7e821a10b10ef40f8b8f18a55e8f078ca1f0dfc0dc21fa9c2d9de855f8552f3d

Sharing

Copy URL

Twitter E-mail

General

Target

7e821a10b10ef40f8b8f18a55e8f078ca1f0dfc0dc21fa9c2d9de855f8552f3d
Size

353KB
MD5

05a9eccb12c395f883cb8b5134d4099b
SHA1

cc264ca4fac47cb2e15eaad9f6e0dbfb319ed7fb
SHA256

7e821a10b10ef40f8b8f18a55e8f078ca1f0dfc0dc21fa9c2d9de855f8552f3d
SHA512

47f9c3d5972b14500156dae7d27ccf58e2e050e5b995a6ac909f19da525e56c8da32dbd35c7a80b30e635b1f6deb1cd89943931ed214e70970a9ffab1b91d8a0
SSDEEP

6144:8DaVbUprfG5LwGXqFdYgNM8BroPx+Vv4JTv5ndZdsIIFiHlissXzk0F3AttxI:8DaxUpMLwGXmu8BElr5ndZdsIIw7s/Fp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e821a10b10ef40f8b8f18a55e8f078ca1f0dfc0dc21fa9c2d9de855f8552f3d

Files

7e821a10b10ef40f8b8f18a55e8f078ca1f0dfc0dc21fa9c2d9de855f8552f3d
.exe windows:5 windows x86 arch:x86

0e52132df4d902772b98a3cd45230217

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nclstd

ord103
ord106
ord358
ord104
ord105
ord101

kernel32

GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
GetModuleHandleW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTickCount
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
Sleep
ExitProcess
ExitThread
CreateThread
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
TerminateProcess
SetEndOfFile
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
MulDiv
GetCurrentProcessId
SuspendThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
lstrcmpW
GlobalLock
GlobalUnlock
FreeResource
GetVersionExA
GetProcAddress
GetModuleHandleA
LoadLibraryA
SetLastError
MultiByteToWideChar
GlobalFree
GetCurrentProcess
DuplicateHandle
ResumeThread
GetExitCodeThread
SetEvent
WaitForSingleObject
TerminateThread
CreateEventA
ResetEvent
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
GetTempPathA
GetEnvironmentVariableA
lstrcatA
RaiseException
DeleteFileA
lstrcmpA
WriteFile
CreateFileA
GetLastError
GetFileSize
GlobalReAlloc
GlobalAlloc
ReadFile
CloseHandle
lstrcpyA
lstrlenA
FormatMessageA
LocalFree
UnhandledExceptionFilter

user32

PostThreadMessageA
CharUpperA
LoadCursorA
GetSysColorBrush
CharNextA
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
RegisterClipboardFormatA
UnregisterClassA
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
GetNextDlgTabItem
EndDialog
GetFocus
IsWindowEnabled
IsWindow
SetFocus
GetParent
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
EnableMenuItem
AppendMenuA
DrawIcon
MessageBeep
GetSystemMetrics
PostMessageA
wsprintfA
EnableWindow
GetLastActivePopup

gdi32

GetStockObject
GetDeviceCaps
SetWindowExtEx
CreateRectRgnIndirect
ExtSelectClipRgn
GetTextColor
GetRgnBox
GetMapMode
DeleteDC
ScaleViewportExtEx
SetViewportExtEx
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetBkColor
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
ScaleWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoRevokeClassObject
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoUninitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e52132df4d902772b98a3cd45230217

Headers

DLL Characteristics

File Characteristics

Imports

nclstd

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 263KB - Virtual size: 262KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 11KB - Virtual size: 91KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 263KB - Virtual size: 262KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 11KB - Virtual size: 91KB

.rsrc
Size: 18KB - Virtual size: 17KB