834e05af27bfe0fcdb045a226d37196d

Sharing

Copy URL

Twitter E-mail

General

Target

834e05af27bfe0fcdb045a226d37196d
Size

706KB
MD5

834e05af27bfe0fcdb045a226d37196d
SHA1

21eb764cf36045d141f96f870cbaa30ed06575d3
SHA256

8d77cbb7e76c2127e13437f551c0e5907902cd3102eb58d7b8c3e0f7f670214e
SHA512

db97e61930ee4a86be0f9105e9bbc63fea768f1b091afed298295fb73c6cf3f91284ec3d3a092a4fabd4ad335f0321eab4d89035cbb16a88a90ce1829bf02ef7
SSDEEP

12288:rXJPiW2+w7SuTKfUVLgofr1RFMNnKcSCXxyfjvCPaPsb0z/888888888888W888D:rXJPimSVLLgoz1RRCXxyfjvzP1Ku

Score

1^/10

Malware Config

Signatures

Files

834e05af27bfe0fcdb045a226d37196d
.exe windows:4 windows x86 arch:x86

7c81094f01204e25d92319dab79a9d59

Code Sign

3a:be:7e:73:75:0d:6b:58:b4:1e:0b:12:73:94:5f:e1
Certificate

Issuer

CN=EZIOLHHGQANMUKKAHE

Not Before

15-07-2020 07:44

Not After

31-12-2039 23:59

Subject

CN=EZIOLHHGQANMUKKAHE

Extended Key Usages

ExtKeyUsageCodeSigning

33:1a:53:9d:46:b8:3f:90:b8:cf:01:53:83:f9:08:a7:3b:03:bd:1c
Signer

Actual PE Digest

33:1a:53:9d:46:b8:3f:90:b8:cf:01:53:83:f9:08:a7:3b:03:bd:1c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
RegisterWaitForSingleObject
GetUserDefaultUILanguage
UnregisterWait
GetCurrentProcess
FlushInstructionCache
RaiseException
WideCharToMultiByte
GetSystemTime
GetSystemDirectoryW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetExitCodeThread
GetStringTypeExW
MultiByteToWideChar
GetLocaleInfoW
GetCommandLineW
SetCurrentDirectoryW
OutputDebugStringW
DebugBreak
FatalExit
SearchPathW
GetSystemDefaultUILanguage
GetVersionExW
LoadLibraryExW
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
HeapSetInformation
DuplicateHandle
LocalAlloc
GetModuleFileNameW
GetModuleHandleW
GetFileType
CreateFileW
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
VerifyVersionInfoW
VerSetConditionMask
LocalFree
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
FormatMessageW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetLastError
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchange
InterlockedCompareExchange
CreateEventW
FreeLibrary
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
CloseHandle
GetCurrentThread
SetEvent
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
TerminateJobObject
WaitForMultipleObjects
CreateThread
SetLastError
TerminateProcess
AssignProcessToJobObject
SetInformationJobObject
CreateJobObjectW
QueueUserWorkItem
WaitForSingleObject
ResetEvent
OpenEventW
CompareStringW
CompareFileTime
SystemTimeToFileTime
GetVolumeNameForVolumeMountPointA
TlsGetValue
SetTimeZoneInformation
SetProcessAffinityMask
GetLogicalDriveStringsW
GetPrivateProfileStructW
EndUpdateResourceA
WritePrivateProfileStructW
GetFileSize
CreatePipe
GetProfileStringW
FileTimeToLocalFileTime
SetNamedPipeHandleState
WriteFile
lstrcpyW
FindFirstChangeNotificationA
GlobalReAlloc
RequestDeviceWakeup
SetCommTimeouts
SetCommMask
GetFileAttributesExA
SetFileApisToOEM
EnumDateFormatsExA
SetFileApisToANSI
PulseEvent
MulDiv
GetNumberOfConsoleMouseButtons
FlushConsoleInputBuffer
WaitCommEvent
GetProcessTimes
GetFileAttributesExW
SwitchToThread
lstrlenW
lstrcmpiW
ReleaseActCtx
CreateActCtxW
ActivateActCtx
DeactivateActCtx
CreateTimerQueueTimer
FindFirstFileW
FindClose
GetTempPathW
GetTempFileNameW
GetNativeSystemInfo
GetEnvironmentVariableW
CreateProcessW
GetExitCodeProcess
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineA
GetStartupInfoA
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
VirtualAllocEx

