a14b403caf20f9d87c6a901a8337247e

Sharing

Copy URL

Twitter E-mail

General

Target

a14b403caf20f9d87c6a901a8337247e
Size

185KB
MD5

a14b403caf20f9d87c6a901a8337247e
SHA1

cae94b1199ddda77508db0cd63f73595527508df
SHA256

3c5b7c86594b582b67d7acd43a5989a4baf42fb96ee390e89cef074fdc0eb4d4
SHA512

2a24b73c3569bbb682358e3395ff1794b125565bd65786018e5d28a2fc37361d4cea8cdc83816f0d9e2c431be558a17ea716db00cd109c26d9ad25d05e1b4c94
SSDEEP

3072:CA04TMR2ENcnllb5oeDp6iebV3G8m7QiIPKE+GFtE3/c10jaDauWOQ:PMSnl4o6DbV3Jy9Aq7a2uW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a14b403caf20f9d87c6a901a8337247e

Files

a14b403caf20f9d87c6a901a8337247e
.exe windows:4 windows x86 arch:x86

544f2c35bcc411cbabdd977aa26ba1a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegQueryInfoKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW

comdlg32

GetFileTitleW

shlwapi

PathFindExtensionW
PathIsUNCW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathStripToRootW
PathAppendW

user32

SetActiveWindow
GetWindowPlacement
EqualRect
LoadIconW
SetPropW
SetRect
CopyAcceleratorTableW
OffsetRect
SetForegroundWindow
IntersectRect
GetClassInfoW
SendDlgItemMessageA
IsChild
GetForegroundWindow
InvalidateRgn
UpdateWindow
RegisterClassW
GetPropW
IsIconic
InvalidateRect
MessageBeep
AdjustWindowRectEx
CharNextW
GetNextDlgTabItem
GetTopWindow
GetMessageTime
GetMenu
CallWindowProcW
RemovePropW
WinHelpW
IsRectEmpty
RegisterWindowMessageW
CreateWindowExW
DefWindowProcW
GetMessagePos
GetNextDlgGroupItem
IsWindow
CharUpperW
GetClientRect
GetClassInfoExW
MapWindowPoints
GetClassLongW
DestroyMenu

oledlg

OleUIBusyW

kernel32

RemoveDirectoryW
GetCalendarInfoW
FindNextFileW
EnumResourceLanguagesW
GetLocaleInfoW
InterlockedExchange
GetCurrentProcessId
GetLocaleInfoA
MoveFileW
ConvertDefaultLocale
SystemTimeToFileTime
CreateMutexW
CreateDirectoryW
SizeofResource
GetVersionExW
GetFileAttributesW
FindFirstFileW
InitializeCriticalSection
FindClose
GetThreadContext
VirtualFree
lstrcmpiA
FindResourceW
LocalFileTimeToFileTime
LoadResource
WideCharToMultiByte
LoadLibraryW
GetProcAddress
EnumResourceNamesA
WaitForSingleObject
ReadFile
lstrcpyW
DeleteFileW
GetModuleHandleW
GetVersion
GetACP
ExitProcess
CloseHandle
GetModuleFileNameW
FreeLibrary
ReleaseMutex
GetThreadLocale
LockResource
WriteFile
RaiseException
CreateFileW
InterlockedDecrement
DeleteCriticalSection
SetFilePointer
MultiByteToWideChar
GetCurrentDirectoryW
GetSystemDefaultLangID
SetFileTime
lstrcmpA

ole32

CLSIDFromProgID
CoRegisterMessageFilter
CoUninitialize
CoRevokeClassObject
OleUninitialize
CoInitialize
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
CoTaskMemAlloc
CoCreateInstance
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoGetClassObject
CLSIDFromString

gdi32

SetViewportExtEx
RectVisible
GetObjectW
SetTextColor
SetMapMode
ExtSelectClipRgn
GetWindowExtEx
TextOutW
ExtTextOutW
GetDeviceCaps
SetViewportOrgEx
Escape
SaveDC
RestoreDC
PtVisible
GetRgnBox
ScaleViewportExtEx
SetWindowExtEx
CreateBitmap
SelectObject
DeleteDC
DeleteObject
SetBkColor
GetBkColor
GetClipBox
GetStockObject
GetViewportExtEx
OffsetViewportOrgEx
ScaleWindowExtEx
GetMapMode
GetTextColor
CreateRectRgnIndirect

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

544f2c35bcc411cbabdd977aa26ba1a8

Headers

File Characteristics

Imports

shell32

advapi32

comdlg32

shlwapi

user32

oledlg

kernel32

ole32

gdi32

winspool.drv

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 72KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 364KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 72KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 364KB