fce180877e1e5da4c2feb01db0a34f04968992e2a431b7e08bd9c4765a172a09

Sharing

Copy URL Twitter E-mail

General

Target

fce180877e1e5da4c2feb01db0a34f04968992e2a431b7e08bd9c4765a172a09
Size

14.6MB
MD5

e465e68869f37a073b0e2ad227285ad0
SHA1

1a132a399143642f78795d108b092ccba40a7a32
SHA256

fce180877e1e5da4c2feb01db0a34f04968992e2a431b7e08bd9c4765a172a09
SHA512

3cbb6d5a6f17245dbb6a518f1eb4a616a5bd2da277fb7d60c3a906aa5f4cb07035fc7b08353aa2c09fcd8ca11884ddda35da26fef6d7efbf4653d6509de558ac
SSDEEP

393216:UI3Zr6JOV4FbvqxL85PEqQ4Un0QZ2jtJvZ6T:UI56JOV4Fbvq9Wcq60q2jNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fce180877e1e5da4c2feb01db0a34f04968992e2a431b7e08bd9c4765a172a09

Files

fce180877e1e5da4c2feb01db0a34f04968992e2a431b7e08bd9c4765a172a09
.exe windows:5 windows x86 arch:x86

4663f825ec655596599253ce2ed2de37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

OutputDebugStringW
GetProcessHeap
SetEndOfFile
SetStdHandle
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStringTypeW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
HeapCreate
HeapSize
IsValidCodePage
Sleep
IsProcessorFeaturePresent
GetLocaleInfoW
lstrcpyW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
LCMapStringW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MoveFileA
HeapAlloc
HeapFree
RtlUnwind
DecodePointer
EncodePointer
InitializeCriticalSection
GetLocalTime
GetOEMCP
lstrcpynW
FormatMessageW
LocalFree
CloseHandle
GetCurrentProcess
GetStdHandle
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
WriteFile
SetFileTime
GetFileAttributesW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
GlobalAlloc
ExitProcess
MulDiv
GetTickCount
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
GetACP
GetFileSize
ReadFile
WideCharToMultiByte
FreeResource
LockResource
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW
DeleteFileW
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
GetTempPathW
lstrlenW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
CreateThread
SetThreadPriority
LoadLibraryW
GetProcAddress
GetModuleHandleW
CopyFileW
SetUnhandledExceptionFilter

user32

SetForegroundWindow
GetKeyboardLayout
MapVirtualKeyExW
GetKeyNameTextW
GetCaretBlinkTime
CreatePopupMenu
AppendMenuW
EnableMenuItem
TrackPopupMenu
DestroyMenu
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowRgn
DrawTextW
SetRect
CharPrevW
FillRect
GetWindowTextW
GetWindowTextLengthW
GetClassInfoExW
RegisterClassW
SetPropW
GetPropW
CallWindowProcW
EnableWindow
wsprintfW
IsWindowEnabled
EqualRect
GetMessageW
TranslateMessage
DispatchMessageW
DrawTextA
wsprintfA
InvalidateRgn
ReleaseCapture
PostQuitMessage
SetCursorPos
ClientToScreen
MoveWindow
GetWindowRect
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExW
GetSystemMetrics
RegisterDeviceNotificationW
GetGUIThreadInfo
SetWindowTextW
MessageBoxW
SetWindowPos
GetMonitorInfoW
MonitorFromWindow
SetFocus
GetActiveWindow
GetWindow
GetUpdateRect
IsWindowVisible
GetSysColor
MapWindowPoints
GetFocus
IsZoomed
GetCursorPos
LoadImageW
SetWindowRgn
IsIconic
ReleaseDC
UpdateLayeredWindow
GetDC
GetClientRect
KillTimer
SetTimer
SendMessageW
ShowWindow
GetParent
CharNextW
UpdateWindow
CreateWindowExW
LoadStringW
FindWindowW
EndPaint
BeginPaint
DestroyWindow
DefWindowProcW
RegisterClassExW
LoadCursorW
SystemParametersInfoW
PtInRect
IntersectRect
OffsetRect
IsRectEmpty
SetCursor
SetCapture
InflateRect
UnionRect
GetKeyState
SetWindowLongW
GetWindowLongW
InvalidateRect
IsWindow
CreateAcceleratorTableW
PostMessageW
ScreenToClient

gdi32

DeleteDC
CreateDIBSection
CreateRectRgn
DeleteObject
Rectangle
RestoreDC
BitBlt
CreateRoundRectRgn
CreateSolidBrush
CreatePatternBrush
SetTextColor
SetBkMode
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectObject
StretchBlt
SetStretchBltMode
LineTo
MoveToEx
CreatePenIndirect
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
GetObjectA
GdiFlush
PtInRegion
GetBitmapBits
SetBitmapBits
GetTextExtentPointA
CreateCompatibleDC
CreateFontIndirectW
GetTextMetricsW
GetObjectW
GetStockObject
PlayEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
GetEnhMetaFileHeader
CreateDIBitmap
CreatePen
AddFontMemResourceEx
RemoveFontMemResourceEx
SetWindowOrgEx
CloseEnhMetaFile
CombineRgn
SaveDC
CreateEnhMetaFileW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW

shell32

DragQueryFileW
ShellExecuteW

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
CreateStreamOnHGlobal
OleDuplicateData
DoDragDrop
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
OleInitialize
OleUninitialize
CoUninitialize

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
VariantClear
VariantInit

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdiplus

GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipDrawString
GdipMeasureString
GdipDrawImageRectRect
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipCloneImage
GdipCreatePen2
GdipCreateBitmapFromScan0
GdipSetPenStartCap
GdipSetPenEndCap
GdipGetImageGraphicsContext
GdipDrawLine
GdipDrawImageI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawRectangleI
GdipResetWorldTransform
GdipSetWorldTransform
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipReleaseDC
ord1
GdipAddPathLine
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetPenMode
GdipCreateSolidFill
GdipTranslateMatrix
GdipRotateMatrix
GdipSetImageAttributesColorMatrix
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteFont
GdipDeletePath
GdipCreatePath
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipDeleteMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipDrawImageRectI
GdipCreateFromHDC
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipCreateMatrix

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

shlwapi

PathIsDirectoryW
PathFindFileNameW

ws2_32

WSAStartup
gethostname
gethostbyname

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.0MB - Virtual size: 13.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4663f825ec655596599253ce2ed2de37

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

imm32

shlwapi

ws2_32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 276KB - Virtual size: 276KB

.data Size: 13KB - Virtual size: 492KB

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 13.0MB - Virtual size: 13.0MB

.reloc Size: 150KB - Virtual size: 150KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 276KB - Virtual size: 276KB

.data
Size: 13KB - Virtual size: 492KB

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 13.0MB - Virtual size: 13.0MB

.reloc
Size: 150KB - Virtual size: 150KB