288294970056cebd9552e23bef46b4f0

Sharing

Copy URL Twitter E-mail

General

Target

288294970056cebd9552e23bef46b4f0
Size

296KB
MD5

288294970056cebd9552e23bef46b4f0
SHA1

8b73c1ba6394fdc279defe7e3d9e8170c8e0ffea
SHA256

4f7b76537c4ece839f0b5ad9d277c166c3e011ba0ae65fdc6db52ac39b0f392d
SHA512

3d527613a859a682902d484918690a93fbd87f681d9f2f0064080b82fc391f03c2ea2b2246c868f420df320d3cebf77380e930243ffd58adb9eb7f6ad981d2c3
SSDEEP

6144:MGobMXQ2NFwuuTMfteRbLIurpd0Jykb8NO6nL7v/i4Mdoa:MGop2NuBTMpWyXbcHn/vfMdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
288294970056cebd9552e23bef46b4f0

Files

288294970056cebd9552e23bef46b4f0
.exe windows:4 windows x86 arch:x86

0e800e71530182885335ba1384e8b2db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathAddBackslashW
PathCombineW
PathIsPrefixW
PathRelativePathToW
PathSkipRootW
PathCanonicalizeW
PathRenameExtensionW
PathIsURLW
PathRemoveExtensionW
PathStripPathW
PathRemoveBackslashW
PathFindFileNameW
PathStripToRootW
PathAppendW
PathFileExistsW
PathIsRootW
PathIsRelativeW
PathRemoveFileSpecW
SHAutoComplete

user32

RegisterClassExW
CharNextW
EndPaint
GetMessageW
GetActiveWindow
SystemParametersInfoW
BeginPaint
GetMessagePos
CheckDlgButton
MapDialogRect
GetParent
GetWindowRect
GetWindow
SendMessageW
GetDlgItemTextW
InvalidateRect
CloseClipboard
DefWindowProcW
LoadCursorW
GetDlgItem
SetDlgItemTextW
GetSystemMetrics
LoadImageW
CallWindowProcW
EmptyClipboard
EnableWindow
OpenClipboard
GetWindowTextLengthW
SetWindowTextW
GetMonitorInfoW
TranslateMessage
ReleaseDC
UnregisterClassA
SetWindowContextHelpId
CharUpperBuffW
ShowWindow
SetFocus
FrameRect
MonitorFromWindow
GetClientRect
EndDialog
GetSysColorBrush
MessageBoxW
SetCursor
SendDlgItemMessageW
GetSysColor
GetAsyncKeyState
RegisterClipboardFormatW
GetWindowLongW
IsDlgButtonChecked
SetWindowPos
DrawTextW
GetDC
PostMessageW
SetWindowLongW
CreateWindowExW
IsDialogMessageW
DispatchMessageW
IsClipboardFormatAvailable
MoveWindow
ScreenToClient
DrawFrameControl
MapWindowPoints
InflateRect
DialogBoxIndirectParamW
GetScrollInfo
DestroyWindow
ClientToScreen
SetParent

gdi32

DeleteDC
GetTextExtentPoint32W
DeleteObject
SelectObject
SetBkColor
SetTextColor
CreateFontIndirectW
CopyMetaFileW
CreateDCW

comctl32

ord17
ImageList_LoadImageW
ImageList_Destroy
ImageList_SetOverlayImage

ole32

OleDuplicateData
CLSIDFromString
StringFromCLSID
CreateStreamOnHGlobal
IIDFromString
ReleaseStgMedium
CreateDataAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateFreeThreadedMarshaler
OleFlushClipboard
StringFromIID
CoRevokeClassObject
OleSetClipboard
CoCreateInstance
OleGetClipboard
CoCreateGuid
StringFromGUID2
CoRegisterClassObject
CLSIDFromProgID
CoIsOle1Class
CoDisconnectObject
OleCreateEx
CoGetMalloc
BindMoniker
CoGetCallerTID

kernel32

SetEndOfFile
TlsSetValue
FreeLibrary
HeapReAlloc
UnmapViewOfFile
GlobalAlloc
GlobalReAlloc
FormatMessageW
GetCurrentDirectoryW
GetFileTime
SearchPathW
VirtualFree
FindResourceExW
GetCurrentThreadId
CreateFileMappingW
LockResource
LockFile
SetUnhandledExceptionFilter
FlushInstructionCache
GetComputerNameW
GetSystemDirectoryW
InterlockedPopEntrySList
lstrlenW
LoadResource
SwitchToThread
HeapFree
HeapDestroy
DeleteFileW
VirtualAlloc
TlsGetValue
FileTimeToSystemTime
DeleteCriticalSection
FindNextFileW
LeaveCriticalSection
lstrlenA
LocalFree
MapViewOfFile
CloseHandle
CreateDirectoryW
FindClose
GlobalFree
InitializeCriticalSectionAndSpinCount
HeapSize
CreateFileW
UnlockFile
GlobalSize
GetFullPathNameW
CreateEventW
CopyFileW
GlobalLock
IsProcessorFeaturePresent
EnterCriticalSection
GetProcessHeap
FindFirstFileW
SizeofResource
WriteFile
InterlockedPushEntrySList
HeapAlloc
RaiseException
GetFileType
FindResourceW
LocalAlloc
GetVolumeInformationW
OutputDebugStringW
IsDebuggerPresent
SetFileAttributesW
FlushFileBuffers
UnhandledExceptionFilter
ReadFile
WaitForSingleObject
SetFilePointer
GetWindowsDirectoryW
GlobalUnlock
GetSystemTimeAsFileTime
GetModuleHandleW
WideCharToMultiByte
CreateThread
GetFileSize
SetErrorMode
VirtualAllocEx

advapi32

OpenThreadToken
GetLengthSid
RegCloseKey
RegSetValueExW
EqualSid
RegCreateKeyExW
OpenProcessToken
CopySid
RegOpenKeyExW
RegQueryValueExW
GetTokenInformation

oleaut32

SafeArrayUnlock
SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayGetUBound
VariantChangeType
SafeArrayDestroy
SysFreeString
CreateErrorInfo
VariantClear
SafeArrayPutElement
SetErrorInfo
VariantCopy
VarBstrCmp
UnRegisterTypeLi
SysStringByteLen
VarBstrCat
SafeArrayLock
SafeArrayCreate
LoadTypeLi
SysStringLen
SysAllocStringByteLen
RegisterTypeLi
SysAllocString
LoadRegTypeLi
VariantInit

ws2_32

freeaddrinfo
bind
getaddrinfo
recv
accept
WSAStartup
socket
closesocket
ntohs
getsockname
send
WSASocketW
htons
WSAIoctl
listen

uxtheme

SetWindowTheme

secur32

FreeCredentialsHandle
AcquireCredentialsHandleA
ImpersonateSecurityContext
DecryptMessage
AcceptSecurityContext
CompleteAuthToken
EncryptMessage
QueryContextAttributesW
DeleteSecurityContext
RevertSecurityContext

iassdo

DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e800e71530182885335ba1384e8b2db

Headers

File Characteristics

Imports

shlwapi

user32

gdi32

comctl32

ole32

kernel32

advapi32

oleaut32

ws2_32

uxtheme

secur32

iassdo

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 254KB - Virtual size: 254KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 254KB - Virtual size: 254KB

.rsrc
Size: 10KB - Virtual size: 10KB