ac816c8232c772ecd6df1e64d73b0942

Sharing

Copy URL

Twitter E-mail

General

Target

ac816c8232c772ecd6df1e64d73b0942
Size

660KB
MD5

ac816c8232c772ecd6df1e64d73b0942
SHA1

4f5e21466abad7b66182c5cdea1bb4d858fc9607
SHA256

88dcdcd8626bd3142616975ad69c297c7a7821a3e3b08e0b24e584f927bae959
SHA512

00efb0551e063fa44e2d9dbdf9999430f21eaddf8275f1b6a7095be1f2275aea70a8db12bf621cea659a0dca1ff13ee2e3fdb92facf88aa03718e899aa3925a1
SSDEEP

12288:3MThKcWXP7LEjFctlZS7Jk+wXkHMONVkYEwNPJKazdum:kh9WXP8pKKW/XPYTMm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac816c8232c772ecd6df1e64d73b0942

Files

ac816c8232c772ecd6df1e64d73b0942
.exe windows:4 windows x86 arch:x86

dc3f363c8336f7e42171d085d25515f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\nueiqe.pdb

Imports

user32

BroadcastSystemMessageA
GetPropW
DdeSetUserHandle
CheckMenuItem
DestroyWindow
CharUpperA
GetDlgItemTextW
OemToCharA
EndPaint
CheckRadioButton
RegisterDeviceNotificationA
CharUpperBuffA
LoadBitmapW
AnyPopup
KillTimer
LoadIconA
DdeQueryStringW
TranslateMessage
FindWindowA
UnionRect
SetCapture
EnableWindow
EndDeferWindowPos
DdeCmpStringHandles
RegisterClassExA
IsDialogMessageA
DdeAccessData
EnumDesktopWindows
ChangeDisplaySettingsW
EnumClipboardFormats
MessageBoxIndirectW
ToAsciiEx
EndDialog
IsMenu
SetDeskWallpaper
IsCharLowerA
OemToCharW
GetNextDlgGroupItem
CopyRect
DdeInitializeW
GetScrollPos
ReplyMessage
DialogBoxIndirectParamW
TrackPopupMenuEx
ShowCursor
ModifyMenuA
CreateAcceleratorTableW
SetRectEmpty
DdeConnectList
LoadMenuA
MonitorFromRect
LookupIconIdFromDirectory
SetWindowsHookW
DefMDIChildProcA
GetWindowLongA
ChangeDisplaySettingsExA
GetDlgCtrlID
CharToOemW
ExitWindowsEx
SetUserObjectSecurity
SetDlgItemInt
DrawMenuBar
TabbedTextOutA
DdeAddData
DrawEdge
FindWindowW
SetForegroundWindow
GetMenuItemInfoA
GetOpenClipboardWindow
DlgDirSelectExA
EndMenu
GetSystemMetrics
WinHelpW
GetWindowRgn
MessageBoxW
SetClassLongA
DdeDisconnectList
GetClipboardOwner
SetCursor
GetClipboardData
ScrollWindow
CharLowerW
ShowWindowAsync
GetClipboardFormatNameW
WinHelpA
EnableMenuItem
GetKBCodePage
GetClipCursor
RegisterClassA
GetCursorInfo
RedrawWindow
IsCharLowerW
UnregisterClassA

shell32

DragQueryFileAorW

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_AddMasked
ImageList_LoadImage
InitCommonControlsEx
ImageList_SetImageCount
GetEffectiveClientRect
ImageList_SetIconSize
ImageList_Duplicate
ImageList_Destroy
ImageList_Replace
CreateStatusWindow
ImageList_SetFlags
CreatePropertySheetPageA
ImageList_Copy
ImageList_GetImageRect
CreateToolbar

wininet

InternetGetCookieW
InternetCheckConnectionW
GopherFindFirstFileW
FindCloseUrlCache
InternetConnectA
InternetUnlockRequestFile
SetUrlCacheEntryInfoW

advapi32

CryptSetKeyParam
RegQueryValueExA
RegDeleteKeyA
ReportEventA
CryptGetDefaultProviderW
CryptGetDefaultProviderA
LookupSecurityDescriptorPartsW
CryptSetProviderExA
CryptSetProviderW
CryptGenKey
CryptSetProviderA
RegSetValueExW
CryptSetProviderExW
RegSaveKeyA
CryptDestroyKey
LookupAccountNameW
RegCloseKey
LookupPrivilegeValueW

