3ab5563184f4de26d8dcb2d20049c136

Sharing

Copy URL Twitter E-mail

General

Target

3ab5563184f4de26d8dcb2d20049c136
Size

284KB
MD5

3ab5563184f4de26d8dcb2d20049c136
SHA1

f5fda0f7e0344f012ff4448f22da17d464de29b0
SHA256

a346a03f5cbee980a5825665ebecf110dd431ee30296be365c4f96a9abab1d7d
SHA512

2b7b019c234d2c9a37c9e75b16cff01dbf109012ff2ddd58780d24acb66176289b6f45377ba32ca283cb38355ff70cf6eee09d161778ebc3e6e09f1e16aedb1f
SSDEEP

6144:5ye0QTF5YCOpAK2YbkHmCOWrTHdHuHtFE2/G1pJYr:PBOWRowrTHdHiEUU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ab5563184f4de26d8dcb2d20049c136

Files

3ab5563184f4de26d8dcb2d20049c136
.exe windows:4 windows x86 arch:x86

163e609cbc1e38c01122003d6e4113a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindNextUrlCacheEntryA
InternetReadFile
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetOpenW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueW
RegQueryValueExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
ChangeServiceConfigW

ole32

CoRegisterMessageFilter
CoInitializeEx
CoRevokeClassObject
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateILockBytesOnHGlobal
HBITMAP_UserFree
OleFlushClipboard
OleInitialize
OleUninitialize
StgCreateDocfileOnILockBytes
CoGetClassObject

gdi32

ScaleWindowExtEx
ScaleViewportExtEx
SelectObject
RestoreDC
RectVisible
PtVisible
OffsetViewportOrgEx
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
StretchBlt
TextOutW
SaveDC
OffsetRgn
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetStockObject
GetObjectW
GetMapMode
GetDeviceCaps
GetBkColor
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateBitmap
CreateCompatibleDC

comdlg32

GetFileTitleW
ChooseFontA

user32

SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadImageW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsChild
InvalidateRgn
InvalidateRect
IntersectRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetTopWindow
GetTabbedTextExtentW
GetSystemMetrics
GetSysColorBrush
SetMenuItemBitmaps
ShowWindow
GetPropW
GetParent
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DispatchMessageW
DestroyWindow
DestroyMenu
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CopyAcceleratorTableW
ClientToScreen
CheckMenuItem
CharUpperW
CharNextW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetForegroundWindow
SetFocus
SetCursor
SetWindowLongW
SetWindowContextHelpId
SetRect
GetSubMenu
SetPropW
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
GetSysColor
ReleaseCapture
LoadIconW

kernel32

VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpA
lstrcmpW
lstrlenA
lstrlenW
LockFile
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
WideCharToMultiByte
UnlockFile
UnhandledExceptionFilter
TlsSetValue
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsDBCSLeadByteEx
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeA
GetStdHandle
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
TlsGetValue
FindResourceW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale
CompareStringW
CloseHandle

shell32

ShellExecuteW
SHGetFolderPathW

oleaut32

VariantInit
VariantCopy
VariantClear
VariantChangeType
SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayDestroy
OleCreateFontIndirect
VariantTimeToSystemTime

comctl32

InitCommonControlsEx

Exports

Exports

DeleteConfigFiles

Sections

.text
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

163e609cbc1e38c01122003d6e4113a0

Headers

File Characteristics

Imports

wininet

winspool.drv

shlwapi

oledlg

advapi32

ole32

gdi32

comdlg32

user32

kernel32

shell32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 104KB

.rdata Size: 137KB - Virtual size: 140KB

.data Size: 14KB - Virtual size: 112KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 101KB - Virtual size: 104KB

.rdata
Size: 137KB - Virtual size: 140KB

.data
Size: 14KB - Virtual size: 112KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 23KB