45b3c27d336a1cd6fe0310fcf29d0a724e8acc785799eefee365a1e349cfaa68

Sharing

Copy URL Twitter E-mail

General

Target

45b3c27d336a1cd6fe0310fcf29d0a724e8acc785799eefee365a1e349cfaa68
Size

1.2MB
MD5

dd788d83e17d0aa82c9152a0e9bc5f01
SHA1

1ae54dd7ccff27c3939c2a19ffc7dbcf4cfef6c7
SHA256

45b3c27d336a1cd6fe0310fcf29d0a724e8acc785799eefee365a1e349cfaa68
SHA512

565d348cb1b4b48fa196b7af57083c08d7cddb5dae5f6aabb726cc05a299823e2725279d9a4f90055188d08f207f5949166b34f8ff056a178206f76e1d43ee91
SSDEEP

24576:cMlMWNo6lLI6s9kjtnAGukvnxsKDY+km2IQAvHlkEzb/Z8f+TXc:c76lDAanAGukvxHDJkmPQA/lDb/Z8h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b3c27d336a1cd6fe0310fcf29d0a724e8acc785799eefee365a1e349cfaa68

Files

45b3c27d336a1cd6fe0310fcf29d0a724e8acc785799eefee365a1e349cfaa68
.exe windows:5 windows x86 arch:x86

2d35ffbed288ae6f5477eddf6fe6bd79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessAffinityMask
GlobalMemoryStatus
GetAtomNameA
MulDiv
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
lstrlenA
GlobalFree
InterlockedDecrement
lstrcmpA
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetFileSizeEx
GetFileTime
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
FileTimeToSystemTime
SetErrorMode
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
VirtualProtect
VirtualQuery
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
InitializeCriticalSectionAndSpinCount
HeapCreate
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetHandleInformation
GetFileAttributesW
FindFirstFileW
GetCurrentDirectoryA
GetCurrentDirectoryW
DeleteFileW
CreateDirectoryW
MoveFileA
MoveFileW
RemoveDirectoryW
SetFileAttributesA
SetFileAttributesW
CreateFileW
SetFileTime
FormatMessageA
FormatMessageW
LocalFree
GetModuleFileNameW
FreeLibrary
lstrcatA
GetVersionExA
CompareFileTime
SetConsoleCtrlHandler
AreFileApisANSI
InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
SetEvent
CreateEventA
IsProcessorFeaturePresent
GetVersion
VirtualFree
VirtualAlloc
GetStdHandle
GetFileInformationByHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
GetLocalTime
GetTickCount
GetCurrentProcess
GetFileAttributesA
MultiByteToWideChar
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempFileNameA
DeleteFileA
GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
GetSystemInfo
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFilePointer
ReadFile
GetDiskFreeSpaceExA
Sleep
CreateDirectoryA
GetSystemDirectoryA
GetTempPathA
CreateFileA
WriteFile
GetShortPathNameA
GetModuleFileNameA
FileTimeToLocalFileTime
FileTimeToDosDateTime
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
WinExec
GetLogicalDriveStringsA
GetWindowsDirectoryA
GetLastError
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
WritePrivateProfileStringA
WideCharToMultiByte

user32

GetSysColorBrush
UnregisterClassA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
SetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetScrollInfo
GetDlgCtrlID
IntersectRect
SystemParametersInfoA
GetWindowPlacement
LoadCursorA
DefWindowProcA
TrackPopupMenuEx
SetForegroundWindow
GetWindow
GetSubMenu
GetMenuItemID
SetWindowsHookExA
GetMenu
CallNextHookEx
GetMenuItemCount
GetMenuItemInfoA
UnhookWindowsHookEx
SetWindowPos
CallWindowProcA
IsWindowVisible
SetWindowLongA
MapWindowPoints
GetCursorPos
ScreenToClient
AdjustWindowRect
SetWindowRgn
IsZoomed
PostMessageA
PtInRect
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
CharUpperW
CharUpperA
GetWindowDC
SetRect
KillTimer
SetTimer
ReleaseDC
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
GetInputState
PostThreadMessageA
GetMessageA
GetDC
PostQuitMessage
UpdateWindow
IsWindow
IsRectEmpty
DestroyMenu
SetWindowContextHelpId
MapDialogRect
ValidateRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
EndPaint
BeginPaint
GetScrollBarInfo
BringWindowToTop
DrawIconEx
GetSystemMetrics
GetKeyState
GetFocus
LoadBitmapA
GetSysColor
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetCursor
ReleaseCapture
LoadImageA
GetIconInfo
GetWindowLongA
WindowFromPoint
SetCapture
GetCapture
GetActiveWindow
RedrawWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
DrawFocusRect
FrameRect
FillRect
OffsetRect
InflateRect
CopyRect
DrawStateA
SendMessageA
EnableWindow
LoadIconA
DestroyIcon
GetParent

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
OffsetViewportOrgEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetViewportOrgEx
SetMapMode
SetStretchBltMode
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
CreateCompatibleBitmap
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
GetDeviceCaps
SetGraphicsMode
SetWorldTransform
PatBlt
Rectangle
CreateFontA
CreateFontIndirectA
GetStockObject
StretchBlt
GetObjectA
CreateBitmap
DeleteObject
CreateSolidBrush
CreatePen
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
SelectObject
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFolderLocation
ShellExecuteA
SHChangeNotify
SHGetSpecialFolderPathA
ShellExecuteExA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoCreateInstance
OleInitialize
OleUninitialize
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringByteLen
VariantInit
VariantChangeType
VariantCopy
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString

dbghelp

MiniDumpWriteDump

Exports

Exports

GetGlobalDataPointer
SfxStreamInterface

Sections

.text
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Dwinuar
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 630KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d35ffbed288ae6f5477eddf6fe6bd79

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

dbghelp

Exports

Exports

Sections

.text Size: 471KB - Virtual size: 470KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 17KB - Virtual size: 59KB

.Dwinuar Size: 16KB - Virtual size: 16KB

.rsrc Size: 630KB - Virtual size: 632KB

.text
Size: 471KB - Virtual size: 470KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 17KB - Virtual size: 59KB

.Dwinuar
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 630KB - Virtual size: 632KB