de2191089d1d93b83b463bf645a3cbae

Sharing

Copy URL Twitter E-mail

General

Target

de2191089d1d93b83b463bf645a3cbae
Size

2.2MB
MD5

de2191089d1d93b83b463bf645a3cbae
SHA1

473280c28a29826564ec4ae18a2961fd5e70bb29
SHA256

6b1a8d5111f5904cb593d8563089efec7950a1a46c8dbfb1ef8d56185cb5cb82
SHA512

68d75ae76294a1faae058d0e2f4f88aa775547147e5cbc031e290119ab1602a6711f94c67bf1afdc642cef6ad393087720e9fe90a2ae493354c907629f177e98
SSDEEP

24576:1ZwzhkShQuWyjdbUUKIVd/Kwdw37WugEyypyT35Qbaw3sWH8NNcilzBge3vxNF3N:01//rAHlyy0Tph/r/1geb1N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de2191089d1d93b83b463bf645a3cbae

Files

de2191089d1d93b83b463bf645a3cbae
.exe windows:4 windows x86 arch:x86

78c5807cd3342659b6bfae593d456478

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
SetEnvironmentVariableA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
GetTimeZoneInformation
HeapSize
TerminateProcess
HeapReAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
lstrcpyW
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetCurrentDirectoryA
GlobalSize
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetProcessVersion
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetFileAttributesA
lstrlenW
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetCurrentThread
lstrcmpA
GetTickCount
GetProfileIntA
InterlockedIncrement
InterlockedDecrement
SetLastError
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
GetVersionExA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
GetProfileStringA
GetACP
CopyFileA
FormatMessageA
LocalFree
GlobalAlloc
GetLastError
FindResourceA
LoadResource
LockResource
CreateFileA
SizeofResource
WriteFile
CloseHandle
lstrcatA
CreateProcessA
GetModuleFileNameA
Sleep
GlobalLock
GlobalUnlock
GlobalFree

user32

GetTabbedTextExtentA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindowPlacement
GetLastActivePopup
IsIconic
EqualRect
GetDlgItem
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
GetClassInfoA
ShowWindow
GetDesktopWindow
IsWindowEnabled
PeekMessageA
LoadAcceleratorsA
wsprintfA
AdjustWindowRectEx
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
CallWindowProcA
ScrollDC
CopyIcon
IsWindow
SetWindowLongA
RedrawWindow
MessageBeep
CreateMenu
AppendMenuA
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemInfoA
GetNextDlgGroupItem
GetMenuItemInfoA
DrawEdge
SystemParametersInfoA
GetSystemMenu
CharNextA
UnionRect
GetCursor
DestroyCaret
DrawTextA
DrawIcon
LoadIconA
TrackPopupMenuEx
PostMessageA
GetNextDlgTabItem
DestroyMenu
GetWindowLongA
FrameRect
DrawStateA
DrawFocusRect
GetActiveWindow
GetCapture
WindowFromPoint
LoadImageA
DestroyIcon
DestroyCursor
InflateRect
OffsetRect
KillTimer
ClientToScreen
GetCursorPos
RegisterWindowMessageA
SetCapture
ReleaseCapture
GetKeyState
HideCaret
CreateCaret
SetCaretPos
ShowCaret
ReleaseDC
FillRect
InvalidateRect
ShowScrollBar
GetDC
GetSysColor
GetClientRect
GetFocus
SetFocus
TabbedTextOutA
SetRectEmpty
GetSystemMetrics
IsWindowVisible
SetWindowPos
UnregisterClassA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
WindowFromDC
InSendMessage
SetCursorPos
wvsprintfA
RegisterClipboardFormatA
MapDialogRect
SetScrollRange
GetParent
GetMessagePos
ScreenToClient
EnableWindow
LoadCursorA
SetCursor
SetTimer
UpdateWindow
IsRectEmpty
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
PtInRect
InvertRect
LockWindowUpdate
GetDCEx
GetClassNameA
GetSysColorBrush
ClipCursor
CopyAcceleratorTableA
PostThreadMessageA
CopyRect
GetWindow
LoadMenuA
GetSubMenu
DrawMenuBar
InsertMenuA
RemoveMenu
GetMenuItemID
GetMenuItemCount
GetMenuStringA
LoadBitmapA
SendMessageA
GetWindowRect
GetMenu
SetMenu
FindWindowA
SetWindowContextHelpId
CharUpperA
ShowOwnedPopups
PostQuitMessage
IsClipboardFormatAvailable
IsZoomed
LoadStringA
EndDialog
CreateDialogIndirectParamA
GrayStringA
EndPaint
BeginPaint
GetWindowDC
GetMessageA
TranslateMessage
ValidateRect
DeleteMenu
SetParent
SetRect
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IntersectRect
IsDialogMessageA

