2024-01-25_e04dc3e58328e66254a5acc8b957e862_eclipsesuncloudrat_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-25_e04dc3e58328e66254a5acc8b957e862_eclipsesuncloudrat_mafia
Size

1.6MB
MD5

e04dc3e58328e66254a5acc8b957e862
SHA1

16da75f4c010d2a5704e24348bd739dbb1fa02a7
SHA256

209d92309941f0177af3d35e63edc760e5c46540160652179ebbb1b5049e2b73
SHA512

a6da2e1897b913f6b86e3b7d99638537de72c741e86178dd3c750ac1baf40e010ae29b60942749523a52ae96c040f73ed9791e9739059769a5c2255808af0e40
SSDEEP

49152:IeTlRwWL4LbAME7228ZCZCA04CVfS4zm045VX1JVgLiqm7YEbkArQeT:LRwbLbAMMeZCCA04CVfS4zvCVl+A7YE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-01-25_e04dc3e58328e66254a5acc8b957e862_eclipsesuncloudrat_mafia

Files

2024-01-25_e04dc3e58328e66254a5acc8b957e862_eclipsesuncloudrat_mafia
.exe windows:5 windows x86 arch:x86

47596ccb5a8dd3d5558a4c6d755b6f6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

ws2_32

htonl

kernel32

TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
GetCurrentDirectoryA
LocalReAlloc
TlsFree
InterlockedIncrement
DeleteFileA
GetThreadLocale
lstrcmpiA
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
FileTimeToSystemTime
SetErrorMode
GetTempFileNameA
GetTempPathA
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetWindowsDirectoryA
GetNumberFormatA
GetTickCount
GetProfileIntA
Sleep
SearchPathA
VirtualProtect
FindResourceExW
RtlUnwind
EncodePointer
DecodePointer
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
CreateDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
ExitProcess
ExitThread
CreateThread
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
LocalAlloc
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTimeZoneInformation
IsValidCodePage
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
CompareStringW
GetConsoleCP
GetConsoleMode
WriteConsoleW
GetProcessHeap
CreateFileW
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileIntA
lstrlenA
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
CompareStringA
ActivateActCtx
LoadLibraryA
DeactivateActCtx
SetLastError
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
FreeLibrary
InterlockedExchange
GlobalFlags
lstrcpyA
HeapQueryInformation
GetSystemDirectoryW
MultiByteToWideChar
GetLastError
WaitForSingleObject
CloseHandle
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
TlsSetValue

user32

CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CopyImage
UnregisterClassA
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
CharUpperA
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
KillTimer
SetTimer
InvalidateRect
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DestroyMenu
GetMenuItemInfoA
InflateRect
GetMenuStringA
InsertMenuA
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
CopyRect
PtInRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
DrawIcon
AppendMenuA
SendMessageA
GetSystemMenu
IsIconic
CheckMenuItem
PostMessageA
PostQuitMessage
GetClientRect
EnableWindow
LoadIconW
GetSystemMetrics
MessageBoxA
SystemParametersInfoA

advapi32

RegDeleteValueA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

oledlg

ord8

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipCreateBitmapFromStream
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

SetRectRgn
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateRectRgnIndirect
LineTo
MoveToEx
SetTextAlign
CreateCompatibleBitmap
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
SetBkMode
RestoreDC
SaveDC
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
GetTextExtentPoint32A
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CombineRgn
GetMapMode
PatBlt
DPtoLP
ExtSelectClipRgn
DeleteDC
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetObjectA
SetBkColor
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
SetTextColor
SelectObject
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

shell32

DragFinish
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
DragQueryFileA
SHGetFileInfoA

ole32

OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateGuid

oleaut32

VariantCopy
SysFreeString
SysAllocStringLen
VariantClear
VariantInit
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VarBstrFromDate
VariantChangeType

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47596ccb5a8dd3d5558a4c6d755b6f6f

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

ws2_32

kernel32

user32

advapi32

msimg32

comctl32

oledlg

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

comdlg32

shell32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 270KB - Virtual size: 269KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 165KB - Virtual size: 165KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 270KB - Virtual size: 269KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 165KB - Virtual size: 165KB