64133192fa3a10545b89414cd633ce11

Sharing

Copy URL Twitter E-mail

General

Target

64133192fa3a10545b89414cd633ce11
Size

2.6MB
MD5

64133192fa3a10545b89414cd633ce11
SHA1

5ea481e485714724705c95c9c16491ac809e2f9e
SHA256

abce96f9cdfc6730dcf6397e466a598340f530ce9c30629b9b247f5d1e149f43
SHA512

13377ad9b869e0f2b11412c6af01982625a76fd154df577ada0088b3249d82a4fa1cf427e4a0dd580648586cace55b237030355e42d8c371ae424733162b0e26
SSDEEP

49152:7g+yndCkdZyhfG5yozneUhZhyWXWtcEaoJAtAZ95FhBo6pBXNSMVlR+r97ya2kc:QhHyhfYK5WGFVAtI53V+8a2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64133192fa3a10545b89414cd633ce11

Files

64133192fa3a10545b89414cd633ce11
.exe windows:5 windows x86 arch:x86

e6341ad09ed5ec70d2b052fc97ac2f93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
GlobalLock
GlobalUnlock
MultiByteToWideChar
ExpandEnvironmentStringsA
GetLongPathNameA
lstrlenA
GetWindowsDirectoryA
FlushViewOfFile
FindFirstFileA
FindClose
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
lstrcmpA
GetVersionExA
lstrcmpW
CompareStringA
FreeLibrary
GetTickCount
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
MulDiv
GetCurrentProcessId
LocalFree
FormatMessageA
GlobalAlloc
GlobalFree
GetModuleFileNameW
InterlockedDecrement
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
FindNextFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
GetModuleHandleW
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetFullPathNameA
SetErrorMode
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
HeapReAlloc
VirtualAlloc
ExitThread
CreateThread
Sleep
ExitProcess
HeapSize
GetACP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
lstrcpynA
lstrcpyA
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetLastError
GetLogicalDrives
GetVolumeInformationA
GetLastError
WaitForSingleObject
CloseHandle
GetCurrentDirectoryA
GlobalDeleteAtom
GetModuleFileNameA

user32

BeginPaint
EndPaint
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetActiveWindow
GetDesktopWindow
SetRectEmpty
SetRect
KillTimer
WindowFromPoint
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
SetCursor
GetSysColorBrush
LoadCursorA
UnregisterClassA
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
FillRect
GetClientRect
EnableWindow
SendMessageA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetWindowRect
SetForegroundWindow
PtInRect
UpdateWindow
GetKeyState
ModifyMenuA
AppendMenuA
GetSubMenu
EnumWindows
FindWindowExA
GetWindowTextA
GetClassNameA
IsWindowVisible
IsWindow
GetSystemMetrics
IsIconic
PostMessageA
GetParent
GetAsyncKeyState
GetSysColor
InvalidateRect
OffsetRect
DrawFrameControl
DestroyIcon
DestroyMenu
wsprintfA
SetTimer
CopyRect
DrawTextA
RegisterClipboardFormatA
GetMenuItemCount
GetMenuItemID
EqualRect

gdi32

GetDeviceCaps
GetBkColor
StretchDIBits
GetCharWidthA
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
ExcludeClipRect
IntersectClipRect
DeleteObject
SelectClipRgn
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
CreateSolidBrush
BitBlt
CreateFontIndirectA
GetObjectA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
Ellipse
CreatePen
StretchBlt
GetTextExtentPoint32A

advapi32

RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

shell32

SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExA
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
ExtractIconExA

ole32

CoCreateInstance
ReleaseStgMedium
CoTaskMemFree

shlwapi

PathIsDirectoryA
PathFindExtensionA
PathFindFileNameA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6341ad09ed5ec70d2b052fc97ac2f93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

version

wininet

oleacc

winspool.drv

oleaut32

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 2.2MB - Virtual size: 2.2MB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 2.2MB - Virtual size: 2.2MB

.rsrc
Size: 88KB - Virtual size: 88KB