5762a6307fee925dfd367358971c6580

Sharing

Copy URL

Twitter E-mail

General

Target

5762a6307fee925dfd367358971c6580
Size

4.5MB
MD5

5762a6307fee925dfd367358971c6580
SHA1

38314c5ae110b2f902f003d3e0e1f34f5ac51e0c
SHA256

9817149b5685c150f56b16f47550e79b2965318ed3a2de98142826b51ff2349b
SHA512

404191c3233d85362ec7d2935a7be6ca9be2e1220ebea8ed3374b9a329b954a5926e54b150fa3e2ca51a1d5e79c1b6c714bfca404e11c9302d4aa7db2de88593
SSDEEP

98304:ZDkr76eMLbKq+qvKsVGp2WAbN5ZzcwO1N2HeF8i:SvtMveswFAY2HeF8i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5762a6307fee925dfd367358971c6580

Files

5762a6307fee925dfd367358971c6580
.exe windows:4 windows x86 arch:x86

ef44cdf36db1d47b6449e450d1bb1358

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ControlService
CreateServiceW
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
DeleteService
OpenSCManagerW
OpenServiceW
RegDeleteKeyW
StartServiceW

kernel32

AcquireSRWLockShared
CloseHandle
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileMappingA
CreateFileW
CreateThread
DecodePointer
DefineDosDeviceW
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDrives
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVolumeInformationW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSRWLock
IsDBCSLeadByte
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryDosDeviceW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFilePointer
SetFilePointerEx
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SetVolumeLabelW
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

DocumentPropertiesW
EnumPrintersW
ord203
OpenPrinterW

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitializeFlatSB

gdi32

CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontsW
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBitmapDimensionEx
GetBrushOrgEx
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetGlyphOutlineW
GetGraphicsMode
GetNearestPaletteIndex
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetViewportOrgEx
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LineDDA
LineTo
MaskBlt
ModifyWorldTransform
MoveToEx
PatBlt
Pie
PlayEnhMetaFile
PolyBezierTo
Polygon
Polyline
RealizePalette
RectVisible
Rectangle
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetGraphicsMode
SetPaletteEntries
SetPixelV
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
SetWorldTransform
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutW
UnrealizeObject

msimg32

AlphaBlend

user32

CheckRadioButton
CreateDialogParamW
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawMenuBar
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EnumThreadWindows
GetClientRect
GetDC
GetDlgItemInt
GetDlgItemTextW
GetKeyState
GetMenu
GetMessageW
GetParent
GetPropW
GetSubMenu
GetWindowLongA
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowWord
IsDialogMessageW
IsDlgButtonChecked
LoadCursorW
LoadIconW
MapWindowPoints
MessageBoxA
MessageBoxW
MoveWindow
PeekMessageW
PostQuitMessage
RegisterClassExW
ReleaseDC
RemovePropW
ScreenToClient
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetPropW
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateMessage
wsprintfA
wsprintfW

ole32

ProgIDFromCLSID
StgCreateDocfile
StringFromCLSID

oleaut32

GetErrorInfo
SafeArrayAccessData
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopyInd
VariantInit

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.relod
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ef44cdf36db1d47b6449e450d1bb1358

Headers

File Characteristics

Imports

advapi32

kernel32

version

winspool.drv

comctl32

gdi32

msimg32

user32

ole32

oleaut32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 15KB - Virtual size: 14.1MB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 33KB - Virtual size: 32KB

.relod Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 15KB - Virtual size: 14.1MB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 33KB - Virtual size: 32KB

.relod
Size: 2.1MB - Virtual size: 2.1MB