32d0daaf62f0d09da9c24c645279751b

Sharing

Copy URL Twitter E-mail

General

Target

32d0daaf62f0d09da9c24c645279751b
Size

117KB
MD5

32d0daaf62f0d09da9c24c645279751b
SHA1

0082b4bbd83db6eff83120ffe17097e7f51f4151
SHA256

77ff461876e2be04a89c98b864ebde0b842df63191a799fb4fccb4176281bc96
SHA512

68ab318abd5c48d395861f7b676d8a25134474db00c022b3f89d582eb145b2e9db5391d807f4ee5ad23a588266d6a18920170fece4da4d2c65339c51c399b0b9
SSDEEP

3072:16SQVlpd9vGqjdAc0lLxzH5NdmBM+Waduxgs8qtXsMcneupAyCt2TfRk:nQVHL530z3TadulRbdupAn2TZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32d0daaf62f0d09da9c24c645279751b

Files

32d0daaf62f0d09da9c24c645279751b
.exe windows:5 windows x86 arch:x86

02543914694763a48f033faf7e316a63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

olecli32

LeClone
LeExecute
ErrSetUpdateOptions
OleUnlockServer
OleQueryOutOfDate
ObjQuerySize
OleReconnect
OleQueryCreateFromClip
LeShow
OleCreateInvisible
LeDraw
PbLoadFromStream
MfQueryBounds
MfCopy
OleCopyToClipboard

kernel32

CreateDirectoryA
ReleaseSemaphore
DeviceIoControl
ExpandEnvironmentStringsA
OpenProcess
GetFullPathNameW
CopyFileW
LoadLibraryExA
SetThreadPriority
FindNextFileA
VirtualFree
CreateMutexW
GetExitCodeProcess
WriteConsoleW
VirtualAlloc
RemoveDirectoryW
CreateMutexA
GetComputerNameW
FileTimeToLocalFileTime

gdi32

RealizePalette
CreatePalette
CreateFontIndirectA
GetTextMetricsA
BitBlt
CreateDIBitmap
GetDeviceCaps
CreateSolidBrush
SetTextColor
GetTextExtentPointA
SelectPalette
ExtTextOutA
SaveDC
CreateCompatibleDC
CreateRectRgn
GetStockObject
SelectObject
DeleteObject
GetSystemPaletteEntries
RestoreDC
GetObjectA
MoveToEx
SetBkColor
SelectClipRgn
UnrealizeObject
CreatePen

dnsapi

Dns_RecvTcp

oleacc

DllCanUnloadNow
CreateStdAccessibleProxyW
WindowFromAccessibleObject
GetRoleTextW
AccessibleObjectFromWindow
DllUnregisterServer
AccessibleObjectFromPoint
LresultFromObject
IID_IAccessible
ObjectFromLresult
CreateStdAccessibleObject
DllGetClassObject
GetOleaccVersionInfo
GetRoleTextA
LIBID_Accessibility
IID_IAccessibleHandler
AccessibleChildren
GetStateTextA
CreateStdAccessibleProxyA
AccessibleObjectFromEvent
GetStateTextW

advapi32

RegQueryValueExW
RegQueryValueExA
RegCreateKeyExA
OpenThreadToken
GetTokenInformation
OpenProcessToken
RegOpenKeyExA
RegDeleteValueW
RegEnumValueW
RegSetValueExW
FreeSid
RegOpenKeyExW
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyW
RegDeleteKeyA
InitializeSecurityDescriptor
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueA
AllocateAndInitializeSid
RegCreateKeyExW
CloseServiceHandle

Sections

.textbss
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02543914694763a48f033faf7e316a63

Headers

DLL Characteristics

File Characteristics

Imports

olecli32

kernel32

gdi32

dnsapi

oleacc

advapi32

Sections

.textbss Size: - Virtual size: 104KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 68KB - Virtual size: 67KB

.idata Size: 32KB - Virtual size: 32KB

.debug Size: 6KB - Virtual size: 6KB

.text Size: 1KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 104KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 68KB - Virtual size: 67KB

.idata
Size: 32KB - Virtual size: 32KB

.debug
Size: 6KB - Virtual size: 6KB

.text
Size: 1KB - Virtual size: 1KB