gdi32

MoveToEx
BeginPath
GetClipBox
SetROP2
CreateDCA
CreateRectRgn
GetMapMode
GetViewportOrgEx
EnumFontFamiliesExA
GetFontData
GetTextFaceA
StretchDIBits
SetStretchBltMode
CreateDIBitmap
CreateDIBSection
GetObjectType
RestoreDC
SelectClipPath
SetViewportOrgEx
SetMapMode
SaveDC
PolyBezierTo
GetClipRgn
SelectClipRgn
StrokePath
FillPath
WidenPath
ExtCreatePen
SetMiterLimit
RealizePalette
CreatePalette
Ellipse
PatBlt
GetDIBColorTable
CreateHalftonePalette
EnumFontFamiliesA
GetTextMetricsA
GetCharWidthA
SelectPalette
SetBkMode
OffsetViewportOrgEx
SetViewportExtEx
LineTo
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateRectRgnIndirect
SetRectRgn
CombineRgn
DPtoLP
AbortDoc
SetAbortProc
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
CopyMetaFileA
LPtoDP
Rectangle
GetTextAlign
EndPath
StrokeAndFillPath
GetTextColor
GetBkColor
GetTextExtentPoint32A
CreateSolidBrush
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
GetStockObject
GetDIBits
DeleteObject
SetDIBitsToDevice
CreatePen
CreatePatternBrush
UnrealizeObject
SetBrushOrgEx
StartDocA
StartPage
EndPage
EndDoc
CreateFontA
CreateFontIndirectA
GetDeviceCaps
CreateCompatibleBitmap
GetBitmapDimensionEx
ScaleViewportExtEx
GetObjectA
GetTextExtentPointA
SelectObject
BitBlt
CreateCompatibleDC

comdlg32

PrintDlgA
ChooseColorA
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
EnumPrintersA
OpenPrinterA
ClosePrinter

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegCloseKey

shell32

SHGetFileInfoA
DragAcceptFiles
DragFinish
ShellExecuteExA
ShellExecuteA
SHChangeNotify
DragQueryFileA
ExtractIconA

comctl32

ImageList_AddMasked
_TrackMouseEvent
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIcon
ImageList_GetImageInfo
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord8

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
OleDestroyMenuDescriptor
CoGetMalloc
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleIsRunning
OleRun
CreateItemMoniker
WriteClassStg
GetRunningObjectTable
CreateFileMoniker
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoDisconnectObject
StringFromCLSID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CreateDataAdviseHolder
CreateOleAdviseHolder
CreateGenericComposite
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
IsAccelerator
OleCreateMenuDescriptor
OleTranslateAccelerator

olepro32

ord253

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantCopy

msvcrt

??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78c5807cd3342659b6bfae593d456478

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

msvcrt

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 200KB - Virtual size: 196KB

.data Size: 232KB - Virtual size: 250KB

.rsrc Size: 472KB - Virtual size: 471KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 200KB - Virtual size: 196KB

.data
Size: 232KB - Virtual size: 250KB

.rsrc
Size: 472KB - Virtual size: 471KB