dc0e355b06c525bf8728b11968d457194a5b68a261dae6ed335626a8c9f30ff8

Sharing

Copy URL Twitter E-mail

General

Target

dc0e355b06c525bf8728b11968d457194a5b68a261dae6ed335626a8c9f30ff8
Size

8.4MB
MD5

7e228c0171aff040f0c65d6b4c3b1d1c
SHA1

639bb095dea901e7fe102c10e9a1908e261268bf
SHA256

dc0e355b06c525bf8728b11968d457194a5b68a261dae6ed335626a8c9f30ff8
SHA512

b50d296a82d1f6fcb5642a7a93b27e9e9f1fe9b5eba201436a77021db323749adcaf2425bc731325d0d685fc0e617fe5edcc0da71fa86e87639a27adb40937dc
SSDEEP

98304:iCgsJV6Q6oJetRaE3bwI4x7em0LOWwTTaRBKU1RCb7ihw1ZZFhF35XG:i7sJd6oYaa4Na04ZqXJW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc0e355b06c525bf8728b11968d457194a5b68a261dae6ed335626a8c9f30ff8

Files

dc0e355b06c525bf8728b11968d457194a5b68a261dae6ed335626a8c9f30ff8
.exe windows:6 windows x86 arch:x86

74340dad6403533669a282a9c9862fbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseClipboard
SetClipboardData
IsClipboardFormatAvailable
LoadStringW
ReleaseDC
GetDC
GetPriorityClipboardFormat
GetSysColor
OpenClipboard
KillTimer
SystemParametersInfoW
LoadCursorFromFileW
EnumDisplaySettingsW
RegisterWindowMessageW
PostThreadMessageW
GetQueueStatus
MsgWaitForMultipleObjects
ChangeDisplaySettingsW
SetTimer
MoveWindow
GetFocus
MonitorFromWindow
SetWindowRgn
SetCaretPos
GetMonitorInfoW
ClientToScreen
EnumDisplaySettingsExW
CreateCaret
GetKeyboardLayout
GetForegroundWindow
SetFocus
DestroyCaret
SetCapture
SetCursorPos
GetWindowTextLengthW
GetSystemMenu
AdjustWindowRectEx
GetKeyState
GetMessageExtraInfo
GetMenu
IsWindowVisible
SetActiveWindow
GetMenuItemCount
ScreenToClient
SetWindowTextW
GetCapture
TrackMouseEvent
IsWindowEnabled
SetPropW
LoadIconW
GetClientRect
SetRect
UpdateWindow
ReleaseCapture
InvalidateRect
BeginPaint
EndPaint
GetWindowTextW
GetCursor
WindowFromPoint
LoadCursorW
SetCursor
EndDialog
SetDlgItemTextW
GetDlgItem
DialogBoxParamW
EnableWindow
WaitMessage
LoadAcceleratorsW
ShowWindow
DispatchMessageW
DestroyAcceleratorTable
PeekMessageW
CreateAcceleratorTableW
TranslateAcceleratorW
TranslateMessage
IsIconic
GetSystemMetrics
GetAsyncKeyState
GetWindowThreadProcessId
SendMessageW
EnumWindows
GetCursorPos
GetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
CreateWindowExW
RegisterClassExW
SetWindowLongW
GetClassInfoExW
GetWindowRect
SetWindowPos
GetParent
MessageBoxW
PostQuitMessage
GetClipboardData

gdi32

CreateCompatibleBitmap
SetPixel
GetPixel
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
EnumFontFamiliesExW
EnumFontsW
GetStockObject
DeleteDC
GetObjectW
SelectObject
GetTextMetricsW
GetFontData
CreateFontIndirectW
ExtCreateRegion
CreateRectRgn
DeleteObject
CombineRgn
GetTextExtentPoint32W
GetGlyphOutlineW
GetOutlineTextMetricsW
GetDeviceCaps

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetPathFromIDListW
DragFinish
SHGetSpecialFolderPathW
DragQueryFileW
DragAcceptFiles
SHGetKnownFolderPath
SHBrowseForFolderW
ShellExecuteW

ole32

StringFromGUID2
GetRunningObjectTable
CreateItemMoniker
CoInitialize
CoFreeUnusedLibraries
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoCreateGuid
CoTaskMemAlloc
PropVariantClear

oleaut32

VariantClear

winmm

timeGetDevCaps
timeKillEvent
timeSetEvent
timeGetTime
timeBeginPeriod
timeEndPeriod

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

mpr

WNetGetUniversalNameW

shlwapi

PathFileExistsW
PathIsDirectoryW

imm32

ImmGetOpenStatus
ImmGetContext
ImmIsIME
ImmSetConversionStatus
ImmSetOpenStatus
ImmAssociateContext
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmGetConversionStatus
ImmReleaseContext

dbghelp

MiniDumpWriteDump

quartz

AMGetErrorTextW

propsys

PropVariantToDouble

mfplat

MFStartup
MFShutdown
MFFrameRateToAverageTimePerFrame

mf

MFCreateAudioRendererActivate
MFCreateTopologyNode
MFCreateSourceResolver
MFCreateVideoRendererActivate
MFCreateMediaSession
MFCreateTopology

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 989KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ierdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xfudata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imrdata
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74340dad6403533669a282a9c9862fbd

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winmm

version

mpr

shlwapi

imm32

dbghelp

quartz

propsys

mfplat

mf

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.adata Size: 512B - Virtual size: 80B

.rdata Size: 989KB - Virtual size: 988KB

.data Size: 42KB - Virtual size: 682KB

.rsrc Size: 184KB - Virtual size: 184KB

.reloc Size: 149KB - Virtual size: 149KB

.ierdata Size: 108KB - Virtual size: 108KB

.xfudata Size: 108KB - Virtual size: 108KB

.imrdata Size: 4.0MB - Virtual size: 4.0MB

.text
Size: 2.9MB - Virtual size: 2.9MB

.adata
Size: 512B - Virtual size: 80B

.rdata
Size: 989KB - Virtual size: 988KB

.data
Size: 42KB - Virtual size: 682KB

.rsrc
Size: 184KB - Virtual size: 184KB

.reloc
Size: 149KB - Virtual size: 149KB

.ierdata
Size: 108KB - Virtual size: 108KB

.xfudata
Size: 108KB - Virtual size: 108KB

.imrdata
Size: 4.0MB - Virtual size: 4.0MB