04bee9cff52248376b3122d5de356e00

Sharing

Copy URL Twitter E-mail

General

Target

04bee9cff52248376b3122d5de356e00
Size

938KB
MD5

04bee9cff52248376b3122d5de356e00
SHA1

18fd6c88ba4324d1c5d5719ad55e25c032482011
SHA256

e5136e6b72cc0f3c339634e6c81f285ae2de7426493e515d5f72568aed6f8559
SHA512

99aa0a27a759673d9f2716c7f9b07393ce75aaeba2d362b7bf47bf4b10b44e8d7f8da0b514ce2469ae4412bdf503796d73ded6af9cc724b6030cd4f07521d82b
SSDEEP

12288:dS+OwVao6FEDBvgtLzVX/38LXCrHnKtCxwwf8dXEtaw2crUZR28QuPoH4Fe9JvB4:E2Vao6FSbtCxUdUsw5mTQuQEO3u1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04bee9cff52248376b3122d5de356e00

Files

04bee9cff52248376b3122d5de356e00
.exe windows:5 windows x86 arch:x86

7a18ec5d094800e233db03af9564d138

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
HeapAlloc
HeapFree
RaiseException
RtlUnwind
HeapReAlloc
Sleep
ExitProcess
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetCommandLineA
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
CompareStringW
SetEnvironmentVariableA
GetExitCodeProcess
CreateProcessA
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
GetModuleHandleW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetThreadLocale
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
FormatMessageA
LocalFree
WaitForSingleObject
FreeResource
lstrlenA
WritePrivateProfileStringA
GlobalAddAtomA
GetCurrentProcessId
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
MultiByteToWideChar
GlobalLock
GlobalUnlock
MulDiv
SetLastError
GlobalFree
GlobalAlloc
VirtualProtect
GetModuleHandleA
GetCurrentProcess
GetSystemTime
OutputDebugStringA
LockResource
SizeofResource
WideCharToMultiByte
GetTickCount
LoadResource
FindResourceA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
GetLastError
GetTempPathA
CloseHandle
GetSystemDirectoryA
WriteFile
HeapCreate
SetEnvironmentVariableW
CreateFileA

user32

RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
SetFocus
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
CopyAcceleratorTableA
SetWindowContextHelpId
SetWindowPos
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
PostMessageA
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
SetCursor
SetTimer
GetWindowRect
FillRect
SetCapture
KillTimer
DrawIconEx
GetParent
TrackMouseEvent
WindowFromPoint
PtInRect
CreateIconIndirect
GetIconInfo
GetDC
ShowCursor
InflateRect
InvalidateRect
ReleaseDC
GetSysColor
GetCursorPos
GetSysColorBrush
IsWindow
ReleaseCapture
CharNextA
CharUpperA
MapWindowPoints
LoadCursorA
DestroyIcon
IsIconic
LoadIconA
DrawIcon
SendMessageA
GetSystemMetrics
EnableWindow
RegisterHotKey
MessageBoxA
DrawTextA
GetClientRect
GrayStringA
DestroyMenu
DrawTextExA
TabbedTextOutA
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
MapDialogRect
IsRectEmpty
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
SetMenu
SetForegroundWindow
GetWindow
CreateWindowExA

gdi32

RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
LineTo
MoveToEx
GetObjectA
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
GetStockObject
GetDeviceCaps
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateFontA
GetTextExtentPoint32A
GetDIBits
Rectangle
SetDIBits
CreatePen
CreateSolidBrush
BitBlt
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
PtVisible
SetBoundsRect
Escape
RectVisible
TextOutA
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysFreeString

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 538KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0mp0
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.0mp1
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a18ec5d094800e233db03af9564d138

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 219KB - Virtual size: 218KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 538KB - Virtual size: 553KB

.rsrc Size: 54KB - Virtual size: 53KB

.0mp0 Size: 36KB - Virtual size: 35KB

.0mp1 Size: 17KB - Virtual size: 16KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 219KB - Virtual size: 218KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 538KB - Virtual size: 553KB

.rsrc
Size: 54KB - Virtual size: 53KB

.0mp0
Size: 36KB - Virtual size: 35KB

.0mp1
Size: 17KB - Virtual size: 16KB

.reloc
Size: 16KB - Virtual size: 16KB