4202ce12f0dc1d2e5a83b26bfad42d2f

Sharing

Copy URL Twitter E-mail

General

Target

4202ce12f0dc1d2e5a83b26bfad42d2f
Size

88KB
MD5

4202ce12f0dc1d2e5a83b26bfad42d2f
SHA1

8efb2f244b01970417f7b57709c2842d45872c7d
SHA256

98c1356bf25f0ea01971c44791f7d2c69a4a4a5e459f142131d22d434ccac7d1
SHA512

bf6e4f5c532bc345cb8c94ff1cf802d81f61b52e219538fe43d8da08bf55d328f27c3aa085df943c07bd1c7a24d3fa6b852c1e655752a43cb66e083ba664a90c
SSDEEP

1536:k9FqtvTScODfU1uoICVZsVxiHAP7xohmVAUVBTCCtqHvo4CnHHHNCEYTnJS:iqRScrc0GVxUKqhmJntcPCnHHH14nJS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4202ce12f0dc1d2e5a83b26bfad42d2f

Files

4202ce12f0dc1d2e5a83b26bfad42d2f
.exe windows:5 windows x86 arch:x86

c50d95110745d4e7c73e6d620730b1ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

GetStateTextA
CreateStdAccessibleProxyA
AccessibleObjectFromWindow
ObjectFromLresult
AccessibleObjectFromEvent
DllUnregisterServer
CreateStdAccessibleObject
AccessibleChildren
GetStateTextW
CreateStdAccessibleProxyW
LresultFromObject
GetOleaccVersionInfo
AccessibleObjectFromPoint
LIBID_Accessibility
IID_IAccessible
GetRoleTextA
GetRoleTextW
IID_IAccessibleHandler
DllCanUnloadNow
WindowFromAccessibleObject
DllGetClassObject

version

GetFileVersionInfoSizeA
VerQueryValueW

shell32

RestartDialog
PathResolve
DAD_DragEnterEx
Shell_GetCachedImageIndex
DllGetClassObject
PifMgr_OpenProperties
DllUnregisterServer
DAD_DragLeave
DllInstall
SHChangeNotifyRegister
DriveType
DllRegisterServer
DragAcceptFiles
SHILCreateFromPath
DllGetVersion
IsNetDrive
PathQualify
PickIconDlg
DAD_DragMove
SHChangeNotifyDeregister
Shell_GetImageLists
DllCanUnloadNow
DragFinish
GetFileNameFromBrowse
SHCoCreateInstance
SHStartNetConnectionDialogW
Shell_MergeMenus
SHGetSetSettings
SHDefExtractIconW

gdi32

GetDeviceCaps
GetStockObject
SelectPalette
SetTextColor
CreateSolidBrush
GetObjectA
SetBkColor
DeleteDC
GetSystemPaletteEntries
SaveDC
SelectObject
RestoreDC
DeleteObject
LineTo
GetTextMetricsA
CreateDIBitmap
RealizePalette
CreateCompatibleDC
CreateFontIndirectA
SelectClipRgn
MoveToEx
UnrealizeObject
ExtTextOutA
CreateRectRgn
CreatePalette
BitBlt

ws2_32

WSAStartup
WSAGetLastError
send
recv
connect
socket
WSACleanup

ole32

CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CLSIDFromString
CoCopyProxy
CoAllowSetForegroundWindow
CLSIDFromOle1Class
OleInitialize
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserFree
OleGetClipboard
CoDeactivateObject
CoCreateGuid
CoCancelCall
CoAddRefServerProcess
CoCreateFreeThreadedMarshaler
CoCreateInstanceEx
CoDisableCallCancellation
CLSIDFromProgIDEx
CoCreateObjectInContext
CoCreateInstance

rpcrt4

MesHandleFree
NdrClientInitialize
CreateStubFromTypeInfo
MesInqProcEncodingId
NdrByteCountPointerBufferSize
MesIncrementalHandleReset
NDRcopy
NDRSContextMarshallEx
NdrByteCountPointerFree
NDRCContextMarshall
NdrAsyncClientCall
MesEncodeFixedBufferHandleCreate
NDRSContextMarshall
MesDecodeIncrementalHandleCreate
NdrAsyncServerCall
CStdStubBuffer_CountRefs
NdrAllocate
NDRCContextBinding
NdrByteCountPointerUnmarshall
NdrConformantStructBufferSize
DllGetClassObject
MesBufferHandleReset
DllRegisterServer
DceErrorInqTextW

