10e9ce9bd1778790fbed17b0024bf349

Sharing

Copy URL Twitter E-mail

General

Target

10e9ce9bd1778790fbed17b0024bf349
Size

3.0MB
MD5

10e9ce9bd1778790fbed17b0024bf349
SHA1

7082f8301dbb56853e8529196c4c32d4f65a392a
SHA256

046515d85ac6c38b5d61fba326c192776bdfeda1b3d5f0bdfbd349910d2f28a9
SHA512

970393cdbe138404f364ec282cb904cbd1c441ae965c2a37839ef3e4546ddf4eaebcf1d24285460fe1af091504fd911e3fb92a37c3b273c35ea17358732a5110
SSDEEP

49152:jK0Xs821prBg10EgOvr71XPkTPE0WbLrgZug4TuuQOungunEug4TuuQOungun:jK08821pTxOvL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10e9ce9bd1778790fbed17b0024bf349

Files

10e9ce9bd1778790fbed17b0024bf349
.exe windows:5 windows x86 arch:x86

018701099023afca0e382e9008e75467

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

timeSetEvent
timeKillEvent
timeGetDevCaps
timeGetTime

comctl32

ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_Read
ImageList_Write
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_GetImageInfo
FlatSB_GetScrollPos
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollProp
InitializeFlatSB
ImageList_Destroy
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_Add
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_Replace
ImageList_DrawEx
ImageList_Remove
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Copy
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_Create
ImageList_DragMove

kernel32

HeapAlloc
HeapFree
HeapSize
GetCurrentProcessId
ExitProcess
TerminateProcess
RaiseException
UnhandledExceptionFilter
CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
ExitThread
GetExitCodeThread
GetLastError
SetLastError
SetErrorMode
SuspendThread
ResumeThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObject
Sleep
LoadResource
SizeofResource
GlobalDeleteAtom
GetLogicalDrives
GetFileType
GetFileSize
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
DeviceIoControl
SetEndOfFile
SetFilePointer
FindClose
GetFileTime
SetFileTime
MulDiv
GetSystemTimeAsFileTime
GetLocalTime
GetSystemInfo
GetTimeZoneInformation
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetTickCount
FormatMessageW
MapViewOfFile
UnmapViewOfFile
HeapDestroy
TlsGetValue
TlsSetValue
SleepEx
WaitForMultipleObjectsEx
CreateMutexW
OpenMutexW
CreateEventW
CreateFileMappingW
OpenFileMappingW
HeapCreate
LoadLibraryA
LoadLibraryW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
GetStartupInfoW
GetCommandLineA
GetCommandLineW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
OutputDebugStringW
FindResourceW
EnumResourceNamesW
GlobalAddAtomW
GlobalFindAtomW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetDriveTypeW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetDiskFreeSpaceW
CreateDirectoryW
RemoveDirectoryW
GetFullPathNameW
QueryDosDeviceW
CreateFileW
SetFileAttributesW
GetFileAttributesW
GetFileAttributesExW
DeleteFileW
FindFirstFileW
FindNextFileW
CopyFileW
MoveFileW
MoveFileExW
SetVolumeLabelW
GetVolumeInformationW
GetComputerNameW
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExW
GetACP
GetCPInfoExW
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
GetDateFormatW
EnumCalendarInfoW
IsValidLocale
GetThreadLocale
SetThreadLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
GetConsoleOutputCP
GetStartupInfoA
RtlUnwind
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
TlsFree
GetEnvironmentVariableA
GetVersionExA
InterlockedDecrement
InterlockedIncrement
FatalAppExitA
GetCPInfo
GetOEMCP
HeapReAlloc
IsBadWritePtr
SetConsoleCtrlHandler
VirtualQueryEx
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalSize
GlobalAlloc
GetVersion
GetProcAddress
FreeLibrary
GetModuleHandleA
LockResource
FreeResource
GetLogicalDriveStringsW
GetLocaleInfoA
EnumSystemLocalesA
CompareStringA
CompareStringW
lstrlenW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
IsValidCodePage

