b2c1883ef5b1fb55dd0f824b4c55c1b8738ce2b9126263a8ee88f613d3a49b50

Sharing

Copy URL Twitter E-mail

General

Target

b2c1883ef5b1fb55dd0f824b4c55c1b8738ce2b9126263a8ee88f613d3a49b50
Size

1.2MB
MD5

adc58a08432c4896507b5fa9b63ad37a
SHA1

987d4c912bf1417f898bd386ecf83d568c2c9c6e
SHA256

b2c1883ef5b1fb55dd0f824b4c55c1b8738ce2b9126263a8ee88f613d3a49b50
SHA512

b03597e16ec500266da44d7ad82b76182907f79376079a670f91f50f3ea5400600a9a8cd7b64fa2ab1c53520425e0d106cfea130988ca28b6d761d09befeddf4
SSDEEP

12288:ySY6Yt1kOSiI0Aj+szAq3LB+yp+nvPndPdfVZcTkfVVOPmzp/ijRYjNi9dFHgcQT:yXSiAiqbrpefOPw/+YwLrQT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2c1883ef5b1fb55dd0f824b4c55c1b8738ce2b9126263a8ee88f613d3a49b50

Files

b2c1883ef5b1fb55dd0f824b4c55c1b8738ce2b9126263a8ee88f613d3a49b50
.exe windows:5 windows x86 arch:x86

f5d8f39f03f7280aa43620a7304a53ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

CreateFileW
GetFileAttributesW
GetFileSizeEx
GetFileTime
FindResourceExW
SetErrorMode
GetStartupInfoW
HeapFree
ExitProcess
GetSystemTimeAsFileTime
DeleteFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
SetStdHandle
GetFileType
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetFileAttributesA
GetCurrentDirectoryA
GetDriveTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetExitCodeProcess
CreateProcessA
GetProcessHeap
FreeEnvironmentStringsA
GetEnvironmentStrings
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
VirtualProtect
InterlockedDecrement
CloseHandle
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
lstrlenA
lstrcmpA
GetModuleHandleA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
lstrlenW
FindNextFileW
SetCurrentDirectoryW
CreateDirectoryW
GetPrivateProfileIntW
SetThreadLocale
GetProcAddress
LoadLibraryW
Sleep
WritePrivateProfileStringW
CopyFileW
TerminateProcess
WaitForSingleObject
GetLastError
OutputDebugStringW
GetPrivateProfileStringW
GetVersion
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
GetModuleFileNameW
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DeleteFileW
MoveFileW
GetCurrentDirectoryW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
SetHandleCount

user32

UnregisterClassW
GetMessageW
TranslateMessage
ValidateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DefWindowProcW
CallWindowProcW
PtInRect
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
ReleaseDC
GetDC
IsWindow
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
PostThreadMessageW
GetMenuState
ReleaseCapture
SetCapture
CharUpperW
LoadCursorW
GetSysColorBrush
GetCapture
DestroyMenu
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDlgCtrlID
PostMessageW
DrawIcon
GetSystemMetrics
IsIconic
AppendMenuW
GetSystemMenu
LoadIconW
SetTimer
KillTimer
SetCursor
FillRect
GetClientRect
UpdateWindow
InvalidateRect
RedrawWindow
GetWindowRect
GetParent
GetAsyncKeyState
ScreenToClient
GetCursorPos
GetSysColor
OffsetRect
CopyRect
SendMessageW
EnableWindow

gdi32

SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
Escape
TextOutW
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
ExtTextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetViewportOrgEx
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
CreateSolidBrush
SetTextAlign
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
GetDeviceCaps
Rectangle
BitBlt
SetViewportOrgEx

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA
StrToIntExW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CoDisconnectObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

oleaut32

SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SysAllocString
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
OleCreateFontIndirect

Sections

.text
Size: 929KB - Virtual size: 929KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5d8f39f03f7280aa43620a7304a53ed

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 929KB - Virtual size: 929KB

.rdata Size: 246KB - Virtual size: 246KB

.data Size: 13KB - Virtual size: 33KB

.rsrc Size: 84KB - Virtual size: 83KB

.text
Size: 929KB - Virtual size: 929KB

.rdata
Size: 246KB - Virtual size: 246KB

.data
Size: 13KB - Virtual size: 33KB

.rsrc
Size: 84KB - Virtual size: 83KB