroyWindow
SetWindowPlacement
TrackPopupMenu
RegisterClassW
GetClassInfoW
MessageBoxW
GetTopWindow
SetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EqualRect
DispatchMessageW
PeekMessageW
MapWindowPoints
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
CreateDialogIndirectParamW
GetNextDlgTabItem
CheckMenuItem
UnregisterClassW

comctl32

ImageList_LoadImageW
ord17
ImageList_Destroy
ImageList_Create
ImageList_Draw
ImageList_AddMasked

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

FindClose
FindFirstFileW
CloseHandle
ReadFile
SetFilePointer
GetFileSize
CreateFileW
lstrcpyW
GetSystemTime
GetCurrentDirectoryW
GlobalFree
GlobalUnlock
GetDateFormatW
GlobalAlloc
FreeLibrary
Sleep
CreateFileMappingW
OpenFileMappingW
FindNextFileW
SetCurrentDirectoryW
DeleteFileW
GetTempFileNameW
GetModuleFileNameW
LoadLibraryW
GetCPInfo
GetStringTypeExW
GetThreadLocale
lstrlenW
lstrcmpiW
GetFullPathNameW
GetProcAddress
LocalFree
LocalAlloc
GetCurrentProcess
GetLastError
GetCurrentThread
MulDiv
GetTempPathW
SystemTimeToFileTime
WaitForSingleObject
LoadResource
LockResource
IsValidCodePage
GetVersionExW
SetEndOfFile
WriteFile
GetShortPathNameW
FormatMessageW
GetLocaleInfoW
IsDBCSLeadByte
CreateProcessW
GlobalAddAtomW
GlobalGetAtomNameW
SearchPathW
GetProfileIntW
ExpandEnvironmentStringsW
CreateDirectoryW
lstrcmpW
FileTimeToSystemTime
FileTimeToLocalFileTime
EnumSystemCodePagesW
GetExitCodeProcess
UnmapViewOfFile
GetStdHandle
SetConsoleCtrlHandler
CreatePipe
MapViewOfFile
GetVolumeInformationW
SuspendThread
ResumeThread
GetDriveTypeW
GetPrivateProfileStringW
InterlockedExchange
RaiseException
LoadLibraryA
GetModuleHandleW
GlobalDeleteAtom
GlobalFindAtomW
GetCurrentThreadId
lstrcatW
GetVersion
lstrlenA
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
SetLastError
lstrcmpA
lstrcpynW
lstrcmpiA
SetEvent
SetThreadPriority
CreateEventW
GetPrivateProfileIntW
WritePrivateProfileStringW
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
MoveFileW
GetFileAttributesW
SetFileTime
GetFileTime
GetDiskFreeSpaceW
GlobalFlags
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessVersion
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
LocalFileTimeToFileTime
GlobalSize
GetStartupInfoW
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
TerminateProcess
CreateThread
ExitThread
HeapReAlloc
HeapSize
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetTimeFormatW
SetStdHandle
CompareStringA
CompareStringW
GetOEMCP
SetEnvironmentVariableA
CopyFileW
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
FindResourceW
GlobalMemoryStatus
GetACP
GlobalLock

gdi32

GetTextAlign
GetPolyFillMode
GetStretchBltMode
GetNearestColor
CopyMetaFileW
LPtoDP
GetViewportOrgEx
SetAbortProc
StartPage
EndPage
EndDoc
AbortDoc
SetRectRgn
Escape
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetROP2
GetCurrentPositionEx
IntersectClipRect
ExcludeClipRect
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
StartDocW
GetClipBox
StretchDIBits
CreateDIBitmap
CreatePatternBrush
SetTextAlign
SelectClipRgn
CreatePolygonRgn
CreateRectRgn
CombineRgn
GetRgnBox
Polygon
GetBkColor
GetCharABCWidthsW
GetOutlineTextMetricsW
GetDeviceCaps
CreateICW
EnumFontFamiliesExW
GetTextMetricsW
Rectangle
CreateRectRgnIndirect
GetStockObject
CreateSolidBrush
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
GetBkMode
GetTextColor
CreatePen
MoveToEx
LineTo
PatBlt
SetBkColor
CreateDCW
SelectObject
GetTextExtentPoint32W
GetTextFaceW
GetCharWidthW
GetTextExtentPoint32A
GetWindowOrgEx
CreateCompatibleBitmap
DeleteDC
SetTextColor
SetBkMode
ExtTextOutW
CreateFontIndirectW
DeleteObject
GetObjectW
CreateCompatibleDC
BitBlt

comdlg32

CommDlgExtendedError
ChooseColorW
GetFileTitleW
PrintDlgW
GetSaveFileNameW
GetOpenFileNameW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

SetSecurityDescriptorDacl
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyW
RegOpenKeyW
OpenThreadToken
OpenProcessToken
DuplicateToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
RegCloseKey
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
RegOpenKeyExW
RegEnumValueW
RegSetValueW
RegQueryValueW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

shell32

DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteExW
SHFileOperationW
DragQueryFileW
SHBrowseForFolderW
SHGetMalloc
SHGetDesktopFolder
SHGetPathFromIDListW
SHChangeNotify
ShellExecuteW
ExtractIconW

oledlg

OleUIBusyW

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemFree
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoRevokeClassObject
OleDuplicateData
OleGetClipboard
CreateStreamOnHGlobal
OleInitialize

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f2eeeef48180b1de6c5ad704a3f16ef

Headers

File Characteristics

Imports

user32

comctl32

version

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 166KB - Virtual size: 166KB

.data Size: 57KB - Virtual size: 269KB

.rsrc Size: 283KB - Virtual size: 283KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 166KB - Virtual size: 166KB

.data
Size: 57KB - Virtual size: 269KB

.rsrc
Size: 283KB - Virtual size: 283KB