00e65706fbd8172094548c6d3b08a9bc

Sharing

Copy URL

Twitter E-mail

General

Target

00e65706fbd8172094548c6d3b08a9bc
Size

660KB
MD5

00e65706fbd8172094548c6d3b08a9bc
SHA1

611925338d5f2ea2944c93acc5976e141bc62898
SHA256

23e13c09c2f6bda9917aae7a466b825dd08f3027e1918baf63da686d5ee2379f
SHA512

9c480fa7027aa7edbbcda69d3abcaa4c9144e936443e1599256cf30e01d5bcb6faa8f64d77c9be13db9e812f2edc40471c8ead4e57f1d100599e3c238efc47a3
SSDEEP

12288:yON4IvLn7qAdYEDaYJLdi1qKLG9xHGw/boRw2DcKz:XN4IPqAdvDrJpI3mUG2v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00e65706fbd8172094548c6d3b08a9bc

Files

00e65706fbd8172094548c6d3b08a9bc
.exe windows:4 windows x86 arch:x86

bb0f23ecc46891493cd8fa1e1a5b657b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetVersionExA
GetEnvironmentVariableA
IsBadWritePtr
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
Sleep
IsBadCodePtr
SetStdHandle
GetTickCount
MulDiv
GetACP
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
CreateDirectoryA
GetDriveTypeA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
SetCurrentDirectoryA
SetEnvironmentVariableA
IsBadReadPtr
RaiseException
RtlUnwind
LCMapStringW
LCMapStringA
GetFileTime
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
WinExec
GetModuleHandleA
CloseHandle
WriteFile
ReadFile
SetFilePointer
GetFileSize
SetLastError
CreateFileA
GetLastError
FormatMessageA
LocalFree
GetFileAttributesA
InterlockedExchange
GetProfileStringA
DeleteFileA
GetFullPathNameA
GetVolumeInformationA
UnlockFile
SetEndOfFile
GetCurrentProcess
LockFile
FlushFileBuffers
GetThreadLocale
DuplicateHandle
SetErrorMode
GetCurrentDirectoryA
WritePrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetProcessVersion
GetOEMCP
GetCPInfo
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
DeleteCriticalSection
TlsFree
GlobalHandle
LocalAlloc
TlsAlloc
InitializeCriticalSection
SizeofResource
GlobalFlags
GetModuleFileNameA
GetCurrentThread
GlobalAlloc
lstrcmpA
FindClose
FindNextFileA
FindFirstFileA
WideCharToMultiByte
lstrcpynA
MultiByteToWideChar
lstrlenA
InterlockedIncrement
InterlockedDecrement
CompareStringA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
CompareStringW
GlobalGetAtomNameA

user32

MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
GetDesktopWindow
GetClassNameA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
SetCursor
PostQuitMessage
DestroyMenu
InflateRect
LoadStringA
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
PostMessageA
SendDlgItemMessageA
PostThreadMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
IsWindowVisible
ShowScrollBar
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
RegisterClipboardFormatA
CharUpperA
MapWindowPoints
PeekMessageA
GetClassInfoA
EnableMenuItem
GetMenu
FindWindowA
ShowWindowAsync
IsIconic
GetSystemMetrics
DrawIcon
LoadAcceleratorsA
TranslateAcceleratorA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
UpdateWindow
ReleaseCapture
KillTimer
SetTimer
SetCapture
GetKeyState
GetCursorPos
LoadBitmapA
ScreenToClient
PtInRect
OffsetRect
IntersectRect
FillRect
GetWindow
SetWindowRgn
CopyRect
DrawTextA
GetDC
GetClientRect
ReleaseDC
GetParent
GetSysColor
SendMessageA
LoadImageA
MessageBoxA
EnableWindow
InvalidateRect
GetWindowRect
ClientToScreen
RedrawWindow
MoveWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode

gdi32

GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
IntersectClipRect
LineTo
SelectPalette
GetObjectA
GetWindowExtEx
GetViewportExtEx
RectVisible
TextOutA
PtVisible
Escape
PatBlt
ExtTextOutA
GetMapMode
DPtoLP
LPtoDP
CreateDIBitmap
GetTextExtentPointA
RestoreDC
SaveDC
SelectObject
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
StretchBlt
GetPaletteEntries
GetDIBits
GetNearestPaletteIndex
DeleteObject
StretchDIBits
PtInRegion
Rectangle
GetTextColor
GetBkColor
CreateHalftonePalette
OffsetRgn
GetDeviceCaps
GetTextExtentPoint32A
CreateRectRgn
CombineRgn
CreateCompatibleBitmap
BitBlt
RealizePalette
CreateCompatibleDC
CreateFontA
CreatePen
CreateSolidBrush
GetDIBColorTable
CreatePalette

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ImageList_Destroy
_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoTaskMemFree
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocString
VariantClear
SysAllocStringLen
VariantTimeToSystemTime
VariantCopy
VariantChangeType

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb0f23ecc46891493cd8fa1e1a5b657b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 392KB - Virtual size: 391KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 28KB - Virtual size: 555KB

.rsrc Size: 160KB - Virtual size: 159KB

.text
Size: 392KB - Virtual size: 391KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 28KB - Virtual size: 555KB

.rsrc
Size: 160KB - Virtual size: 159KB