70a93ee86cb1c0f8f1b11885eabdfc0d

Sharing

Copy URL Twitter E-mail

General

Target

70a93ee86cb1c0f8f1b11885eabdfc0d
Size

236KB
MD5

70a93ee86cb1c0f8f1b11885eabdfc0d
SHA1

0cfdb8444edcedcb681bb5907502a000b6ccc942
SHA256

e57ea3b62d0d301fe1b4073cdf2a2231fa31a70b34f2756417bf82501fc66fc3
SHA512

7e5032478fe5e5bed9781f87fb94fcdda6bf562f09f8ca39f79b3f0eba8abe6124176664acbe4dd3b6b54e8cc71681ec40f0b3003c9391f7e42d0753310bddc8
SSDEEP

6144:OqLHv2U+ys5H7hGWPLmgfM8+9onhzhuwXIBLT:OqLHfls5H7hzPLmgfM8+9onhz8T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70a93ee86cb1c0f8f1b11885eabdfc0d

Files

70a93ee86cb1c0f8f1b11885eabdfc0d
.exe windows:4 windows x86 arch:x86

2e277b3c2411e03e5cf15051864c551b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
TerminateProcess
CreateThread
RaiseException
ExitThread
HeapSize
HeapReAlloc
GetTimeZoneInformation
GetCommandLineA
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetACP
RtlUnwind
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
FileTimeToLocalFileTime
FileTimeToSystemTime
SetStdHandle
CompareStringA
CompareStringW
GetStartupInfoA
HeapFree
SetErrorMode
GetFileSize
FindFirstFileA
GetVolumeInformationA
FindClose
LockFile
SetEndOfFile
UnlockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
DuplicateHandle
SizeofResource
GetFullPathNameA
GetFileTime
GetEnvironmentStrings
GetFileAttributesA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
ResetEvent
ResumeThread
SetEvent
GetProcAddress
CloseHandle
CreateMutexA
GetLastError
WaitForSingleObject
CreateEventA
GetTickCount
Sleep
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
GetWindowsDirectoryA
LoadLibraryA
GetThreadLocale
GetOEMCP
GetProfileStringA
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcpynA
SuspendThread
SetThreadPriority
GlobalAlloc
lstrcmpA
GetCurrentThread
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalFree
lstrlenW
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GetEnvironmentStringsW
SetHandleCount
SetEnvironmentVariableA
FreeLibrary

user32

CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
CharNextA
DestroyMenu
GetSysColorBrush
GetDesktopWindow
GetClassNameA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
LoadStringA
wvsprintfA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
WindowFromPoint
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
ScrollWindow
GetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetScrollInfo
GetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetCursorPos
SetCursorPos
GetCursorInfo
SetTimer
KillTimer
IsIconic
DrawIcon
LoadIconA
FindWindowA
ShowWindow
SetForegroundWindow
GetSystemMetrics
RegisterWindowMessageA
MapVirtualKeyA
SendInput
EnableWindow
LoadCursorA
CopyIcon
GetWindowRect
GetParent
GetDC
ReleaseDC
InflateRect
InvalidateRect
IsWindow
SetWindowLongA
SetCursor
GetClientRect
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
MessageBeep
SendMessageA
GetSysColor
CopyRect
IsWindowEnabled
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
LPtoDP
DPtoLP
PatBlt
GetTextColor
GetBkColor
GetMapMode
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
SelectObject
SetBkMode
SaveDC
RestoreDC
CreateBitmap
SetBkColor
DeleteDC
GetClipBox
SetTextColor
GetTextExtentPoint32A
GetObjectA
GetPixel
CreateFontIndirectA
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

VariantClear
SysStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayGetUBound
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e277b3c2411e03e5cf15051864c551b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 16KB - Virtual size: 12KB