ac3d41e738a57047db70ceda8a328dd3b32e1bf57757c91569b6ef80a6affcb3

Sharing

Copy URL

Twitter E-mail

General

Target

ac3d41e738a57047db70ceda8a328dd3b32e1bf57757c91569b6ef80a6affcb3
Size

1.7MB
MD5

be47ca12e75bf990586874269f0594a6
SHA1

e10a9863bc9391a9bd66e43884e9e79b5ca021c6
SHA256

ac3d41e738a57047db70ceda8a328dd3b32e1bf57757c91569b6ef80a6affcb3
SHA512

9823298cabdf83020a5f353e2f1c13c4087a398d9f4941167694bdf19f5d3945f4b02abf57718d3078a7042f1ed9592362e797190b21334f3df991b919a7c9f0
SSDEEP

24576:YWFa/P2+Y/3eZxkOIVBxwkqd2LZjW1xqS73k1hNh:fa32B2ZxpIGkq+j6oi4h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac3d41e738a57047db70ceda8a328dd3b32e1bf57757c91569b6ef80a6affcb3

Files

ac3d41e738a57047db70ceda8a328dd3b32e1bf57757c91569b6ef80a6affcb3
.exe windows:5 windows x86 arch:x86

d46a01b61c43c000eed5220abcd9d0aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleHandleA
FlushFileBuffers
GetStdHandle
WriteFile
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
WideCharToMultiByte
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreateThread
GlobalHandle
GlobalFree
CreateEventW
GetModuleHandleW
LoadLibraryExW
GetLocaleInfoW
GetUserDefaultLangID
FormatMessageW
LocalFree
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
lstrcmpW
DeleteCriticalSection
InitializeCriticalSection
SetLastError
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
CreateMutexW
RaiseException
LoadLibraryW
GetLastError
GetProcAddress
ReleaseMutex
WaitForSingleObject
CloseHandle
FreeLibrary
lstrcmpiW
lstrlenW
lstrcpyW
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
MulDiv
GetCurrentProcess
FlushInstructionCache
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameA

user32

GetWindowLongW
SetWindowTextW
SendMessageW
GetWindowRect
GetClientRect
DestroyWindow
IsWindow
SetWindowPos
DestroyIcon
EndDialog
GetSysColorBrush
GetSysColor
CreateWindowExW
SetWindowLongW
PostMessageW
SetRect
OffsetRect
GetScrollPos
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CreateDialogParamW
CreateDialogIndirectParamW
GetDlgItem
ExitWindowsEx
RegisterWindowMessageW
PostQuitMessage
MessageBoxW
CreateAcceleratorTableW
GetActiveWindow
DialogBoxParamW
RegisterClassExW
GetClassInfoExW
DefWindowProcW
MapWindowPoints
DestroyAcceleratorTable
GetDesktopWindow
IsChild
InvalidateRgn
ClientToScreen
MoveWindow
MapDialogRect
SetWindowContextHelpId
GetCursorPos
GetCapture
ReleaseCapture
PtInRect
SetCapture
UpdateWindow
SetRectEmpty
ReleaseDC
SetFocus
LoadAcceleratorsW
TranslateAcceleratorW
GetWindow
MonitorFromWindow
GetMonitorInfoW
IsDialogMessageW
SendDlgItemMessageW
EnableWindow
ScreenToClient
SetCursor
IsWindowEnabled
GetClassNameW
LoadCursorW
GetFocus
CharNextW
DrawFocusRect
GetDlgCtrlID
CopyRect
GetSystemMetrics
LoadImageW
GetDC
SystemParametersInfoW
RedrawWindow
IsWindowVisible
ShowWindow
EndPaint
BeginPaint
CallWindowProcW
DrawTextW
FillRect
DrawIconEx
GetParent
InvalidateRect
GetWindowTextLengthW
GetWindowTextW
UnregisterClassA

gdi32

RestoreDC
SaveDC
DeleteObject
CreateFontIndirectW
SetBkMode
RoundRect
CreateSolidBrush
DeleteDC
SetDCBrushColor
SetDCPenColor
SetBkColor
SetTextColor
GetStockObject
CreateCompatibleDC
GetObjectW
ExtTextOutW
CreateCompatibleBitmap
StretchBlt
GetTextMetricsW
BitBlt
GetDeviceCaps
Rectangle
SelectObject
CreatePen

advapi32

GetTokenInformation
EqualSid
FreeSid
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
OpenProcessToken
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

OleCreateFontIndirect
SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysFreeString
VariantClear
VariantInit
SysAllocString
SysAllocStringLen

shlwapi

ord176
UrlEscapeW

comctl32

CreatePropertySheetPageW
PropertySheetW
ImageList_Create
ImageList_AddMasked
ImageList_Draw
InitCommonControlsEx
DestroyPropertySheetPage
_TrackMouseEvent

gdiplus

GdiplusShutdown

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 592KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d46a01b61c43c000eed5220abcd9d0aa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

comctl32

gdiplus

Sections

.text Size: 265KB - Virtual size: 264KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 14KB - Virtual size: 23KB

.rsrc Size: 795KB - Virtual size: 794KB

.reloc Size: 592KB - Virtual size: 596KB

.text
Size: 265KB - Virtual size: 264KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 14KB - Virtual size: 23KB

.rsrc
Size: 795KB - Virtual size: 794KB

.reloc
Size: 592KB - Virtual size: 596KB