15c97f4eb16280f80714bef633360658

Sharing

Copy URL Twitter E-mail

General

Target

15c97f4eb16280f80714bef633360658
Size

43KB
MD5

15c97f4eb16280f80714bef633360658
SHA1

cfee7b4c5bbfbc4d8aabedfbdcc7ad9668da8f1f
SHA256

aa0bd4e5cfb8027658fe127afee97e2b27e7e8f9a2554c5c3b06a8530ff80727
SHA512

55725c4172d446454981ac2e8392fe17753f180edc7674da37c94ac31ad2342af02b3b279245a5af8b1e2020df40d73a4b5bc7e41b53be4610f33120bd87cbd2
SSDEEP

384:pDcv+Dvu/HpZcFS5JAj3ob/pIQzohChZbZEUn:pYWC/JZ0STO3eI2GqZX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c97f4eb16280f80714bef633360658

Files

15c97f4eb16280f80714bef633360658
.exe windows:5 windows x86 arch:x86

33376e9b4b830bf46e880c461bf2a9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
GetTempPathA
GetThreadLocale
GetThreadSelectorEntry
GetTimeFormatW
GetUserDefaultLCID
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetWriteWatch
GlobalCompact
GlobalUnWire
HeapAlloc
IsBadCodePtr
IsBadHugeWritePtr
IsValidCodePage
IsValidLanguageGroup
LoadResource
LocalSize
LockFile
MapViewOfFileEx
MoveFileA
MoveFileExW
OpenSemaphoreA
OpenWaitableTimerW
PeekConsoleInputW
Process32Next
QueryInformationJobObject
GetStringTypeW
ReplaceFile
RequestDeviceWakeup
RtlMoveMemory
SearchPathA
SetComputerNameExW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetFileApisToOEM
SetFilePointerEx
SetFileTime
SetLocaleInfoW
SetNamedPipeHandleState
SetPriorityClass
SetTapePosition
SetThreadExecutionState
SetThreadLocale
SetTimerQueueTimer
SignalObjectAndWait
UnlockFile
VerLanguageNameW
VerifyVersionInfoW
WriteConsoleInputA
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
lstrcpyA
lstrcpyn
GetShortPathNameA
GetProfileIntW
GetPrivateProfileStructA
GetNumberFormatA
GetMailslotInfo
GetFileType
GetFileAttributesA
GetDateFormatA
GetComputerNameExW
GetCommandLineA
GetCommState
GetCalendarInfoA
FindFirstVolumeA
FindFirstChangeNotificationW
FindClose
EnumUILanguagesA
EnumTimeFormatsW
ExitProcess
EnumResourceTypesA
EnumDateFormatsExA
EnterCriticalSection
DuplicateHandle
DnsHostnameToComputerNameW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DefineDosDeviceA
CreateWaitableTimerW
CreateSemaphoreW
CreateProcessW
CreateProcessA
CreateMailslotW
CreateMailslotA
CreateJobObjectW
ContinueDebugEvent
CloseHandle
AreFileApisANSI
GetStartupInfoA
GetStartupInfoW
GetModuleHandleW
ReadConsoleW

msvcrt

memset

user32

GetMouseMovePointsEx
GetNextDlgGroupItem
GetScrollInfo
GetUserObjectSecurity
GetWindowLongW
InSendMessage
InSendMessageEx
IsCharLowerA
IsIconic
IsWindow
LoadCursorFromFileW
LoadCursorW
LoadMenuA
LockWindowUpdate
LookupIconIdFromDirectoryEx
MapDialogRect
MapVirtualKeyExW
MessageBoxExW
ModifyMenuW
OemToCharBuffW
PaintDesktop
PostQuitMessage
RegisterClassExA
ReleaseDC
ReuseDDElParam
SendDlgItemMessageW
SendIMEMessageExA
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetActiveWindow
SetClassLongA
SetKeyboardState
SetMenuItemInfoA
SetScrollInfo
SetThreadDesktop
SetUserObjectSecurity
SetWindowRgn
SetWindowsHookA
ShowWindowAsync
SwapMouseButton
TrackMouseEvent
TranslateMessage
UnhookWindowsHook
UnionRect
ValidateRect
WindowFromDC
wsprintfA
GetMessageExtraInfo
GetMenuState
GetMenuItemInfoW
GetKeyboardLayout
GetCursorPos
GetCursor
GetClipboardOwner
GetClassInfoExA
GetClassInfoA
GetActiveWindow
FreeDDElParam
FindWindowExA
FindWindowA
FillRect
EnumWindowStationsW
DrawTextW
DrawIconEx
DrawFrameControl
DestroyWindow
DdeQueryNextServer
DdeFreeDataHandle
DdeCreateDataHandle
DdeConnect
CreateWindowStationW
CreateWindowExA
CreateIconIndirect
CreateIconFromResourceEx
CopyIcon
CloseClipboard
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharNextExA
CharLowerA
ChangeDisplaySettingsExA
CallWindowProcW
BeginPaint
AnyPopup
DdeAbandonTransaction

gdi32

EngLoadModule
EngPaint
EngStretchBltROP
EngStrokePath
EnumFontsA
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_vGetInfo
FontIsLinked
GdiConvertAndCheckDC
GdiConvertPalette
GdiConvertRegion
GdiCreateLocalMetaFilePict
GdiEntry16
GdiEntry8
GdiGetLocalBrush
GdiPlayJournal
GdiProcessSetup
GdiRealizationInfo
EngCreateClip
GetCharWidthFloatA
GetCharWidthI
GetCharWidthInfo
GetEnhMetaFileW
GetFontData
GetGlyphOutlineA
GetKerningPairs
GetROP2
GetTextExtentExPointI
GetTextExtentPoint32A
GetViewportOrgEx
NamedEscape
PatBlt
RealizePalette
RemoveFontResourceW
ResizePalette
SetICMMode
GetCharABCWidthsA
EngAcquireSemaphore

advapi32

RegOpenKeyA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text6
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo7
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33376e9b4b830bf46e880c461bf2a9e1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.text6 Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 76B

owtwo1 Size: 1024B - Virtual size: 1000B

owtwo2 Size: 4KB - Virtual size: 3KB

.owtwo3 Size: 4KB - Virtual size: 3KB

.owtwo4 Size: 4KB - Virtual size: 3KB

.owtwo5 Size: 4KB - Virtual size: 3KB

.owtwo6 Size: 4KB - Virtual size: 3KB

.owtwo7 Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 8KB - Virtual size: 7KB

.text6
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 76B

owtwo1
Size: 1024B - Virtual size: 1000B

owtwo2
Size: 4KB - Virtual size: 3KB

.owtwo3
Size: 4KB - Virtual size: 3KB

.owtwo4
Size: 4KB - Virtual size: 3KB

.owtwo5
Size: 4KB - Virtual size: 3KB

.owtwo6
Size: 4KB - Virtual size: 3KB

.owtwo7
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B