msvcrt

malloc
wcslen
_snwprintf
_vsnwprintf
__dllonexit
wcsncmp
free
_onexit
realloc
wcsncpy
_iob
swprintf
_itow
_except_handler3
_wtoi
_local_unwind2
strtol
wcscmp
_strnicmp
_initterm
wcscpy
_wcsicmp
fwrite
_adjust_fdiv

user32

ShowWindow
GetWindowRect
GetSystemMetrics
GetDlgItem
EndDialog
TranslateMessage
MessageBoxA
EnableWindow
GetDC
GetClientRect
LoadStringW
ReleaseDC

crypt32

CertAddEncodedCTLToStore

kernel32

WaitForMultipleObjects
GlobalMemoryStatus
DeleteCriticalSection
CreateFileA
TerminateProcess
QueryDosDeviceA
SetEnvironmentVariableA
WriteConsoleOutputA
BackupWrite
WriteConsoleInputW
SetConsoleCtrlHandler
ReadFile
GetLogicalDrives
EnterCriticalSection
GetModuleFileNameA
SetConsoleTitleA
SetConsoleScreenBufferSize
FindFirstChangeNotificationA
SetConsoleWindowInfo
DeleteFileA
CreateDirectoryA
InitializeCriticalSection
LoadLibraryA
CreateMutexA
ReadConsoleOutputW
GetVersionExA
GetConsoleMode
SetConsoleCursorPosition
GetLocaleInfoA
GetDiskFreeSpaceA
GetConsoleScreenBufferInfo
AllocConsole
GetLargestConsoleWindowSize
GetFileSize
FreeConsole
WaitForSingleObject
LoadLibraryExA
ReleaseMutex
MoveFileExA
FlushFileBuffers
SetErrorMode
lstrcmpiA
RemoveDirectoryA
SetEndOfFile
FlushConsoleInputBuffer
GetTickCount
ReadConsoleOutputA
OpenProcess
GetNumberFormatA
InterlockedDecrement
MoveFileA
SetConsoleCP
PeekConsoleInputW
GetSystemTimeAsFileTime
SetConsoleActiveScreenBuffer
GetCurrentDirectoryA
CreateFileW
SetConsoleCursorInfo
InterlockedIncrement
GetLastError
CopyFileA
CreateFileMappingA
SetStdHandle
IsBadCodePtr
GetEnvironmentVariableA
SetConsoleMode
GetFileAttributesA
WriteFile
IsBadWritePtr
FindNextFileA
GetSystemTime
WriteConsoleOutputW
LeaveCriticalSection
GetShortPathNameA
VirtualAlloc
GetConsoleCP
SetConsoleTextAttribute
SystemTimeToFileTime
SetFileApisToANSI
FindFirstFileA
ExpandEnvironmentStringsA
LocalFileTimeToFileTime
SetConsoleOutputCP
GetModuleHandleA
SetFilePointer
ReadConsoleInputW
FindCloseChangeNotification
SetFileTime
GetCompressedFileSizeA
GetFileTime
GetCurrentThreadId
PeekConsoleInputA
DefineDosDeviceA
UnmapViewOfFile
FreeLibrary
SetLastError
GetFullPathNameA
CreateProcessA
GetFileInformationByHandle
FileTimeToDosDateTime
IsBadReadPtr
ReadConsoleW
GetStdHandle
SearchPathA
GetVolumeInformationA
FormatMessageA
FileTimeToLocalFileTime
GetConsoleOutputCP
GetConsoleCursorInfo
GetCurrentProcessId
SetCurrentDirectoryA
ReadConsoleInputA
RaiseException
MapViewOfFile
ReadConsoleA
GetFileType
SetFileApisToOEM
CompareStringA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c50d95110745d4e7c73e6d620730b1ee

Headers

DLL Characteristics

File Characteristics

Imports

oleacc

version

shell32

gdi32

ws2_32

ole32

rpcrt4

msvcrt

user32

crypt32

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 25KB - Virtual size: 120KB

.rsrc Size: 49KB - Virtual size: 48KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 25KB - Virtual size: 120KB

.rsrc
Size: 49KB - Virtual size: 48KB