user32

DestroyMenu
AppendMenuW
EnableMenuItem
TrackPopupMenuEx
ScreenToClient
IsWindowVisible
GetWindow
SetCursor
PostQuitMessage
IsChild
DialogBoxParamW
GetKeyboardLayout
GetKeyboardLayoutList
IsRectEmpty
SetActiveWindow
IsDialogMessageW
DispatchMessageW
TranslateMessage
GetMessageW
CharNextW
CharUpperW
GetKeyState
GetClassNameW
MsgWaitForMultipleObjects
SetWindowRgn
SetScrollInfo
GetScrollInfo
ScrollWindowEx
EnableWindow
GetSysColorBrush
MessageBoxW
ShowWindow
MapWindowPoints
GetDlgCtrlID
SystemParametersInfoW
GetSystemMetrics
CloseDesktop
SetThreadDesktop
CreatePopupMenu
SetWindowPos
DestroyWindow
LoadStringW
UnregisterClassA
PostMessageW
IsWindow
CreateDesktopW
GetThreadDesktop
GetUserObjectInformationW
OpenInputDesktop
GetDesktopWindow
PeekMessageW
ReleaseDC
GetDC
DestroyIcon
LoadImageW
GetSysColor
CallWindowProcW
SetWindowLongW
SendMessageW
GetClientRect
BeginPaint
EndPaint
InvalidateRect
IsWindowEnabled
GetClassInfoExW
LoadCursorW
DefWindowProcW
EnumDisplayMonitors
GetMonitorInfoW
UpdateWindow
SetTimer
RegisterClassExW
GetWindowLongW
GetFocus
GetWindowTextW
GetWindowTextLengthW
CopyRect
InflateRect
DrawFocusRect
GetDialogBaseUnits
SetClassLongW
CreateWindowExW
SetWindowTextW
KillTimer
EndDialog
SwitchDesktop
GetWindowRect
GetDlgItem
CreateAcceleratorTableW
FillRect
DestroyAcceleratorTable
TranslateAcceleratorW
TrackMouseEvent
PtInRect
ClientToScreen
BeginDeferWindowPos
EndDeferWindowPos
SetFocus
GetCaretPos
GetQueueStatus
EqualRect
OffsetRect
SendInput
DeferWindowPos
MoveWindow
GetParent
DialogBoxIndirectParamW
WINNLSEnableIME
GetMenuDefaultItem
SetWindowContextHelpId
DdeUninitialize
GetMessageTime
VkKeyScanExA
SetKeyboardState
InsertMenuA
GetMessageA
SetDlgItemInt
CreateMDIWindowW
BroadcastSystemMessageW
MessageBoxA
WaitForInputIdle
MessageBeep
LoadIconW
IsGUIThread
LoadCursorFromFileA
GetOpenClipboardWindow
CloseClipboard
GetMenuItemCount
GetMessagePos
GetForegroundWindow
ShowCaret
CloseWindow
GetClipboardViewer
GetCapture
GetClipboardOwner
IsCharUpperA
IsCharUpperW
GetMenuContextHelpId
CharLowerW

