541385263853d7c936b6f4b228c8985b

Sharing

Copy URL Twitter E-mail

General

Target

541385263853d7c936b6f4b228c8985b
Size

968KB
MD5

541385263853d7c936b6f4b228c8985b
SHA1

86911d35fd9a908a0fe27d19ae46d7ec24109ea3
SHA256

78ce4b3188e94fa6252027fec82aaed9774c2616bc7d66fd148fdba076a6a9aa
SHA512

d0ca90ce230a8836a3383d7708b7f9bce1548d0fcbd4cdcf06e8c0be51f98480de695d5d68c129220bbcce34315fa44214cb380a9f6587efccc0f4b744a134c3
SSDEEP

12288:d5rd+NSb2+ld++E0Zcz7FOlpJYd2881YYK+k8CM0f6dvybwA+tSOBSar+WrgVp8W:d2+TEO5aYWMXH0OBSarA8ruLihI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
541385263853d7c936b6f4b228c8985b

Files

541385263853d7c936b6f4b228c8985b
.exe windows:4 windows x86 arch:x86

e855546ec4443099ba7d36bb03479d81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

Netbios

kernel32

GetFileType
TerminateProcess
CreateDirectoryW
GetLocalTime
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
ExitThread
CreateThread
FreeEnvironmentStringsW
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
GetEnvironmentStringsW
IsBadWritePtr
GetEnvironmentStrings
HeapCreate
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
EnterCriticalSection
GetACP
GetOEMCP
SetEnvironmentVariableA
RaiseException
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetStartupInfoW
SetErrorMode
LocalFileTimeToFileTime
GetShortPathNameW
GetStringTypeExW
GetVolumeInformationW
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetThreadLocale
WritePrivateProfileStringW
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
QueryPerformanceCounter
SetFileTime
DeleteFileW
MoveFileW
GetSystemTime
WriteFile
lstrcpyW
FormatMessageW
FreeLibrary
GetTickCount
FindResourceW
LoadResource
LockResource
lstrcpynW
GetPrivateProfileStringW
GetDriveTypeW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetVersionExW
LoadLibraryW
GetProcAddress
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
DeviceIoControl
SetLastError
GetLogicalDriveStringsA
GetDriveTypeA
GetDiskFreeSpaceW
SetFilePointer
ReadFile
SetEvent
CreateFileW
WaitForSingleObject
CloseHandle
QueryDosDeviceA
GetLastError
FindFirstFileW
FindClose
VirtualAlloc
VirtualFree
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
lstrcmpiW
GlobalGetAtomNameW
GetFileTime
GetFullPathNameW
GetTempFileNameW
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
lstrcmpW
GlobalAlloc
lstrcmpA
lstrcmpiA
GetCurrentThread
MulDiv
LocalFree
WideCharToMultiByte
lstrlenW
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
GlobalLock
GlobalUnlock
GlobalFree
ReleaseMutex
GetFileAttributesW
ResetEvent
GetFileSize
SetEndOfFile
QueryPerformanceFrequency
CompareStringW
SetUnhandledExceptionFilter
CompareStringA

user32

SetParent
PostThreadMessageW
RegisterClipboardFormatW
GetClassNameW
SetRect
KillTimer
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorW
LoadAcceleratorsW
GetWindowThreadProcessId
WaitMessage
IsZoomed
SetRectEmpty
DestroyMenu
FindWindowW
MapDialogRect
SetWindowContextHelpId
GetMessageW
TranslateMessage
ValidateRect
SetCursor
ShowOwnedPopups
PostQuitMessage
GrayStringW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
wvsprintfW
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
PeekMessageW
DispatchMessageW
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
CharUpperW
LockWindowUpdate
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
wsprintfW
RegisterClassW
TrackPopupMenu
GetWindowTextLengthW
GetWindowTextW
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetSysColorBrush
RegisterWindowMessageW
IntersectRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindowEnabled
GetSystemMetrics
GetCursorPos
ReleaseCapture
SetCapture
GetClassInfoW
DefWindowProcW
SetTimer
ShowWindow
BringWindowToTop
SetForegroundWindow
LoadCursorW
SetWindowLongW
CallWindowProcA
GetWindowLongW
CallWindowProcW
GetParent
FrameRect
DrawFocusRect
MessageBoxW
GetDlgItem
SetWindowTextW
LoadStringW
GetDesktopWindow
LoadBitmapW
DrawFrameControl
SetMenu
GetMenuItemID
GetDCEx
CopyAcceleratorTableW
MessageBeep
GetNextDlgGroupItem
CharNextW
ShowScrollBar
GetScrollRange
GetWindow
GetMenuState
GetMenuStringW
SetMenuItemInfoW
GetDC
SystemParametersInfoW
ReleaseDC
GetMenuCheckMarkDimensions
InflateRect
DrawStateW
DrawEdge
AppendMenuW
CreateMenu
GetDlgCtrlID
SetWindowPos
LoadImageW
ClientToScreen
WindowFromPoint
ScreenToClient
CopyRect
FillRect
DrawTextW
GetSysColor
GetKeyState
IsWindowVisible
GetMenuItemInfoW
DestroyIcon
GetFocus
PtInRect
LoadMenuW
GetSubMenu
EnableMenuItem
GetMenu
GetMenuItemCount
ModifyMenuW
LoadIconW
UpdateWindow
PostMessageW
GetClientRect
InvalidateRect
GetWindowRect
OffsetRect
CharToOemW
OemToCharW
EnableWindow
WinHelpW
SendMessageW
RemovePropW
ScrollWindow
UnregisterClassW

gdi32

CreateFontW
ExcludeClipRect
GetTextExtentPoint32W
MoveToEx
LineTo
ScaleWindowExtEx
CreateRectRgn
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutW
SetWindowExtEx
Escape
PatBlt
LPtoDP
DPtoLP
StretchDIBits
GetCharWidthW
GetMapMode
SetRectRgn
CombineRgn
GetTextColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
IntersectClipRect
SelectClipRgn
GetStockObject
RestoreDC
SaveDC
GetClipBox
GetTextMetricsW
ExtTextOutW
DeleteObject
SelectObject
DeleteDC
SetBkMode
SetTextColor
SetBkColor
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateFontIndirectW
GetBkColor
GetObjectW
CreateRectRgnIndirect
CreateSolidBrush
Rectangle
CreatePen

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegGetKeySecurity
RegOpenKeyExA
RegOpenKeyA
RegSetKeySecurity
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyExW
RegCreateKeyW
RegSetValueW

shell32

SHGetFileInfoW
DragQueryFileW
ShellExecuteW
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
ExtractIconW
SHGetMalloc

comctl32

ImageList_GetIcon
ImageList_GetImageInfo
ord17
ImageList_SetOverlayImage
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_AddMasked
ImageList_Draw
ImageList_GetImageCount
ImageList_Create
ImageList_Destroy

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
CoRegisterMessageFilter
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysStringLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 520KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e855546ec4443099ba7d36bb03479d81

Headers

File Characteristics

Imports

netapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 520KB - Virtual size: 520KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 52KB - Virtual size: 67KB

.rsrc Size: 304KB - Virtual size: 332KB

.text
Size: 520KB - Virtual size: 520KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 52KB - Virtual size: 67KB

.rsrc
Size: 304KB - Virtual size: 332KB