3aea58822584dcfd28e4d8adfd9bfb91

Sharing

Copy URL

Twitter E-mail

General

Target

3aea58822584dcfd28e4d8adfd9bfb91
Size

94KB
MD5

3aea58822584dcfd28e4d8adfd9bfb91
SHA1

cd7712839ee8895582f13ee362f23e99849d235d
SHA256

36c20fa8adad30828133d1b2ffc1615e4f49c53526dbb759a12071adf51ce99f
SHA512

8d4f8405cd145c0b68777ced7c4203240cfcfc1ff2bc635c3b3559946bf981b72672c1be708e5357a972acf7f34ae26b9cfd0a2d520043c9944cffa61dc294bc
SSDEEP

1536:OX40jHB/OuwLYfJmHCeETtxwsKsX33ttQCjuDb6p6lVNYR/c9vJx2QWSS:NEkuwMJkET0833tjsb6shYRU9xC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aea58822584dcfd28e4d8adfd9bfb91

Files

3aea58822584dcfd28e4d8adfd9bfb91
.exe windows:5 windows x86 arch:x86

c84d9d112aac1cc2fcfec1ec9b93d432

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosDateTimeToFileTime
FileTimeToDosDateTime
LoadLibraryW
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
lstrcatA
CreateFileA

user32

SendNotifyMessageW
SetClipboardData
SetDebugErrorLevel
SetDeskWallpaper
SetDlgItemTextW
SetMenuContextHelpId
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoA
SetMenuItemInfoW
SetMessageExtraInfo
SetProcessWindowStation
SetPropA
SetScrollInfo
SetScrollPos
SetWinEventHook
SetWindowContextHelpId
SetWindowLongA
SetWindowTextA
SetWindowWord
SetWindowsHookExA
SendMessageW
ShowOwnedPopups
ShowWindow
SubtractRect
SwapMouseButton
SwitchToThisWindow
SystemParametersInfoW
TabbedTextOutA
ToUnicode
TrackPopupMenuEx
TranslateMDISysAccel
UnhookWinEvent
UpdateWindow
ValidateRect
ValidateRgn
VkKeyScanExA
VkKeyScanExW
VkKeyScanW
WINNLSGetIMEHotkey
WinHelpA
WinHelpW
WindowFromDC
WindowFromPoint
keybd_event
mouse_event
wsprintfW
wvsprintfA
SendMessageCallbackA
SendIMEMessageExW
SendDlgItemMessageA
ScrollWindowEx
ScreenToClient
RemovePropW
RemovePropA
RemoveMenu
ReleaseDC
RegisterHotKey
RegisterDeviceNotificationW
RegisterClassExA
RealGetWindowClassW
RealGetWindowClassA
RealChildWindowFromPoint
PtInRect
PostQuitMessage
PackDDElParam
OpenWindowStationW
OpenDesktopW
MsgWaitForMultipleObjectsEx
MoveWindow
ActivateKeyboardLayout
ModifyMenuW
MessageBoxExW
MessageBoxExA
MessageBoxA
MapVirtualKeyW
MapVirtualKeyExA
MapDialogRect
LookupIconIdFromDirectoryEx
LoadStringW
LoadMenuW
LoadMenuIndirectW
LoadMenuIndirectA
LoadMenuA
LoadKeyboardLayoutW
LoadImageA
LoadCursorFromFileW
LoadAcceleratorsA
IsZoomed
IsWindowUnicode
IsWindowEnabled
IsRectEmpty
IsHungAppWindow
IsCharUpperA
IsCharAlphaA
InvertRect
InvalidateRgn
InvalidateRect
IntersectRect
InSendMessageEx
IMPSetIMEW
IMPSetIMEA
IMPQueryIMEW
IMPQueryIMEA
IMPGetIMEW
HideCaret
GrayStringA
GetWindowTextW
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
AllowSetForegroundWindow
GetWindowModuleFileName
GetWindowContextHelpId
GetWindow
GetUpdateRect
GetSysColorBrush
GetSysColor
GetQueueStatus
GetPropA
GetProcessWindowStation
GetProcessDefaultLayout
GetParent
GetOpenClipboardWindow
GetMouseMovePointsEx
GetMessageTime
GetMessagePos
GetMenuItemInfoW
GetMenuInfo
GetMenu
GetListBoxInfo
GetLastInputInfo
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutNameA
GetKeyboardLayout
GetKeyState
GetKBCodePage
GetInputDesktop
GetGUIThreadInfo
GetFocus
GetDlgItemTextA
GetDlgItem
GetClipboardSequenceNumber
GetClipboardOwner
GetClipboardFormatNameW
GetClipboardFormatNameA
GetClipboardData
GetClassInfoW
GetClassInfoExW
GetCapture
GetAltTabInfoA
GetAltTabInfo
FreeDDElParam
FrameRect
FindWindowW
FindWindowExW
FindWindowA
EqualRect
EnumWindows
EnumWindowStationsW
EnumDisplaySettingsA
EnumDisplayDevicesW
EndTask
EndDialog
EnableWindow
DrawTextExA
DrawStateW
DrawFocusRect
DrawAnimatedRects
DlgDirSelectExW
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DlgDirListW
DlgDirListComboBoxA
DlgDirListA
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxIndirectParamW
DestroyMenu
DestroyIcon
DestroyAcceleratorTable
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DdeQueryNextServer
DdeInitializeW
DdeInitializeA
DdeImpersonateClient
DdeEnableCallback
DdeDisconnectList
DdeCreateStringHandleA
DdeCmpStringHandles
DdeClientTransaction
DdeAbandonTransaction
CreateWindowStationA
CreateMenu
CreateMDIWindowA
CreateIconIndirect
CreateIcon
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateCursor
CreateCaret
CopyImage
CopyIcon
CloseWindowStation
CloseWindow
CloseDesktop
CloseClipboard
ChildWindowFromPointEx
CheckMenuRadioItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharToOemBuffW
CharPrevW
CharPrevExA
CharPrevA
CharNextW
CharNextExA
CharNextA
ChangeDisplaySettingsExA
CascadeChildWindows
BringWindowToTop
BlockInput
BeginDeferWindowPos
AttachThreadInput
ArrangeIconicWindows
AppendMenuA
AnyPopup
AnimateWindow
SetWindowsHookExW