gdi32

GetStockObject
DeleteObject
GetObjectA
CreateFontIndirectW
GetDeviceCaps
GetObjectW
DeleteDC
BitBlt
SelectObject
SetLayout
CreateCompatibleDC
CreateRoundRectRgn
SetBkMode
GetDIBits
CreateCompatibleBitmap
StretchBlt
CreateDIBSection
SetDIBits
CreateDCW
GetTextExtentPoint32W
GetTextColor
GetBkColor
CreateICW
CreateSolidBrush
SetTextColor
SetBkColor
DrawEscape
DeleteColorSpace
CopyMetaFileW
EudcUnloadLinkW
GdiEntry12
EngQueryLocalTime
GetCharABCWidthsFloatA
SetDeviceGammaRamp
GetStringBitmapW
PlgBlt
AnyLinkedFonts
EngMultiByteToUnicodeN
CreateMetaFileW
CloseMetaFile
CreateHalftonePalette
FillPath
CreateMetaFileA
CreatePatternBrush
EndPath
EndDoc
DeleteEnhMetaFile
EndPage
FlattenPath
DeleteMetaFile
CloseFigure
GetColorSpace
RealizePalette
GetEnhMetaFileW
CancelDC
GetFontLanguageInfo
AbortPath
SwapBuffers
StrokePath
GetPixelFormat
GetBkMode
GetTextAlign

advapi32

InitializeAcl
GetAclInformation
GetSecurityDescriptorControl
CryptSignHashW
CryptGetUserKey
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptGetProvParam
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptSetProvParam
CryptDecrypt
CryptDestroyKey
CryptSetHashParam
OpenProcessToken
GetTokenInformation
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ConvertStringSidToSidW
LookupAccountSidW
CryptGetHashParam
CryptHashData
CryptDestroyHash
GetSecurityInfo
AdjustTokenPrivileges
GetAce
LookupPrivilegeValueW
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
ImpersonateSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
EqualSid
CopySid
IsValidSid
GetLengthSid
OpenThreadToken
SetThreadToken
RevertToSelf
GetSecurityDescriptorLength
MakeSelfRelativeSD
InitializeSecurityDescriptor
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
MakeAbsoluteSD
AddAce
CreateRestrictedToken
CreateProcessAsUserW
CreateWellKnownSid
LsaOpenPolicy
LsaLookupPrivilegeValue
LsaNtStatusToWinError
LsaClose
GetKernelObjectSecurity
SetTokenInformation
AddAccessAllowedAce
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
GetSidSubAuthorityCount
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
TraceEvent
RegOpenKeyW
RegQueryValueExA

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW
ExtractIconEx
FindExecutableW
DragQueryFileA
SHGetSpecialFolderLocation
CheckEscapesW
ShellAboutA
SHGetPathFromIDList
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHInvokePrinterCommandA
SHFormatDrive
SHLoadInProc
SHGetDiskFreeSpaceExA
ShellExecuteW

ole32

CoTaskMemFree
StgCreateStorageEx
CreateStreamOnHGlobal
CoCreateGuid
StringFromGUID2
CoInitializeEx
CoUninitialize
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoRevokeClassObject
CoReleaseMarshalData
CreateBindCtx
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemRealloc
CoInitialize
CoRegisterClassObject

shlwapi

PathFindExtensionW
PathAddBackslashW
StrRChrIA
AssocQueryStringW

comctl32

ImageList_Destroy
ImageList_Add
ImageList_Create

Sections

.text
Size: 475KB - Virtual size: 474KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c81094f01204e25d92319dab79a9d59

Code Sign

3a:be:7e:73:75:0d:6b:58:b4:1e:0b:12:73:94:5f:e1Certificate

Extended Key Usages

33:1a:53:9d:46:b8:3f:90:b8:cf:01:53:83:f9:08:a7:3b:03:bd:1cSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 475KB - Virtual size: 474KB

.rdata Size: 512B - Virtual size: 169B

.rdata2 Size: 512B - Virtual size: 483B

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 213KB - Virtual size: 213KB

3a:be:7e:73:75:0d:6b:58:b4:1e:0b:12:73:94:5f:e1
Certificate

33:1a:53:9d:46:b8:3f:90:b8:cf:01:53:83:f9:08:a7:3b:03:bd:1c
Signer

.text
Size: 475KB - Virtual size: 474KB

.rdata
Size: 512B - Virtual size: 169B

.rdata2
Size: 512B - Virtual size: 483B

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 213KB - Virtual size: 213KB