d813c45ed06530988273a8abbceb39d7ac892f63c4ba0151e0aba8100a58cfe0

Sharing

Copy URL

Twitter E-mail

General

Target

d813c45ed06530988273a8abbceb39d7ac892f63c4ba0151e0aba8100a58cfe0
Size

2.0MB
MD5

69d2c2fa41abef3389c431f627a10238
SHA1

b5055576a286f230d8a82ec3087ebf1d13806b9e
SHA256

d813c45ed06530988273a8abbceb39d7ac892f63c4ba0151e0aba8100a58cfe0
SHA512

beedfbb07d9d2e794a84cce9dd7863cd28db65be12215f2695a243ad7ad85b9828428409155bcea23a48bbe4d05c50d234ef72439c3f0b7864056572da8e7a06
SSDEEP

24576:1EjsHrn0GG5KsFEeh96ri+ouysp21LWZvKwk+KIWsp/yX6odtQlMCKc7CCMzLE4k:1E3Gfs2Nmpuysp21Lildj1YYh/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d813c45ed06530988273a8abbceb39d7ac892f63c4ba0151e0aba8100a58cfe0

Files

d813c45ed06530988273a8abbceb39d7ac892f63c4ba0151e0aba8100a58cfe0
.exe windows:4 windows x86 arch:x86

35a0e0b25e6772d925a10d3516c7feb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

comctl32

ImageList_Write
ord17
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_SetIconSize

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

CreateEventA
CreateFileA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnumCalendarInfoA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
FormatMessageA
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCommandLineW
GetComputerNameA
GetCPInfo
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProfileStringA
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetStringTypeExW
GetThreadLocale
GetTimeZoneInformation
GetUserDefaultLCID
CreateDirectoryW
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
InterlockedDecrement
CreateDirectoryA
InterlockedIncrement
LoadLibraryExA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
lstrcmpA
lstrcmpW
lstrcpyA
lstrcpynA
lstrlenA
MulDiv
MultiByteToWideChar
QueryPerformanceFrequency
RaiseException
ReadFile
ResetEvent
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadLocale
SizeofResource
Sleep
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapReAlloc
HeapAlloc
GetOEMCP
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentProcess
TerminateProcess
GetVersion
RtlUnwind
CompareStringW
CompareStringA
CloseHandle
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedExchange
GetVersionExA

user32

GetDlgItem
EmptyClipboard
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardState
GetKeyboardType
GetKeyNameTextA
GetKeyNameTextW
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
GetDesktopWindow
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
GetClassLongA
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SendMessageTimeoutA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetClipboardViewer
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetMenuItemInfoW
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExA
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
VkKeyScanW
WaitMessage
WindowFromPoint
BeginPaint
BringWindowToTop
CallNextHookEx
DrawTextW
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
CreateWindowExW
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameW
RegisterClassW
GetClassNameA
CallWindowProcA
CallWindowProcW
ChangeClipboardChain
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharNextA
CharNextW
CharToOemA
CharUpperA
CharUpperBuffA
CharUpperBuffW
GetClassInfoW
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
RemovePropA
EnableMenuItem
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateMDIWindowW
CreateIconIndirect
CreateIconFromResourceEx
CountClipboardFormats
CopyIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
GetFocus

comdlg32

GetSaveFileNameW
GetSaveFileNameA

advapi32

RegCloseKey
RegQueryValueExA
DuplicateToken
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
OpenThreadToken
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegOpenKeyExW

shell32

ShellExecuteExW
ShellExecuteExA
ShellExecuteA
DragQueryFileW
DragFinish
ShellExecuteW

ole32

OleDraw
CoUninitialize
CoCreateInstance
IsAccelerator
CreateStreamOnHGlobal
CoGetClassObject
CoTaskMemFree
OleSetMenuDescriptor
ProgIDFromCLSID
StringFromCLSID
CoTaskMemAlloc

oleaut32

VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SetErrorInfo
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
SafeArrayAccessData
VariantInit

Sections

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 432KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_INST_1
Size: 799KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

35a0e0b25e6772d925a10d3516c7feb7

Headers

File Characteristics

Imports

mpr

comctl32

version

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 760KB - Virtual size: 758KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 432KB - Virtual size: 432KB

_INST_1 Size: 799KB - Virtual size: 800KB

.text
Size: 760KB - Virtual size: 758KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 432KB - Virtual size: 432KB

_INST_1
Size: 799KB - Virtual size: 800KB