edd5c0d486eb38d76b3c4b73a17d212e23f4e2c4b81f977144708d42b9bd8459

Sharing

Copy URL Twitter E-mail

General

Target

edd5c0d486eb38d76b3c4b73a17d212e23f4e2c4b81f977144708d42b9bd8459
Size

2.1MB
MD5

4f20796958fb688a413fda38b9b02348
SHA1

efbfc7059fbd0102562338eee0c9878621dede93
SHA256

edd5c0d486eb38d76b3c4b73a17d212e23f4e2c4b81f977144708d42b9bd8459
SHA512

3f0da74ab8457f08233c78f10be3cf254022e92701c1246527cb39b7b3f60c73e77306c850b5d6a5bbf62fc4375aa1e4253bd248b3b90f7a62906637fee0e879
SSDEEP

24576:HdsXEmwN1DqxvfE+DFfMRPEO5BlOObPB9cLOP0zMIE+BhhTz6jNJ2P8/hjv8Q0C8:60m2qhDFfMRLlLR0B6n5jv8Q0pQxDi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edd5c0d486eb38d76b3c4b73a17d212e23f4e2c4b81f977144708d42b9bd8459

Files

edd5c0d486eb38d76b3c4b73a17d212e23f4e2c4b81f977144708d42b9bd8459
.dll windows:4 windows x86 arch:x86

ae07852859c142eb8a02c421363afbd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
GetSystemInfo
SetStdHandle
GetFileType
ExitProcess
HeapSize
TerminateProcess
TlsGetValue
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LocalAlloc
GetFileTime
GetFileAttributesW
CreateFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GetVersionExW
FreeResource
CompareStringW
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
InterlockedExchangeAdd
VirtualAlloc
VirtualProtect
LoadLibraryA
SetFilePointer
GetFileSize
WriteFile
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
GetCurrentThreadId
InterlockedCompareExchange
VirtualFree
VirtualQuery
CreateEventA
TerminateThread
ResumeThread
WaitForSingleObject
SetEvent
InterlockedExchange
GetPrivateProfileStringW
LoadLibraryExW
WritePrivateProfileStringW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetVersion
CloseHandle
DeleteCriticalSection
RaiseException
GetCurrentThread
FreeLibrary
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
GetLocalTime
GetLastError
SetLastError
LoadLibraryW
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalFindAtomW
GlobalAddAtomW
Beep
GlobalDeleteAtom
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcessId
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
UnhandledExceptionFilter
WideCharToMultiByte

user32

UnregisterClassW
CharUpperW
PostThreadMessageW
DrawTextExW
TabbedTextOutW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
GetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageW
DispatchMessageW
GetSystemMetrics
IsZoomed
CharNextW
GetNextDlgGroupItem
OffsetRect
FillRect
DrawFrameControl
InflateRect
DrawFocusRect
DrawTextW
RegisterWindowMessageW
GetSysColor
GetAsyncKeyState
CreateWindowExW
RegisterClassExW
BeginPaint
EndPaint
DefWindowProcW
IsIconic
ShowWindow
MoveWindow
GetWindowLongW
IsWindowUnicode
GetClassLongW
GetClassLongA
GetWindowThreadProcessId
DestroyMenu
GetSysColorBrush
RegisterClipboardFormatW
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
GrayStringW
GetWindow
GetDesktopWindow
GetWindowDC
EqualRect
SetRect
IsRectEmpty
RegisterHotKey
UnregisterHotKey
ClientToScreen
GetClientRect
GetFocus
IsWindowVisible
PostMessageW
ReleaseDC
GetDC
GetCursorPos
ScreenToClient
ReleaseCapture
LoadCursorW
SetCursor
IsWindow
LoadIconW
SetCapture
KillTimer
SetTimer
InvalidateRect
GetWindowRect
DrawIcon
PtInRect
MessageBoxW
GetKeyNameTextW
EnableWindow
GetParent
SendMessageW
GetMenuState
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
GetDeviceCaps
GetStockObject
CreateFontIndirectW
GetBkColor
CreateSolidBrush
SetBkMode
SetTextColor
GetTextExtentPoint32W
CreateDIBitmap
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetROP2
CreatePen
SelectObject
Rectangle
EnumFontFamiliesExW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
GetTokenInformation
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileW

shlwapi

PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

LoadTypeLi
SysStringLen
VariantChangeType
VarUI4FromStr
SysAllocString
VariantCopy
VariantClear
VariantInit
SysFreeString
SysAllocStringLen

Exports

Exports

InitApp

Sections

.text
Size: 588KB - Virtual size: 585KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 676KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 644KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae07852859c142eb8a02c421363afbd9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 588KB - Virtual size: 585KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 16KB - Virtual size: 48KB

.vmp0 Size: 676KB - Virtual size: 672KB

.reloc Size: 48KB - Virtual size: 45KB

.rsrc Size: 644KB - Virtual size: 640KB

.text
Size: 588KB - Virtual size: 585KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 16KB - Virtual size: 48KB

.vmp0
Size: 676KB - Virtual size: 672KB

.reloc
Size: 48KB - Virtual size: 45KB

.rsrc
Size: 644KB - Virtual size: 640KB