15f1039ce749bd2189f5800445bb0ccd

Sharing

Copy URL Twitter E-mail

General

Target

15f1039ce749bd2189f5800445bb0ccd
Size

92KB
MD5

15f1039ce749bd2189f5800445bb0ccd
SHA1

54daa8a676a4477ba52b380357515037b675111a
SHA256

2eba1b1e5e683da2a4e9e54c3e90595b1b2d9db3c6db9b16d46c7e07e7b0501e
SHA512

6b6c9a2b911e1f018571d28420ab1134c2bd6c77fb556fa584b6deec14b1c8029cef77d059105be3dc2d7790521beda698379d233121de088926805852d04b4e
SSDEEP

1536:2fSrHpBB3gFPCTLnvicCzqUSjiLwD/ZK0C9rq38cghFHV8WGXK0egRsKKKvNNZh4:26zpBlg4PnszqUSiwNY9rqMBBV05egSP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15f1039ce749bd2189f5800445bb0ccd

Files

15f1039ce749bd2189f5800445bb0ccd
.exe windows:4 windows x86 arch:x86

00376488641fec3bb73ec5c9f35dc387

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

IsEqualGUID
CoRegisterMessageFilter
IIDFromString
CoLoadLibrary
CreateGenericComposite
StringFromCLSID
ReadOleStg
CreateStreamOnHGlobal
CoCreateFreeThreadedMarshaler
CoFreeLibrary
OleMetafilePictFromIconAndLabel
StgSetTimes
CreateObjrefMoniker
OleCreateLinkFromData
CreateOleAdviseHolder
StgGetIFillLockBytesOnILockBytes
IsAccelerator
OleNoteObjectVisible
CoIsHandlerConnected
OleSetMenuDescriptor
OleCreateLinkToFileEx
OpenOrCreateStream
CoGetInstanceFromIStorage
OleGetClipboard
OleLoad
CoCreateInstance
CreateAntiMoniker
StgIsStorageFile
UtConvertDvtd32toDvtd16
OleConvertOLESTREAMToIStorage
OleGetIconOfFile
GetClassFile
CoInitializeSecurity
StgOpenStorageEx
MonikerRelativePathTo
WriteClassStm
CoGetObject
CoGetInterfaceAndReleaseStream
CoGetInstanceFromFile
CreateFileMoniker
GetRunningObjectTable
CoCopyProxy
OleLoadFromStream
OleCreateEx
CreateDataAdviseHolder
StgOpenAsyncDocfileOnIFillLockBytes
OleCreateFromDataEx
GetConvertStg
SetConvertStg
OleCreateDefaultHandler
WriteClassStg
CoMarshalInterface
CoGetTreatAsClass
CoRegisterSurrogate
GetHGlobalFromStream
GetHGlobalFromILockBytes
CreatePointerMoniker
CoGetMarshalSizeMax
CoAddRefServerProcess
GetHookInterface
CoGetCallContext
CreateILockBytesOnHGlobal
StgCreateDocfile
RevokeDragDrop
CoRevokeMallocSpy
CoImpersonateClient
CoRegisterPSClsid
OleCreateStaticFromData
ReleaseStgMedium

shlwapi

PathIsPrefixA
PathIsPrefixW
UrlUnescapeW
StrChrIW
PathIsRootW
SHRegGetUSValueW
SHQueryInfoKeyW
PathIsRelativeA
SHEnumKeyExW
SHEnumValueW
PathFindOnPathA
StrCatBuffW
UrlApplySchemeA
PathMatchSpecW
StrPBrkW
PathRemoveExtensionA
PathIsNetworkPathA
SHRegQueryInfoUSKeyW
SHCreateShellPalette
PathMakeSystemFolderA
PathIsRelativeW
StrRChrIW
StrStrA
StrToIntW
PathStripPathA
PathCombineW
UrlCanonicalizeA
PathMatchSpecA
PathParseIconLocationW
PathSetDlgItemPathA
UrlGetLocationW
StrPBrkA
PathCombineA
StrToIntExA
PathSkipRootA
PathSkipRootW
PathAddBackslashA
PathGetArgsA
PathSearchAndQualifyW
StrCmpNW
PathGetArgsW
PathIsDirectoryW
GetMenuPosFromID
PathRemoveBackslashA
StrRetToBufA
PathUnmakeSystemFolderA
SHDeleteEmptyKeyA
UrlIsOpaqueA
SHOpenRegStream2W
UrlIsW
SHStrDupA
ColorHLSToRGB
SHOpenRegStream2A
StrRChrW
UrlCombineW
PathIsUNCW
SHRegOpenUSKeyW
UrlHashW
UrlGetPartA
UrlIsNoHistoryA
ChrCmpIA
SHDeleteKeyA
UrlGetPartW
PathIsSameRootW
PathCreateFromUrlA
SHEnumKeyExA
PathIsContentTypeA
wnsprintfW
PathFindFileNameW
StrStrIA
wnsprintfA
StrFormatKBSizeW
PathRemoveBackslashW
PathBuildRootW
PathCreateFromUrlW

