5538fc8b9aadc7d9f18368abb2481fbc

Sharing

Copy URL Twitter E-mail

General

Target

5538fc8b9aadc7d9f18368abb2481fbc
Size

856KB
MD5

5538fc8b9aadc7d9f18368abb2481fbc
SHA1

68cb666d9de46d7346ee89de7b1218bff6fa4779
SHA256

cc00d30c3f9e4b49789d33184088535f4055d1bf949bf70dee186bb8dfba6caf
SHA512

809b2b0d9336dc9ba3412ef2903b9ad40da5d23080e94ae37b44c9bae64cf6fdd81e9977cd5207b52eba24d16bbb215b70cad2e62def85ad5b376b43447a8979
SSDEEP

12288:qWk/xwpVKcDMkq+MqZ2LZbpV0QTJw1Inu5EFFFRtuiCXjVZHAvdv+XWUcolc1:C/xwDq+MqZAFWA61Iu5EP/UiCVvTco

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5538fc8b9aadc7d9f18368abb2481fbc

Files

5538fc8b9aadc7d9f18368abb2481fbc
.exe windows:4 windows x86 arch:x86

481314ce71220cb66218ac8250c24678

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetFileType
SetStdHandle
CompareStringA
CompareStringW
UnhandledExceptionFilter
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
HeapReAlloc
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetACP
GetProfileStringA
GetTimeZoneInformation
RaiseException
TerminateProcess
HeapAlloc
ExitProcess
GetStartupInfoA
HeapFree
ExitThread
CreateThread
RtlUnwind
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalSize
GlobalReAlloc
lstrcpynA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetLastError
FormatMessageA
LocalFree
GetThreadLocale
InterlockedDecrement
InterlockedIncrement
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
SetLastError
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
ReadFile
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
WriteFile
GetFullPathNameA
SetEvent
ResetEvent
FindResourceA
LoadResource
SizeofResource
LockResource
ResumeThread
MulDiv
CreateFileA
GetFileSize
CloseHandle
WaitForSingleObject
DeleteFileA
GetFileAttributesA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
GetTempPathA
CreateDirectoryA
WideCharToMultiByte
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
InitializeCriticalSection
GetCurrentThreadId
GetCommandLineA
lstrcmpiA
DeleteCriticalSection
GetStdHandle
HeapDestroy

user32

GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
IsWindowVisible
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
PostQuitMessage
PostMessageA
UnhookWindowsHookEx
ValidateRect
SetCursor
GetDC
ReleaseDC
GetMenuItemID
ClientToScreen
WindowFromPoint
ChildWindowFromPointEx
OffsetRect
SystemParametersInfoA
GetDlgCtrlID
LoadStringA
IsChild
CopyRect
LoadCursorA
SetFocus
GetCursorPos
KillTimer
SetTimer
GetSysColor
FillRect
CharNextA
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
PeekMessageA
DispatchMessageA
IsDialogMessageA
TranslateMessage
MessageBoxA
LoadBitmapA
EnableWindow
GetMessagePos
ScreenToClient
PtInRect
CopyImage
GetWindowRect
IsIconic
GetSystemMetrics
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
DrawTextA
GetWindowTextA
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
IsWindow
GetClientRect
InflateRect
LoadImageA
InvalidateRect
RedrawWindow
LoadIconA
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
GetCapture
GetTopWindow
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
GetSysColorBrush
UnregisterClassA
GetClassNameA
GetDesktopWindow
CharUpperA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
MapDialogRect
SetWindowContextHelpId
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
SetRect

gdi32

SaveDC
RestoreDC
GetStockObject
SelectPalette
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
GetTextColor
GetBkColor
GetMapMode
DPtoLP
LPtoDP
CreateBitmap
CreateFontA
FillPath
SelectObject
DeleteDC
DeleteObject
CreateFontIndirectA
CreateSolidBrush
Rectangle
GetTextMetricsA
GetTextExtentPoint32A
Polygon
StretchBlt
CreateRectRgnIndirect
GetDeviceCaps
RealizePalette
BitBlt
GetObjectA
CreateHalftonePalette
CreateCompatibleDC
GetDIBColorTable
CreateDIBitmap
GetTextExtentPointA
CreatePalette

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ImageList_Destroy
ImageList_LoadImageA
ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree

olepro32

ord251
ord253

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi
VariantClear
SysAllocStringLen
VariantCopy
SysAllocStringByteLen
VariantChangeType
SysStringLen
VariantTimeToSystemTime

odbc32

ord4
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord3
ord11
ord18
ord13
ord16
ord5
ord10
ord72

wininet

InternetGetConnectedState

Sections

.text
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 4KB - Virtual size: 76B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 384KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

481314ce71220cb66218ac8250c24678

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

wininet

Sections

.text Size: 260KB - Virtual size: 258KB

.code Size: 4KB - Virtual size: 76B

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 384KB - Virtual size: 405KB

.rsrc Size: 144KB - Virtual size: 178KB

.text
Size: 260KB - Virtual size: 258KB

.code
Size: 4KB - Virtual size: 76B

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 384KB - Virtual size: 405KB

.rsrc
Size: 144KB - Virtual size: 178KB