7011945ed36a9138b48d661f7f891129

Sharing

Copy URL Twitter E-mail

General

Target

7011945ed36a9138b48d661f7f891129
Size

579KB
MD5

7011945ed36a9138b48d661f7f891129
SHA1

1a9d422f0099857a364f84947ba6ba9f43c4337d
SHA256

6e2d387e9f77ce275f05430af415e7dc1da5e5642919329a7e31b38019ab693f
SHA512

63bf6d1c50b4643e8d8ab6204d411aa2ea6cd5eb4ed344faaafd39e61f7aa814a18f3924b0dc7b4217ec3f6dce75f037fbcac02ea0be57624982d6f934dce754
SSDEEP

3072:+8Bug8I6IP6orHTiJAz6oOz/+HERcpwpRPZIYZXjWzOTBke2y+BUlTpxV56cq:+8lrHTiJ4s+EjPZIcSLLaxVsR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7011945ed36a9138b48d661f7f891129

Files

7011945ed36a9138b48d661f7f891129
.exe windows:4 windows x86 arch:x86

b56500b77413751bf36c2c9b53c8ce14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapFree
RaiseException
HeapAlloc
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
ExitProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
GetTickCount
GetProfileStringA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CreateFileA
FindFirstFileA
FindClose
GetFileTime
GetFileSize
GetFileAttributesA
GetThreadLocale
lstrcpynA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
FormatMessageA
LocalFree
GlobalFree
LockResource
FindResourceA
LoadResource
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrlenA
InterlockedDecrement
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
Sleep
DeleteFileA
GetPrivateProfileStringA
WinExec
GetVersionExA
CreateMutexA
GetLastError
ReleaseMutex
GetFileType
GetSystemDirectoryA

user32

InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
PtInRect
GetDesktopWindow
CharNextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
CharUpperA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
LoadStringA
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
UnhookWindowsHookEx
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
UpdateWindow
LoadBitmapA
IsWindow
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
DestroyMenu
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
wsprintfA
CallNextHookEx
ValidateRect
PeekMessageA
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
SetTimer
SendMessageA
KillTimer
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
GetClassNameA
EnableWindow
SetCursor
LoadCursorA
SetRect
ReleaseDC
GetDC
FillRect
BringWindowToTop
RedrawWindow
IsWindowVisible
GetWindowRect
PostMessageA
PostQuitMessage
ScreenToClient
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
MessageBoxA
GetWindowLongA
GetMessagePos
GetSysColorBrush
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
DeleteObject
GetTextColor
GetStockObject
LineTo
MoveToEx
IntersectClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
CreatePen
BitBlt
CreateCompatibleDC
CreateSolidBrush
GetTextExtentPointA
CreateDIBitmap
CreateFontA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
CoDisconnectObject
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoRevokeClassObject
OleRun
CoUninitialize
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

olepro32

ord253

oleaut32

SysAllocStringLen
VariantInit
SysFreeString
SysAllocString
VariantCopy
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
LoadTypeLi
GetErrorInfo
VariantClear

urlmon

URLDownloadToFileA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 352KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b56500b77413751bf36c2c9b53c8ce14

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 352KB - Virtual size: 350KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 352KB - Virtual size: 350KB