ad3c6d0abf606ca462b946ef6432924c824dab3120a6a35f65d4a166431dbda6

Sharing

Copy URL

Twitter E-mail

General

Target

ad3c6d0abf606ca462b946ef6432924c824dab3120a6a35f65d4a166431dbda6
Size

1.1MB
MD5

8800382a4c0e9a9c474c27ed18e0ccef
SHA1

b19caa64d4436ece0bfcd768fcea3469f9460657
SHA256

ad3c6d0abf606ca462b946ef6432924c824dab3120a6a35f65d4a166431dbda6
SHA512

1e1d07ce8615d79309e09cdb5a147fef233ed6ea22680a47c8e57558a72b3b45fe13313a5ddcabfec2491c15449e43789ab71dd6f8ac243c989e88855174f1c4
SSDEEP

12288:1eeot6qdOAiinu5+Kw6TvVbHsKPAhGXCBdy4jA4mM1s4xx2fPhh1S819HKOhn:IeuJdOmu5ph77XImM1h2B+8fK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad3c6d0abf606ca462b946ef6432924c824dab3120a6a35f65d4a166431dbda6

Files

ad3c6d0abf606ca462b946ef6432924c824dab3120a6a35f65d4a166431dbda6
.exe windows:4 windows x86 arch:x86

a6f8c380b3241e798e39c50ea877468c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

SetEndOfFile
LoadLibraryA
FreeLibrary
GetProfileIntA
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CopyFileA
MoveFileA
Sleep
MulDiv
LocalFree
FormatMessageA
GetLastError
GetVersionExA
GetModuleFileNameA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SetupComm
SetCommMask
CreateFileA
CloseHandle
GetCommMask
SetCommState
GetCommState
ReadFile
SetCommTimeouts
GetCommTimeouts
WriteFile
ClearCommError
PurgeComm
CreateDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
GetDriveTypeA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
HeapSize
GetFileType
SetStdHandle
TerminateProcess
GetACP
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
FindResourceExA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
FindNextFileA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
GetProcAddress
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetFileAttributesA
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
lstrlenW
WaitForSingleObject
lstrcpynA
SetLastError
InterlockedDecrement
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
FindResourceA
LoadResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
lstrcatA
lstrlenA
lstrcpyA
GetProfileStringA
GetProcessHeap
HeapAlloc
HeapFree
GetCurrentThread
GetCurrentProcess
LocalAlloc
IsValidCodePage
MultiByteToWideChar
GetTickCount
FindFirstFileA
FindClose
GetDiskFreeSpaceExA
SetFileAttributesA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetCurrentDirectoryA

user32

GetDCEx
GetMenuStringA
AppendMenuA
InsertMenuA
GetSysColorBrush
GetClassNameA
DestroyCursor
CharUpperA
DestroyIcon
RegisterClipboardFormatA
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
PtInRect
MapDialogRect
GetAsyncKeyState
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
UnionRect
IsRectEmpty
KillTimer
SetTimer
WindowFromPoint
GetWindowThreadProcessId
GetDesktopWindow
WaitMessage
GetMessageA
ValidateRect
GetCursorPos
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ClientToScreen
LoadStringA
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
LockWindowUpdate
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
InvertRect
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
DeleteMenu
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
PostThreadMessageA
FindWindowA
GetTabbedTextExtentA
SetParent
MoveWindow
GetSystemMenu
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
UnregisterClassA
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
LoadImageA
InvalidateRgn
DrawEdge
IsMenu
GetMenuItemInfoA
SetMenuItemInfoA
DrawMenuBar
GetMenuDefaultItem
SetMenuDefaultItem
IsZoomed
DrawFrameControl
CreatePopupMenu
DrawIconEx
RedrawWindow
GetDlgItem
IsWindowEnabled
LoadCursorA
SetCursor
TranslateMessage
wsprintfA
GetScrollPos
CopyRect
FillRect
GetFocus
DrawFocusRect
ReleaseDC
LoadIconA
MessageBoxA
RegisterWindowMessageA
InflateRect
GetDC
SetRect
GetClientRect
LoadBitmapA
InvalidateRect
UpdateWindow
PeekMessageA
DispatchMessageA
MessageBeep
PostMessageA
LoadMenuA
SetMenu
DestroyMenu
SendMessageA
SetCapture
SetFocus
ReleaseCapture
SetActiveWindow
GetParent
GetSysColor
EnableWindow
GetWindowRect
GetWindowDC

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
Escape
PatBlt
CreateRectRgnIndirect
BitBlt
CreateCompatibleDC
CreateDCA
DPtoLP
GetViewportOrgEx
SetAbortProc
GetMapMode
SetRectRgn
CombineRgn
StretchDIBits
CreateCompatibleBitmap
GetCharWidthA
EnumFontFamiliesExA
GetTextColor
GetBkColor
LPtoDP
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
GetCurrentPositionEx
GetTextExtentPointA
FillRgn
Polygon
PaintRgn
CreatePolygonRgn
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
CreateSolidBrush
CreatePen
DeleteObject
GetStockObject
SelectObject
GetObjectA
EndDoc
EndPage
GetTextExtentPoint32A
ExtTextOutA
GetTextMetricsA
CreateFontA
GetDeviceCaps
StartPage
Rectangle
CreateFontIndirectA
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
StartDocA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
AbortDoc
PtInRegion
GetRgnBox
CreateDIBitmap
StretchBlt
RectInRegion
OffsetViewportOrgEx

comdlg32

PrintDlgA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
FreeSid
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
RegCreateKeyA
RegSetValueA
GetFileSecurityA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueExA
CopySid
GetAce
SetFileSecurityA
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

shell32

ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA

comctl32

ImageList_ReplaceIcon
ImageList_GetImageInfo
ImageList_Draw
ord17
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord8

oledlg

ord8

ole32

CoTaskMemAlloc
CoDisconnectObject
StringFromCLSID
CoTaskMemFree
StringFromGUID2
OleFlushClipboard
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
OleRun
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleUninitialize
CoFreeUnusedLibraries

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysStringLen
VariantChangeType
SysFreeString
VariantClear
SysAllocString
VariantCopy
SysAllocStringLen
SysStringByteLen
LoadTypeLi
SysAllocStringByteLen
VarDateFromStr

Sections

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6f8c380b3241e798e39c50ea877468c

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 760KB - Virtual size: 758KB

.rdata Size: 168KB - Virtual size: 165KB

.data Size: 48KB - Virtual size: 63KB

.rsrc Size: 188KB - Virtual size: 184KB

.text
Size: 760KB - Virtual size: 758KB

.rdata
Size: 168KB - Virtual size: 165KB

.data
Size: 48KB - Virtual size: 63KB

.rsrc
Size: 188KB - Virtual size: 184KB