kernel32

GlobalFlags
Heap32ListNext
WriteConsoleOutputA
GetModuleHandleW
lstrcpynW
EnumResourceTypesW
ReadFile
ReleaseSemaphore
SetVolumeLabelA
UpdateResourceW
HeapCompact
FileTimeToDosDateTime
EnumSystemLocalesW
OpenEventA
GetSystemTime
LocalHandle
WriteConsoleOutputAttribute
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
VirtualAlloc
lstrcat
BuildCommDCBA
GetPrivateProfileStructA
PeekNamedPipe
DeleteAtom
BackupWrite
SetCalendarInfoA
SetCommState
WriteProcessMemory
EnumCalendarInfoExW
GetSystemTimeAdjustment
GetCommTimeouts
FindNextFileA
FindResourceExA
CreateFiber
LCMapStringW
WideCharToMultiByte
SignalObjectAndWait
CallNamedPipeA
GetTempPathW
GetLogicalDrives
ResetEvent
ClearCommError
GetThreadPriority
CreateWaitableTimerA
GetPrivateProfileStringA
IsValidCodePage
GetFileTime
VirtualProtect
FileTimeToSystemTime
GetProcessWorkingSetSize
Module32First
EnumSystemCodePagesA
GetSystemDefaultLangID
EnumCalendarInfoA
FillConsoleOutputCharacterA
SetThreadLocale
TlsAlloc
SetConsoleOutputCP
EnumDateFormatsExA
SetLocaleInfoA
AddAtomA
MoveFileW
ReadConsoleOutputAttribute
ResetWriteWatch
SetProcessPriorityBoost
GetLocalTime
BackupSeek
SetDefaultCommConfigW
WriteFileGather
QueueUserAPC
EnumResourceNamesW
LocalSize
UpdateResourceA
CreateFileMappingA
FindResourceExW
CancelWaitableTimer
SetUnhandledExceptionFilter
lstrcmp
GetCommConfig
CreateIoCompletionPort
CancelDeviceWakeupRequest
FlushViewOfFile
GetExitCodeThread
Heap32First
TerminateProcess
UnlockFileEx
CreateSemaphoreA
CreateFileMappingW
CreateProcessA
GetNumberFormatA
MapViewOfFileEx
GetProcessTimes

user32

LookupIconIdFromDirectory
OemToCharA
SetClipboardData
LoadIconA
OemToCharW
OemKeyScan
SetMessageExtraInfo
SetMenuDefaultItem
DrawTextA
DestroyIcon
CopyAcceleratorTableA
SetWindowLongW
PtInRect
IsCharUpperW
ChangeClipboardChain
ArrangeIconicWindows
GetScrollRange
CreateDialogParamW
EndDeferWindowPos
SendDlgItemMessageW
WinHelpW
BeginPaint
SetClassLongA
TileWindows
FlashWindow
GetIconInfo
CallWindowProcW
RegisterClassExW
GetMessagePos
RemovePropA
GetMonitorInfoW
FrameRect
CreateWindowExW
GetWindowLongA
WaitForInputIdle
GetAsyncKeyState
IsWindow
GetDlgItem
GetClipCursor
ExitWindowsEx
GetUserObjectSecurity
PostThreadMessageA
EnumDisplayDevicesA
SetRect
DrawIconEx
SetClipboardViewer
GetWindowRgn
CharLowerBuffW
MapDialogRect
MessageBoxW
DdeConnectList
GetDlgItemTextA
GetClassNameW
SendMessageCallbackA
DdeNameService
ChangeMenuA
IsChild
MessageBeep
GrayStringA

advapi32

TrusteeAccessToObjectA
UnlockServiceDatabase
MakeAbsoluteSD
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
DeleteAce
RegFlushKey
AddAccessAllowedAce
GetExplicitEntriesFromAclW
GetMultipleTrusteeOperationA
SetSecurityDescriptorOwner
DuplicateToken
GetEffectiveRightsFromAclA
StartServiceCtrlDispatcherA
EqualPrefixSid
GetMultipleTrusteeW
CryptSetHashParam
SetServiceObjectSecurity
LookupAccountSidA
RegQueryInfoKeyA
RegQueryMultipleValuesW
GetSecurityDescriptorGroup
CloseServiceHandle
CryptGetUserKey
SetSecurityDescriptorGroup
RegSetValueW
BuildTrusteeWithNameA
RegUnLoadKeyW
GetSidSubAuthorityCount
BuildExplicitAccessWithNameA
SetPrivateObjectSecurity
QueryServiceConfigW
GetServiceKeyNameW
SetKernelObjectSecurity
ConvertAccessToSecurityDescriptorW
CryptExportKey
GetAuditedPermissionsFromAclA
BuildExplicitAccessWithNameW
GetTrusteeNameW
GetNamedSecurityInfoExW
IsTextUnicode
InitializeAcl
CryptGetHashParam
GetLengthSid
ObjectDeleteAuditAlarmA
RegisterServiceCtrlHandlerA
RegSaveKeyW
LookupAccountNameW
FreeSid
ChangeServiceConfigA
BuildSecurityDescriptorW
AdjustTokenPrivileges
LookupPrivilegeDisplayNameW
CryptVerifySignatureA
ChangeServiceConfigW
GetCurrentHwProfileW
RegEnumKeyA
AbortSystemShutdownW
GetKernelObjectSecurity
QueryServiceLockStatusA
RegEnumKeyExW
SetNamedSecurityInfoExA
CryptGetKeyParam
RegDeleteValueW
EnumServicesStatusA
GetAclInformation
GetMultipleTrusteeOperationW
CryptDecrypt
GetSecurityDescriptorDacl
StartServiceW
GetPrivateObjectSecurity
InitiateSystemShutdownW
AllocateLocallyUniqueId
EqualSid
SetAclInformation
IsValidSid
LogonUserW
StartServiceA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

00376488641fec3bb73ec5c9f35dc387

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 12KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 12KB