kernel32

FreeEnvironmentStringsA
VirtualProtect
GetThreadContext
GetSystemInfo
GetCurrentProcessId
WritePrivateProfileSectionW
InterlockedCompareExchange
EnumSystemCodePagesW
UnhandledExceptionFilter
TlsGetValue
DebugBreak
WaitNamedPipeW
WriteFileEx
CreateDirectoryA
GetDateFormatA
LocalFileTimeToFileTime
LoadLibraryA
WideCharToMultiByte
IsBadReadPtr
GetAtomNameW
GetFileType
GetTimeFormatW
CompareStringA
CompareStringW
HeapLock
SetCriticalSectionSpinCount
RemoveDirectoryA
GetFileAttributesW
GetStringTypeA
GetVersionExA
GetSystemDirectoryA
lstrcatW
TlsFree
GetTickCount
GetNamedPipeInfo
IsValidCodePage
CreateProcessA
FindNextChangeNotification
VirtualProtectEx
OutputDebugStringW
CopyFileExA
LocalReAlloc
HeapFree
EnumTimeFormatsA
CreateRemoteThread
GetCurrentThread
GetCommandLineW
GetProcAddress
GetExitCodeProcess
GetCurrentProcess
VirtualFree
TerminateProcess
GetLocaleInfoA
CreateDirectoryExA
EnterCriticalSection
GetStdHandle
LoadLibraryW
SetEnvironmentVariableA
GetProfileSectionA
EnumDateFormatsExA
TlsAlloc
CreateNamedPipeA
InterlockedExchange
MultiByteToWideChar
QueryPerformanceCounter
SetStdHandle
OutputDebugStringA
FindResourceExW
InitializeCriticalSection
HeapAlloc
GetACP
GetStartupInfoA
FindResourceExA
GetCurrentThreadId
LCMapStringA
HeapCreate
GetCommandLineA
TlsSetValue
HeapSize
CommConfigDialogW
GetOEMCP
GetEnvironmentStringsW
WriteConsoleOutputW
SetLastError
CreateSemaphoreA
SetEvent
GetPrivateProfileSectionNamesW
GetModuleHandleA
GetNumberFormatA
GetProcessAffinityMask
SetConsoleCtrlHandler
InterlockedIncrement
CreateMailslotA
SetLocaleInfoA
FlushFileBuffers
GetModuleFileNameA
VirtualAlloc
IsBadWritePtr
GetLocaleInfoW
GlobalGetAtomNameW
GetLocalTime
GetUserDefaultLCID
ReadFile
IsValidLocale
ExitProcess
GlobalGetAtomNameA
EnumCalendarInfoExW
SetFilePointer
OpenMutexA
FreeEnvironmentStringsW
OpenEventW
GetLastError
VirtualQuery
LCMapStringW
HeapReAlloc
GetTimeFormatA
GetSystemTimeAsFileTime
SetLocalTime
GetLogicalDriveStringsA
DeleteCriticalSection
HeapValidate
GetStringTypeW
CloseHandle
EnumSystemLocalesA
VirtualFreeEx
GetTimeZoneInformation
GetSystemDefaultLangID
FormatMessageA
InterlockedDecrement
ReadConsoleOutputW
LocalHandle
MapViewOfFileEx
WritePrivateProfileStructA
HeapDestroy
ContinueDebugEvent
CreateMutexA
CreateMailslotW
EnumResourceNamesA
WriteFile
RtlUnwind
GetEnvironmentStrings
SetHandleCount
FindClose
FindResourceA
lstrcmpi
LeaveCriticalSection
GetCPInfo

Sections

.text
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc3f363c8336f7e42171d085d25515f0

Headers

File Characteristics

PDB Paths

Imports

user32

shell32

comctl32

wininet

advapi32

kernel32

Sections

.text Size: 239KB - Virtual size: 239KB

.rdata Size: 260KB - Virtual size: 260KB

.data Size: 109KB - Virtual size: 136KB

.rsrc Size: 49KB - Virtual size: 49KB

.text
Size: 239KB - Virtual size: 239KB

.rdata
Size: 260KB - Virtual size: 260KB

.data
Size: 109KB - Virtual size: 136KB

.rsrc
Size: 49KB - Virtual size: 49KB