user32

GetSystemMetrics
GetMenuStringW
GetMenuState
DrawMenuBar
GetSystemMenu
CreateMenu
CreatePopupMenu
DestroyMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
DeleteMenu
TrackPopupMenu
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
DrawTextW
DrawTextExW
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
GetDC
GetDCEx
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
EnableScrollBar
SetPropW
GetPropW
RemovePropW
SetWindowTextW
GetWindowTextW
GetClientRect
GetWindowRect
MessageBoxW
MessageBeep
SetCursorPos
GetCursorPos
HideCaret
ShowCaret
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
GetSysColorBrush
DrawFocusRect
FillRect
FrameRect
SetRect
InflateRect
SubtractRect
CreateAcceleratorTableW
SetWindowLongW
GetClassLongW
SetClassLongW
GetDesktopWindow
GetParent
SetParent
EnumChildWindows
MsgWaitForMultipleObjectsEx
FindWindowExW
CharUpperBuffW
EnumThreadWindows
GetClassNameW
GetTopWindow
GetWindowThreadProcessId
GetLastActivePopup
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
LoadBitmapW
LoadCursorW
DestroyCursor
LoadIconW
CreateIcon
DestroyIcon
CopyImage
DrawIconEx
CopyIcon
GetIconInfo
LoadStringW
IsDialogMessageA
IsDialogMessageW
SetScrollInfo
GetScrollInfo
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SystemParametersInfoW
OemToCharA
CharToOemA
IsClipboardFormatAvailable
EmptyClipboard
EnumClipboardFormats
CountClipboardFormats
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgCtrlID
GetDlgItem
IsZoomed
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
ShowOwnedPopups
ShowWindow
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoW
UnregisterClassW
RegisterClassW
CallWindowProcW
PostQuitMessage
IsWindowEnabled
EnableWindow
IsWindowUnicode
KillTimer
GetWindowLongW
SetTimer
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
SendMessageA
GetMessageExtraInfo
GetMessageTime
GetMessagePos
ExitWindowsEx
PeekMessageW
PeekMessageA
DispatchMessageW
DispatchMessageA
TranslateMessage
DrawFrameControl
DrawEdge
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
GetKeyboardType
GetKeyNameTextW
GetKeyboardState
GetAsyncKeyState
GetKeyState
GetFocus
GetActiveWindow
SetFocus
CharNextW
CharLowerBuffW
FindWindowW
CharLowerW
RegisterWindowMessageW
EnumDesktopWindows
GetKeyboardLayoutList
GetKeyboardLayoutNameW
EnumWindows
CharUpperW
LoadKeyboardLayoutW
BringWindowToTop

winspool.drv

EnumPrintersW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

OpenProcessToken
FreeSid
LookupPrivilegeValueW
RegCloseKey
RegConnectRegistryW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegLoadKeyW
RegOpenKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW
AllocateAndInitializeSid

shell32

ShellExecuteExW
ExtractIconExW
ShellExecuteW
DragQueryFileW
Shell_NotifyIconW

ole32

OleRegEnumVerbs
IsAccelerator
StringFromCLSID
OleSetMenuDescriptor
OleUninitialize
OleInitialize
CoInitialize
CoUninitialize
CoGetClassObject
OleDraw
CoCreateInstance
ProgIDFromCLSID
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

VariantCopy
VariantClear
VariantInit
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCreate
SysFreeString
SysReAllocStringLen
SysAllocStringLen
VariantChangeType

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msacm32

acmStreamClose

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.resh
Size: 577KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 834KB - Virtual size: 834KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

018701099023afca0e382e9008e75467

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comctl32

kernel32

user32

winspool.drv

advapi32

shell32

ole32

oleaut32

version

msacm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 13KB - Virtual size: 14.1MB

.tls Size: 512B - Virtual size: 12B

.resh Size: 577KB - Virtual size: 577KB

.rsrc Size: 834KB - Virtual size: 834KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 13KB - Virtual size: 14.1MB

.tls
Size: 512B - Virtual size: 12B

.resh
Size: 577KB - Virtual size: 577KB

.rsrc
Size: 834KB - Virtual size: 834KB