aa19462f6a296ece61944221595563eb

Sharing

Copy URL Twitter E-mail

General

Target

aa19462f6a296ece61944221595563eb
Size

180KB
MD5

aa19462f6a296ece61944221595563eb
SHA1

58723532c528398327b4dbda31848537d4aa6231
SHA256

64d2036160fbfceeed2ea034e8632cb230c1b7808a62a382d1c9b4ec480a7640
SHA512

e334b2ed7100ca2060183f6f9ce4781028611455a1461b37c7ef012c452218e232f5a92e76c24ce06e3275d76f064e2774fae2a8c7e4659d8a2b071701dba8f0
SSDEEP

3072:SqG4MpTA/MkAFYcF9kKFH5HOpPRzkw4RDESU8+fQXuKN9ei3xRzKsxKCvS:pETKM3Fl4KR5HOXDMt7+KN9e+FKs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa19462f6a296ece61944221595563eb

Files

aa19462f6a296ece61944221595563eb
.exe windows:4 windows x86 arch:x86

8756b14bf99412d1bacf988222eb4bfe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoFreeUnusedLibraries
OleFlushClipboard
CoRevokeClassObject
CoTaskMemFree
OleInitialize
OleIsCurrentClipboard
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoCreateInstance
CoGetClassObject
CoUninitialize
OleUninitialize
StgCreateDocfileOnILockBytes
CoInitialize
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CLSIDFromString

user32

CharNextW
OffsetRect
IntersectRect
SetActiveWindow
SetRect
GetMessagePos
GetClassInfoW
WinHelpW
GetWindowPlacement
GetClassLongW
MessageBeep
IsIconic
GetForegroundWindow
DefWindowProcW
InvalidateRect
GetMenu
RegisterWindowMessageW
RemovePropW
GetMessageTime
GetClientRect
AdjustWindowRectEx
RegisterClassW
CharUpperW
GetPropW
LoadIconW
CopyAcceleratorTableW
SetForegroundWindow
SetPropW
GetNextDlgGroupItem
IsChild
IsRectEmpty
SendDlgItemMessageA
CallWindowProcW
MapWindowPoints
UpdateWindow
CreateWindowExW
EqualRect
GetNextDlgTabItem
GetTopWindow
InvalidateRgn
IsWindow
GetClassInfoExW
DestroyMenu

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW
PathAppendW

oledlg

OleUIBusyW

comdlg32

GetFileTitleW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

kernel32

GetCurrentProcessId
DeleteCriticalSection
GetSystemDefaultLangID
WideCharToMultiByte
InterlockedDecrement
GetThreadLocale
LoadLibraryW
GetCalendarInfoW
lstrcpyW
GetLocaleInfoA
LoadResource
GetThreadContext
GetVersion
GetFileAttributesW
FindNextFileW
VirtualFree
WaitForSingleObject
GetVersionExW
WriteFile
GetCurrentDirectoryW
SizeofResource
GetLocaleInfoW
SetFileTime
CloseHandle
CreateFileW
EnumResourceNamesA
ReleaseMutex
RaiseException
SetFilePointer
GetACP
CreateDirectoryW
ConvertDefaultLocale
FindFirstFileW
ExitProcess
MultiByteToWideChar
FindClose
ReadFile
RemoveDirectoryW
MoveFileW
FreeLibrary
EnumResourceLanguagesW
LocalFileTimeToFileTime
InterlockedExchange
LockResource
GetModuleFileNameW
GetProcAddress
lstrcmpiA
DeleteFileW
FindResourceW
InitializeCriticalSection
GetModuleHandleW
SystemTimeToFileTime
CreateMutexW
lstrcmpA

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

TextOutW
DeleteDC
ExtTextOutW
SelectObject
OffsetViewportOrgEx
GetViewportExtEx
ExtSelectClipRgn
CreateBitmap
GetRgnBox
DeleteObject
Escape
GetMapMode
GetBkColor
SetViewportExtEx
ScaleWindowExtEx
GetDeviceCaps
SetMapMode
SaveDC
ScaleViewportExtEx
GetObjectW
RectVisible
GetWindowExtEx
SetTextColor
RestoreDC
GetClipBox
PtVisible
SetWindowExtEx
SetViewportOrgEx
SetBkColor
GetStockObject
GetTextColor
CreateRectRgnIndirect

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8756b14bf99412d1bacf988222eb4bfe

Headers

File Characteristics

Imports

ole32

user32

shlwapi

oledlg

comdlg32

advapi32

winspool.drv

kernel32

shell32

gdi32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 72KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 72KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 240KB