comdlg32

ChooseColorA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW

ole32

StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorage
StgOpenStorageOnILockBytes
StgPropertyLengthAsVariant
StgSetTimes
StringFromCLSID
UtGetDvtd32Info
WdtpInterfacePointer_UserFree
WdtpInterfacePointer_UserMarshal
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserUnmarshal
WriteClassStg
WriteOleStg
StgIsStorageILockBytes
StgIsStorageFile
StgGetIFillLockBytesOnILockBytes
StgCreateStorageEx
StgCreatePropStg
StgCreatePropSetStg
StgConvertPropertyToVariant
SetConvertStg
STGMEDIUM_UserUnmarshal
STGMEDIUM_UserMarshal
STGMEDIUM_UserFree
SNB_UserUnmarshal
SNB_UserMarshal
SNB_UserFree
ReleaseStgMedium
RegisterDragDrop
ReadFmtUserTypeStg
ReadClassStg
PropVariantCopy
PropVariantClear
PropStgNameToFmtId
ProgIDFromCLSID
OpenOrCreateStream
OleTranslateAccelerator
OleSetMenuDescriptor
OleSetClipboard
OleSetAutoConvert
OleSaveToStream
OleSave
OleRegGetUserType
OleRegGetMiscStatus
OleRegEnumFormatEtc
OleQueryCreateFromData
OleNoteObjectVisible
OleMetafilePictFromIconAndLabel
OleLoadFromStream
OleLoad
OleIsCurrentClipboard
OleInitializeWOW
OleInitialize
OleGetIconOfClass
OleGetClipboard
OleGetAutoConvert
OleFlushClipboard
OleDraw
OleDoAutoConvert
OleCreateStaticFromData
OleCreateMenuDescriptor
OleCreateLinkToFileEx
OleCreateLinkToFile
OleCreateLinkFromData
OleCreateFromFileEx
OleCreateFromFile
OleCreateFromData
OleCreateEx
OleCreateEmbeddingHelper
OleCreate
OleConvertOLESTREAMToIStorage
OleConvertIStorageToOLESTREAMEx
OleBuildVersion
MonikerCommonPrefixWith
IsEqualGUID
IsAccelerator
IIDFromString
HWND_UserUnmarshal
HWND_UserMarshal
HWND_UserFree
HPALETTE_UserUnmarshal
HPALETTE_UserSize
HPALETTE_UserMarshal
HPALETTE_UserFree
HMETAFILE_UserMarshal
HMETAFILE_UserFree
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserFree
HMENU_UserSize
HMENU_UserMarshal
HMENU_UserFree
HICON_UserUnmarshal
HICON_UserSize
HICON_UserMarshal
HGLOBAL_UserFree
HENHMETAFILE_UserUnmarshal
HENHMETAFILE_UserSize
HENHMETAFILE_UserMarshal
HDC_UserUnmarshal
HDC_UserSize
HDC_UserFree
HBRUSH_UserUnmarshal
HBRUSH_UserSize
HBRUSH_UserMarshal
HBRUSH_UserFree
HBITMAP_UserUnmarshal
HBITMAP_UserSize
HBITMAP_UserMarshal
HACCEL_UserUnmarshal
HACCEL_UserSize
HACCEL_UserMarshal
GetRunningObjectTable
GetHookInterface
GetHGlobalFromStream
GetHGlobalFromILockBytes
GetDocumentBitStg
GetClassFile
FreePropVariantArray
FmtIdToPropStgName
EnableHookObject
DoDragDrop
DllGetClassObjectWOW
DllDebugObjectRPCHook
DcomChannelSetHResult
CreateStreamOnHGlobal
CreateStdProgressIndicator
CreateObjrefMoniker
CreateItemMoniker
CreateILockBytesOnHGlobal
CreateClassMoniker
CreateBindCtx
CoWaitForMultipleHandles
CoUnloadingWOW
CoUninitialize
CoTreatAsClass
CoTestCancel
CoTaskMemRealloc
CoTaskMemAlloc
CoSwitchCallContext
CoSuspendClassObjects
CoSetProxyBlanket
CoRevokeMallocSpy
CoResumeClassObjects
CoReleaseServerProcess
CoRegisterSurrogateEx
CoRegisterPSClsid
CoRegisterMallocSpy
CoQueryProxyBlanket
CoQueryClientBlanket
CoQueryAuthenticationServices
CoMarshalInterface
CoLockObjectExternal
CoLoadLibrary
CoIsOle1Class
CoInstall
CoInitializeSecurity
CoInitialize
CoImpersonateClient
CoGetTreatAsClass
CoGetPSClsid
CoGetMarshalSizeMax
CoGetMalloc
CoGetInterfaceAndReleaseStream
CoGetCurrentProcess
CoGetCurrentLogicalThreadId
CoGetCancelObject
CoGetCallerTID
CoFreeLibrary
CoFreeAllLibraries
CoFileTimeToDosDateTime
CoFileTimeNow
CoDisableCallCancellation
CoCreateObjectInContext
CoCreateGuid
CoAllowSetForegroundWindow
CoAddRefServerProcess
CLSIDFromString
CLSIDFromProgID
CLIPFORMAT_UserUnmarshal
CLIPFORMAT_UserSize
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserFree
BindMoniker
CoSetCancelObject

