21e1d601e34c2cd0aa6600f8ad6eeddb

Sharing

Copy URL

Twitter E-mail

General

Target

21e1d601e34c2cd0aa6600f8ad6eeddb
Size

326KB
MD5

21e1d601e34c2cd0aa6600f8ad6eeddb
SHA1

1832d37fc967f15ff4d075dc174c18820523bd61
SHA256

8ca0741f9dbd909f69c95b80d9544c0f1e31410b4fa28e8d22ba2a9bc521bf03
SHA512

cfb951f00f61e96f4c785d3b3896238d86530e7368875c575dcaac902f77911633b689d2ed81c781057f87bf3d6d87447202410dfe16834a34d5477c508b6d6c
SSDEEP

6144:mnszRen2FMooihbM2M13nOQIUgYN9dZNbqoyo+1/wlShr:KszRg2Fto4Edf3dqoE1/w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21e1d601e34c2cd0aa6600f8ad6eeddb

Files

21e1d601e34c2cd0aa6600f8ad6eeddb
.exe windows:4 windows x86 arch:x86

f4739a5a09d64c2d5141fe7e78d1cff9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColorBrush
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
CharUpperW
WinHelpW
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
SystemParametersInfoA
ShowWindow
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowLongW
SetWindowContextHelpId
SetRect
SetPropW
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
PtInRect
PostThreadMessageW
PostQuitMessage
PeekMessageW
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSystemMenu
AdjustWindowRectEx
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DrawIcon
DispatchMessageW
DestroyWindow
DestroyMenu
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CopyIcon
CopyAcceleratorTableW
CheckMenuItem
ClientToScreen

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

gdi32

OffsetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetRgnBox
GetObjectW
GetMapMode
GetDeviceCaps
GetClipBox
PtVisible
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
DeleteDC
CreateRectRgnIndirect
CreateFontW
CreateBitmap
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
RectVisible
RestoreDC
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetWindowExtEx
GetBkColor
SetViewportOrgEx
SaveDC

oleaut32

VariantInit
VariantTimeToSystemTime
VariantClear
VariantChangeType
SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
VariantCopy
OleCreateFontIndirect
SafeArrayDestroy

oledlg

OleUIBusyW

advapi32

RegOpenCurrentUser
RegSetValueExW
RegQueryValueW
RegQueryValueExW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW

comctl32

ord17

kernel32

HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalLock
GlobalFree
GlobalFlags
GlobalAlloc
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetProcessHeap
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
HeapReAlloc
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CopyFileW
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
LeaveCriticalSection
LoadLibraryW
LoadResource
LocalAlloc
LockResource
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpW
lstrlenA
lstrlenW
GetFileAttributesW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
OleIsCurrentClipboard
CoInitialize
CoRevokeClassObject
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
CoCreateInstance

shell32

ShellExecuteW
ExtractIconW

comdlg32

GetFileTitleW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

Sections

.text
Size: 258KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4739a5a09d64c2d5141fe7e78d1cff9

Headers

File Characteristics

Imports

user32

winspool.drv

gdi32

oleaut32

oledlg

advapi32

comctl32

kernel32

ole32

shell32

comdlg32

shlwapi

Sections

.text Size: 258KB - Virtual size: 260KB

.rdata Size: 41KB - Virtual size: 44KB

.data Size: 15KB - Virtual size: 52KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 258KB - Virtual size: 260KB

.rdata
Size: 41KB - Virtual size: 44KB

.data
Size: 15KB - Virtual size: 52KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 4KB