06eaf45e1df170b231aae1bbed7a2fb7

Sharing

Copy URL Twitter E-mail

General

Target

06eaf45e1df170b231aae1bbed7a2fb7
Size

3.3MB
MD5

06eaf45e1df170b231aae1bbed7a2fb7
SHA1

66d004b3b63d1cd2f0a39df493cf559277f3e14e
SHA256

c9f953e71b9001f63716dc9264db35c14ab62d4f8421acb841d1756afc93c7d3
SHA512

8160b86b6e7fb818be2abf0a6c00fe5fa247058b2229de3fbd5c30e3b267706a11165f5d6bcdca7bc7116850a6c027e0e540bb4620a552774fbdbea009503a60
SSDEEP

98304:jfin3c7XSOMt8mgA0ZQad3Wc9Ph6eJZXlSOt5inQV0bfmtei:jJVJz3HTIG3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06eaf45e1df170b231aae1bbed7a2fb7

Files

06eaf45e1df170b231aae1bbed7a2fb7
.exe windows:6 windows x86 arch:x86

0599976a739a69901c788b2a526d0cff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualProtect
CreateFileW
WriteConsoleW
SetFilePointerEx
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetProcessHeap
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
CloseHandle
GetFileType
LCMapStringW
HeapFree
HeapAlloc
GetACP
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WriteFile
GetStdHandle
RaiseException
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer

user32

DlgDirListA
IsWindow
IsDialogMessage
IsChild
IsCharUpperW
IsCharLowerW
IsCharLowerA
IsCharAlphaNumericW
IsCharAlphaNumericA
IsCharAlphaA
InvalidateRgn
IntersectRect
InsertMenuItemW
InsertMenuItemA
InflateRect
InSendMessageEx
InSendMessage
ImpersonateDdeClientWindow
IMPSetIMEA
IMPQueryIMEW
IMPQueryIMEA
IMPGetIMEW
IMPGetIMEA
HiliteMenuItem
GrayStringA
GetWindowThreadProcessId
GetWindowTextLengthW
GetWindowRgn
GetWindowPlacement
GetWindowModuleFileName
GetWindowLongW
GetWindowInfo
GetWindowDC
GetUserObjectSecurity
GetTitleBarInfo
GetThreadDesktop
GetTabbedTextExtentA
GetSystemMetrics
GetSubMenu
GetScrollRange
GetScrollBarInfo
GetPropW
GetPropA
GetProcessWindowStation
GetProcessDefaultLayout
GetPriorityClipboardFormat
GetNextDlgTabItem
GetMonitorInfoA
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemRect
GetMenuItemInfoA
GetMenuItemCount
GetMenuInfo
GetMenuContextHelpId
GetMenuCheckMarkDimensions
GetLastActivePopup
GetKeyboardLayoutNameA
GetKeyNameTextW
GetInputState
GetInputDesktop
GetGUIThreadInfo
GetForegroundWindow
GetFocus
GetDlgItemTextA
GetDlgItemInt
GetDialogBaseUnits
GetDesktopWindow
GetCursorInfo
GetCursor
GetComboBoxInfo
GetClipboardViewer
GetClipboardSequenceNumber
GetClassWord
GetClassNameA
GetClassLongW
GetClassLongA
GetClassInfoW
GetClassInfoExW
GetCaretPos
GetCaretBlinkTime
GetAsyncKeyState
GetAltTabInfoW
FlashWindowEx
FlashWindow
FindWindowExA
FillRect
EqualRect
EnumWindowStationsA
EnumPropsExW
EnumPropsExA
EnumPropsA
EnumDisplaySettingsExA
EnumDesktopWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndMenu
EndDialog
EndDeferWindowPos
EnableWindow
EmptyClipboard
EditWndProc
DrawTextExW
DrawTextA
DrawIcon
DrawFrame
DrawFocusRect
DrawEdge
DrawCaption
DlgDirSelectExA
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DlgDirListW
DlgDirListComboBoxA
DispatchMessageA
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DestroyAcceleratorTable
DefWindowProcW
DefMDIChildProcA
DefDlgProcA
DdeUninitialize
DdeUnaccessData
DdeSetQualityOfService
DdeQueryStringW
DdeQueryStringA
DdeQueryConvInfo
DdeNameService
DdeInitializeW
DdeGetQualityOfService
DdeFreeStringHandle
DdeFreeDataHandle
DdeEnableCallback
DdeDisconnectList
DdeDisconnect
DdeCreateStringHandleA
DdeCreateDataHandle
DdeConnectList
DdeConnect
DdeClientTransaction
DdeAddData
DdeAbandonTransaction
CreateMDIWindowW
CreateMDIWindowA
CreateIconFromResource
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateDesktopW
CreateCaret
CreateAcceleratorTableW
CreateAcceleratorTableA
CountClipboardFormats
CopyImage
CopyIcon
CopyAcceleratorTableA
CloseWindow
ClipCursor
ClientToScreen
ChildWindowFromPoint
CheckMenuRadioItem
CheckMenuItem
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharToOemW
CharNextW
CharNextExA
CharLowerW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuA
ChangeClipboardChain
CallWindowProcA
CallNextHookEx
CallMsgFilterW
BroadcastSystemMessageW
BroadcastSystemMessage
BringWindowToTop
BlockInput
BeginPaint
BeginDeferWindowPos
AttachThreadInput
ArrangeIconicWindows
AppendMenuW
AppendMenuA
AnyPopup
MessageBoxA
DispatchMessageW

shell32

StrRStrA
DoEnvironmentSubstA
DragQueryFileW
DuplicateIcon
ExtractAssociatedIconW
ExtractIconEx
ExtractIconExW
ExtractIconW
FreeIconList
InternalExtractIconListA
RealShellExecuteA
RealShellExecuteExA
RealShellExecuteExW
SHAppBarMessage
SHChangeNotify
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHGetDataFromIDListW
SHGetDiskFreeSpaceA
SHGetFileInfoA
SHGetFileInfoW
SHGetMalloc
SHGetNewLinkInfo
ord179
SHGetSettings
SHGetSpecialFolderPathW
SHInvokePrinterCommandW
SHQueryRecycleBinA
ShellAboutA
ShellAboutW
ShellExecuteEx
ShellExecuteExA
Shell_NotifyIcon
Shell_NotifyIconA
Shell_NotifyIconW
StrChrA
StrChrIA
StrChrIW
StrCmpNIA
StrCmpNIW
StrNCmpIW
StrStrW

oleaut32

VARIANT_UserMarshal
VectorFromBstr
VariantTimeToDosDateTime
VariantCopyInd
VariantChangeTypeEx
VarUI4FromUI1
VarUI4FromStr
VarUI4FromR8
VarUI4FromR4
VarUI4FromI2
VarUI4FromBool
VarUI2FromUI4
VarUI2FromStr
VarUI2FromR4
VarUI2FromDisp
VarUI2FromDec
VarUI2FromDate
VarUI2FromBool
VarUI1FromUI2
VarUI1FromStr
VarUI1FromR8
VarUI1FromI4
VarUI1FromDisp
VarUI1FromDate
VarUI1FromCy
VarUI1FromBool
VarTokenizeFormatString
VarSu
VarR8Pow
VarR8FromUI4
VarR8FromUI2
VarR8FromUI1
VarR8FromI4
VarR8FromDec
VarR4FromUI1
VarR4FromStr
VarR4FromR8
VarR4FromI4
VarR4FromI2
VarR4FromDate
VarR4FromCy
VarPow
VarNot
VarMonthName
VarImp
VarIdiv
VarI4FromUI1
VarI4FromStr
VarI4FromR8
VarI4FromI2
VarI4FromI1
VarI4FromDate
VarI2FromUI2
VarI2FromUI1
VarI2FromStr
VarI2FromI1
VarI2FromDec
VarI2FromCy
VarI2FromBool
VarI1FromUI1
VarI1FromStr
VarI1FromR8
VarI1FromR4
VarI1FromI4
VarI1FromI2
VarI1FromCy
VarFormatDateTime
VarFormatCurrency
VarEqv
VarDecRound
VarDecNeg
VarDecMul
VarDecFromUI4
VarDecFromR8
VarDecFromR4
VarDecFromI1
VarDecFromDisp
VarDecFromDate
VarDecFromBool
VarDecDiv
VarDecCmpR8
VarDecCmp
VarDecAdd
VarDecAbs
VarDateFromUdateEx
VarDateFromUdate
VarDateFromUI4
VarDateFromUI1
VarDateFromStr
VarDateFromR8
VarDateFromI4
VarDateFromI2
VarDateFromDisp
VarDateFromDec
VarDateFromCy
VarDateFromBool
VarCySu
VarCyRound
VarCyNeg
VarCyMul
VarCyInt
VarCyFromUI2
VarCyFromUI1
VarCyFromStr
VarCyFromR4
VarCyFromI4
VarCyFromDisp
VarCyFromDec
VarCyFix
VarCyCmpR8
VarCyCmp
VarCyAdd
VarBstrFromUI1
VarBstrFromR8
VarBstrFromR4
VarBstrFromI2
VarBstrFromI1
VarBstrFromDate
VarBstrFromCy
VarBstrFromBool
VarBstrCat
VarBoolFromUI2
VarBoolFromStr
VarBoolFromI2
VarBoolFromI1
VarBoolFromDate
VARIANT_UserSize
CreateErrorInfo
VARIANT_UserFree
UnRegisterTypeLi
SysStringLen
SysStringByteLen
SysReAllocString
SysAllocString
SafeArrayPutElement
SafeArrayGetVartype
SafeArrayGetLBound
SafeArrayGetIID
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayCreateVectorEx
SafeArrayCreate
SafeArrayCopyData
SafeArrayAllocDescriptor
SafeArrayAccessData
RegisterTypeLi
RegisterActiveObject
OleSavePictureFile
OleLoadPicturePath
OleLoadPictureFileEx
OleLoadPictureFile
OleLoadPicture
OleIconToCursor
OleCreatePropertyFrameIndirect
OleCreatePictureIndirect
OleCreateFontIndirect
LoadRegTypeLi
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserMarshal
LHashValOfNameSysA
GetRecordInfoFromTypeInfo
GetAltMonthNames
BSTR_UserMarshal
BSTR_UserSize
ClearCustData
GetActiveObject
CreateStdDispatch
CreateTypeLi
DispCallFunc
DispGetIDsOfNames
DispInvoke

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 808KB - Virtual size: 815KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0599976a739a69901c788b2a526d0cff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 808KB - Virtual size: 815KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 808KB - Virtual size: 815KB

.rsrc
Size: 1KB - Virtual size: 1KB