oleaut32

OleTranslateColor
QueryPathOfRegTypeLi
RegisterActiveObject
RevokeActiveObject
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCreate
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayGetIID
SafeArrayGetRecordInfo
SafeArrayGetVartype
SafeArrayRedim
SafeArraySetIID
SafeArrayUnaccessData
SafeArrayUnlock
SysAllocString
SysAllocStringLen
SysReAllocStringLen
SysStringLen
UnRegisterTypeLi
VARIANT_UserFree
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAdd
VarAnd
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI4
VarBoolFromUI1
VarBoolFromUI2
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmpR8
VarCyFix
VarCyFromDate
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyInt
VarCyRound
VarCySu
VarDateFromBool
VarDateFromI1
VarDateFromI4
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecCmp
VarDecCmpR8
OleSavePictureFile
VarDecFromDate
VarDecFromDisp
VarDecFromI2
VarDecFromR4
VarDecFromStr
VarDecFromUI2
VarDecInt
VarDecMul
VarDecSu
VarDiv
VarFormat
VarFormatPercent
VarI1FromCy
VarI1FromDate
VarI1FromDisp
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI2FromDate
VarI2FromDec
VarI2FromI1
VarI2FromI4
VarI2FromR8
VarI2FromUI1
VarI2FromUI4
VarI4FromBool
VarI4FromDate
VarI4FromR8
VarI4FromUI1
VarInt
VarMod
VarNumFromParseNum
VarParseNumFromStr
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDisp
VarR4FromI1
VarR4FromStr
VarR4FromUI1
VarR4FromUI4
VarR8FromDate
VarR8FromDec
VarR8FromI1
VarR8FromI2
VarR8FromStr
VarR8Pow
VarR8Round
VarSu
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromR4
VarUI1FromR8
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDisp
VarUI2FromI1
VarUI2FromR4
VarUI2FromUI4
VarUI4FromCy
VarUI4FromDate
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromR8
VarUI4FromUI1
VarUI4FromUI2
VarXor
OleLoadPicturePath
OleLoadPictureEx
OleLoadPicture
OleCreatePropertyFrameIndirect
OleCreatePropertyFrame
OleCreatePictureIndirect
OleCreateFontIndirect
LoadTypeLibEx
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_Unmarshal
LHashValOfNameSysA
GetRecordInfoFromGuids
DispInvoke
DispGetParam
DispGetIDsOfNames
CreateTypeLib2
CreateErrorInfo
ClearCustData
VarDecFix
BSTR_UserUnmarshal

msvcrt

memcpy

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c84d9d112aac1cc2fcfec1ec9b93d432

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

oleaut32

msvcrt

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 220B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 220B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB