56a11d42e185594f15ca13307e3b8803

Sharing

Copy URL

Twitter E-mail

General

Target

56a11d42e185594f15ca13307e3b8803
Size

319KB
MD5

56a11d42e185594f15ca13307e3b8803
SHA1

117d5ecb4d77c833db938702c1d3c199c690d24a
SHA256

966d59c3472a79da16791a85b2094b15009148c72054074787eed977520b7b8f
SHA512

d44523063c65087b4dedecf57b443b0e5faa5e4045c4dac7b80e548799e3e7de9431426891aff43dcd0440a14fce468f0e8029bbe5e975a434e185c664cc9e80
SSDEEP

3072:qA4jqSSpO3YlFO4pG6WR+PQjiH6xti2R50YjPdUoLuI2ugUce9FtlD7y4Nhk3SvC:qyO3IBvGuHuggDt95Pk3Eawc97WP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56a11d42e185594f15ca13307e3b8803

Files

56a11d42e185594f15ca13307e3b8803
.exe windows:4 windows x86 arch:x86

bd3e9e86a0baf1d88e3e90ec2c386fb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime
VariantInit
VariantCopy
VariantClear
VariantChangeType
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayDestroy

ole32

CLSIDFromProgID
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleUninitialize
OleIsCurrentClipboard
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoInitialize
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

comdlg32

GetFileTitleW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW

advapi32

RegQueryValueW
RegQueryValueExW
RegOpenCurrentUser
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

WinHelpW
AdjustWindowRectEx
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
TranslateMessage
SetWindowsHookExW
SetWindowTextW
SetWindowLongW
SetWindowContextHelpId
SetPropW
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
PtInRect
PostThreadMessageW
PostQuitMessage
PeekMessageW
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DrawIcon
DlgDirSelectComboBoxExW
DispatchMessageW
DestroyWindow
DestroyMenu
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CopyIcon
CopyAcceleratorTableW
ClientToScreen
CheckMenuItem
CharUpperW
CharNextW
CallWindowProcW
CallNextHookEx
BeginPaint
SystemParametersInfoA

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

oledlg

OleUIBusyW

shell32

ShellExecuteW
ExtractIconW

gdi32

GetMapMode
GetObjectW
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
GetDeviceCaps
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
GetBkColor
GetClipBox
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
DeleteDC
CreateRectRgnIndirect
CreateFontW
SaveDC
CreateBitmap
GetRgnBox

comctl32

ord17

kernel32

SetEndOfFile
RtlUnwind
QueryPerformanceCounter
MultiByteToWideChar
LockResource
LocalAlloc
LoadResource
LoadLibraryW
LeaveCriticalSection
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapReAlloc
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalLock
GlobalFree
GlobalFlags
GlobalAlloc
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
SetEnvironmentVariableA
GetStringTypeA
GetStartupInfoA
GetProcessHeap
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CopyFileW
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpW
lstrlenA
lstrlenW
GetStringTypeW

Exports

Exports

MM_InitWrapper
PlugPlugExtensionCall
PlugPlugGetVersion
PlugPlugLoadExtension
PlugPlugMenuCall
PlugPlugNotifyStateChange
PlugPlugSetFlashPanelList
PlugPlugSetup
PlugPlugTerminate
PlugPlugUnloadExtension
fdgfdgfgghj

Sections

.text
Size: 200KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd3e9e86a0baf1d88e3e90ec2c386fb7

Headers

File Characteristics

Imports

oleaut32

ole32

comdlg32

shlwapi

advapi32

user32

winspool.drv

oledlg

shell32

gdi32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 204KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 17KB - Virtual size: 80KB

.idata Size: 8KB - Virtual size: 12KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 200KB - Virtual size: 204KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 17KB - Virtual size: 80KB

.idata
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 20KB - Virtual size: 20KB