4e582be6334fe41e41a27e7a3e60b72019bec0442a55c1e3c2b37043a282aeef

Sharing

Copy URL Twitter E-mail

General

Target

4e582be6334fe41e41a27e7a3e60b72019bec0442a55c1e3c2b37043a282aeef
Size

2.8MB
MD5

4d3891d8505bab30e06ade9d55b80954
SHA1

1e02716c43f2090bca26f2f7bfbb05208499cf9e
SHA256

4e582be6334fe41e41a27e7a3e60b72019bec0442a55c1e3c2b37043a282aeef
SHA512

cd22b3fe9af30b0439ffe0af640cb52bc41ae1b037ca690e2ed3f2d0ff5bb4b577bc607d11bfc3020cc4be8ea9e485f5dffe3ed23e5d8372602126835af386c8
SSDEEP

49152:26AX9jq67rEmi7oT4PQlTD2G3mGF4b6KzgLwz3mJF:ecYEmi7oT4m2CfF4u6gLwiJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e582be6334fe41e41a27e7a3e60b72019bec0442a55c1e3c2b37043a282aeef

Files

4e582be6334fe41e41a27e7a3e60b72019bec0442a55c1e3c2b37043a282aeef
.exe windows:5 windows x86 arch:x86

ed981ca8d6a3bf01a7179455c941e0eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHGetValueA
PathCombineA
PathFindFileNameW
StrStrIW
UrlCanonicalizeW
UrlCanonicalizeA
wvnsprintfW
SHGetValueW
PathCombineW
SHSetValueA
PathRemoveFileSpecW
StrStrIA
PathFileExistsW
PathIsDirectoryW
PathAppendW
PathIsRootW

kernel32

LoadResource
FindResourceW
SetLastError
GetFullPathNameW
FindFirstFileW
GetCurrentThreadId
InterlockedIncrement
DebugBreak
OutputDebugStringW
lstrlenA
GetTempFileNameW
GetTempPathW
GetModuleFileNameW
GetCommandLineW
GetLastError
GetTickCount
GetExitCodeThread
ResumeThread
GetWindowsDirectoryW
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
GetSystemDirectoryW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
MulDiv
GetVersionExW
GetDiskFreeSpaceExW
GlobalFree
GlobalLock
GlobalAlloc
GetFileSizeEx
GetPrivateProfileStringW
GetPrivateProfileIntW
GetFileAttributesExW
GetExitCodeProcess
TerminateProcess
Module32FirstW
CopyFileW
OpenProcess
WideCharToMultiByte
GlobalFindAtomW
TlsSetValue
TlsGetValue
TlsAlloc
SetEvent
CreateThread
CreateEventW
GetFileType
GetLongPathNameW
GetDriveTypeW
LoadLibraryA
GetSystemDirectoryA
InterlockedCompareExchange
CreateFileA
GetCurrentThread
VirtualAlloc
VirtualQuery
GetSystemInfo
GetThreadContext
SuspendThread
OpenThread
SetThreadPriority
GetThreadPriority
VirtualProtect
GetDriveTypeA
GetTimeZoneInformation
GetConsoleOutputCP
FlushFileBuffers
SizeofResource
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
PeekNamedPipe
GetFileInformationByHandle
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
SetHandleCount
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
HeapSize
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapReAlloc
GetStartupInfoW
GetStdHandle
WriteConsoleW
ExitProcess
ExitThread
IsDebuggerPresent
UnhandledExceptionFilter
RtlUnwind
lstrcmpiA
lstrcmpA
GetModuleHandleA
QueryPerformanceFrequency
QueryPerformanceCounter
ResetEvent
GetUserDefaultLangID
MoveFileW
InterlockedExchangeAdd
FreeLibraryAndExitThread
GetModuleHandleExW
CreateWaitableTimerW
SetWaitableTimer
CreateSemaphoreW
WaitForMultipleObjects
ReleaseSemaphore
TlsFree
HeapWalk
HeapLock
HeapUnlock
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
LocalAlloc
GlobalUnlock
FreeResource
LockResource
SetStdHandle
WriteFile
SetErrorMode
SetUnhandledExceptionFilter
Sleep
MoveFileExW
SetEnvironmentVariableA
CreateMutexW
WaitForSingleObject
GetLocalTime
ReleaseMutex
DeleteFileW
ReadFile
SetFilePointer
GetCurrentProcessId
DeviceIoControl
LoadLibraryW
FindClose
FindNextFileW
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
lstrlenW
lstrcpyW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
RemoveDirectoryW
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedExchange
CreateDirectoryW
GetFileAttributesW
CreateFileW
GetFileSize
CloseHandle
CompareStringA
CompareStringW
WriteConsoleA

