1df33fe6f4c072f50cac2538181f4d30

Sharing

Copy URL

Twitter E-mail

General

Target

1df33fe6f4c072f50cac2538181f4d30
Size

376KB
MD5

1df33fe6f4c072f50cac2538181f4d30
SHA1

ce27d060403d12d2d33c7a905ee59a72fbb79780
SHA256

46941b0d174494689755a954dbedc21c1661a2d2b23351c365764231c3fa67a9
SHA512

13707419bbd349a630a1fd1fea36b23f93ddb4cb65a8c0d54631cd4e1366b6ed096f4f5927a8e5ad1a05ea1962e95c1a77cc31720c23942e110be7edf8933199
SSDEEP

6144:kTOZbgtTvASVNk+Kh3UO6FVLOLO9AOTZOa4uHYmM1L1auKF:kTggVouNk+KhV6F1rTYu6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1df33fe6f4c072f50cac2538181f4d30

Files

1df33fe6f4c072f50cac2538181f4d30
.exe windows:4 windows x64 arch:x64

ee9a7af8a465dd61569f4c15cc171a4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCommandLineA
GetProcessHeap
GetStartupInfoA
HeapSize
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlVirtualUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetACP
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
HeapReAlloc
HeapAlloc
RtlPcToFileHeader
RaiseException
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetSystemTimeAsFileTime
RtlUnwindEx
RtlLookupFunctionEntry
GetTickCount
SetErrorMode
GetCurrentProcess
GetThreadLocale
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
DeleteFileA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetModuleFileNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
FormatMessageA
LocalFree
MulDiv
GetFileAttributesA
GlobalFree
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalAlloc
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
FreeResource
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetModuleHandleA
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
lstrlenA
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
ExitProcess
LoadLibraryA
GetProcAddress
GetModuleFileNameA
Sleep
CreateFileA
WriteFile
GetEnvironmentStrings
CloseHandle
CreateFileW

user32

UnregisterClassA
RegisterClipboardFormatA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
CallWindowProcA
SystemParametersInfoA
PtInRect
GetDC
ReleaseDC
GetWindowRect
GetSystemMetrics
RegisterWindowMessageA
DestroyMenu
GetClassNameA
GetSysColor
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetFocus
GetDlgItem
GetKeyState
GetDlgCtrlID
GetMenu
LoadIconA
SetCursor
PeekMessageA
GetCapture
GetParent
SetActiveWindow
IsWindowVisible
IsIconic
SendMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoA
CopyRect
GetLastActivePopup
EndPaint
BeginPaint
GrayStringA
DrawTextExA
PostMessageA
GetDesktopWindow
GetWindowLongA
ShowWindow
GetWindow
IsWindow
EnableWindow
UpdateWindow
GetSysColorBrush
GetWindowPlacement
DrawTextA
TabbedTextOutA
LoadCursorA
ClientToScreen
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
SetWindowTextA
GetCursorPos
ValidateRect
PostQuitMessage
DefWindowProcA
TranslateMessage

gdi32

GetDeviceCaps
GetStockObject
SaveDC
RestoreDC
SetMapMode
CreateBitmap
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetBkColor
SetTextColor
GetClipBox
DeleteDC
GetObjectA
DeleteObject
SelectObject
PtVisible

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantChangeType
VariantInit
VariantClear

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee9a7af8a465dd61569f4c15cc171a4a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

.text Size: 239KB - Virtual size: 238KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 13KB - Virtual size: 36KB

.pdata Size: 19KB - Virtual size: 18KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 239KB - Virtual size: 238KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 13KB - Virtual size: 36KB

.pdata
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 20KB - Virtual size: 20KB