user32

UnregisterClassA
SetScrollInfo
GetDesktopWindow
InflateRect
MoveWindow
UnregisterClassW
GetFocus
CallNextHookEx
CheckDlgButton
SetWindowsHookExW
IsDlgButtonChecked
GetDlgItemTextW
CreateDialogParamW
GetDlgCtrlID
GetClassNameW
UnhookWindowsHookEx
ShowScrollBar
SetScrollPos
GetScrollRange
GetScrollPos
SetFocus
GetScrollInfo
GetCursorPos
GetSystemMenu
DestroyMenu
EnableMenuItem
FindWindowExW
LoadIconW
PostQuitMessage
IsDialogMessageW
UpdateWindow
GetWindowPlacement
BringWindowToTop
KillTimer
RegisterClassExW
EnableWindow
GetClassInfoExW
IsIconic
ExitWindowsEx
GetSysColor
SetDlgItemTextW
SetTimer
CharUpperW
DrawTextW
GetSystemMetrics
LoadImageW
EndPaint
BeginPaint
LoadBitmapW
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsWindow
SetWindowRgn
GetDlgItem
GetParent
RedrawWindow
IsWindowVisible
ScreenToClient
GetWindowRect
SetWindowPos
SetWindowTextW
CreateWindowExW
EndDialog
GetWindowLongW
ReleaseDC
GetDC
GetWindowTextW
LoadCursorW
SetCursor
OffsetRect
PtInRect
CopyRect
IsWindowEnabled
InvalidateRect
GetClientRect
CallWindowProcW
DrawStateW
DefWindowProcW
DestroyWindow
wsprintfW
GetActiveWindow
DialogBoxParamW
CharNextW
CharLowerW
SetForegroundWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
LoadStringW
ShowWindow
SendMessageW
SetWindowLongW
wvsprintfW
PostMessageW

gdi32

GetBitmapBits
SetBitmapBits
CreateRectRgn
ExtSelectClipRgn
CreateFontIndirectW
CreateRoundRectRgn
CreateFontW
GetObjectW
SetTextColor
SetBkMode
CreateCompatibleBitmap
BitBlt
SelectObject
CreateCompatibleDC
GetTextExtentPoint32W
RestoreDC
SaveDC
DeleteObject
CreateSolidBrush
GetDeviceCaps
DeleteDC

advapi32

RegEnumKeyExW
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyW
RegNotifyChangeKeyValue
RegEnumKeyExA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExA
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW
SHBrowseForFolderW
Shell_NotifyIconW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHCreateDirectoryExW

ole32

CoCreateInstance
OleRun
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitialize

oleaut32

GetErrorInfo
VariantChangeType
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SysFreeString
OleLoadPicture
VarUI4FromStr
SysAllocString
VariantClear
VariantInit

comctl32

_TrackMouseEvent
InitCommonControlsEx

setupapi

SetupIterateCabinetW

wininet

HttpSendRequestW
HttpQueryInfoW
InternetCloseHandle
InternetConnectW
HttpOpenRequestW
InternetErrorDlg
InternetOpenW
InternetOpenUrlW

psapi

EnumProcessModules
GetModuleFileNameExW

iphlpapi

GetNetworkParams
GetAdaptersInfo

secur32

InitializeSecurityContextA
FreeCredentialsHandle
AcquireCredentialsHandleA

rasapi32

RasEnumConnectionsW
RasGetConnectStatusW

Sections

.text
Size: 844KB - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 178KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed981ca8d6a3bf01a7179455c941e0eb

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

setupapi

wininet

psapi

iphlpapi

secur32

rasapi32

Sections

.text Size: 844KB - Virtual size: 844KB

.rdata Size: 177KB - Virtual size: 177KB

.data Size: 178KB - Virtual size: 493KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 124KB - Virtual size: 128KB

.text
Size: 844KB - Virtual size: 844KB

.rdata
Size: 177KB - Virtual size: 177KB

.data
Size: 178KB - Virtual size: 493KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 124KB - Virtual size: 128KB