de2fec88fdfdd9d58aef5b1f282ca98f

Sharing

Copy URL Twitter E-mail

General

Target

de2fec88fdfdd9d58aef5b1f282ca98f
Size

192KB
MD5

de2fec88fdfdd9d58aef5b1f282ca98f
SHA1

05ee6922515c8fb25a4095ccca09c9ca364b382e
SHA256

ec850fd92ee9bcabcf6c2f4bdfdc6e1e4515271cec93a35b5e51a237612e43d2
SHA512

2438a80715e3a78e791bd27d0481fe7366172272737fa7e93094319900425e87584e8660ca7a29a439852414278747842c4168fba75b17918e4ef06a10c7f0f0
SSDEEP

3072:r5d9W/EhJAYxqfVeNr+g+DKUZVgb3YchOC2/6OeOiVWD6HZtJIX9fq:XXhJrxLNSg+lVgb3HjKtetTNINy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de2fec88fdfdd9d58aef5b1f282ca98f

Files

de2fec88fdfdd9d58aef5b1f282ca98f
.exe windows:4 windows x86 arch:x86

1e6a2f64117ae68bbc302327127c6637

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathFileExistsW
PathStripToRootW
PathAppendW

gdi32

GetTextColor
RectVisible
DeleteObject
SetTextColor
RestoreDC
SaveDC
GetObjectW
GetMapMode
SetWindowExtEx
GetViewportExtEx
Escape
GetClipBox
GetStockObject
DeleteDC
ScaleViewportExtEx
SetMapMode
ExtSelectClipRgn
GetWindowExtEx
SetBkColor
SetViewportExtEx
OffsetViewportOrgEx
ScaleWindowExtEx
GetDeviceCaps
PtVisible
SelectObject
TextOutW
SetViewportOrgEx
CreateBitmap
ExtTextOutW
GetBkColor
GetRgnBox
CreateRectRgnIndirect

ole32

CoRevokeClassObject
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CLSIDFromProgID
CoUninitialize
CoCreateInstance
OleInitialize
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoGetClassObject
CreateILockBytesOnHGlobal
OleFlushClipboard
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegEnumKeyW
RegQueryValueExW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

kernel32

GetLocaleInfoW
DeleteCriticalSection
FindResourceW
GetVersionExW
WaitForSingleObject
MultiByteToWideChar
CreateFileW
GetCalendarInfoW
LockResource
EnumResourceLanguagesW
InterlockedDecrement
GetModuleFileNameW
LocalFileTimeToFileTime
LoadResource
WriteFile
FindNextFileW
GetLocaleInfoA
SetFilePointer
SizeofResource
GetThreadContext
RemoveDirectoryW
ReadFile
CreateMutexW
FindClose
ReleaseMutex
MoveFileW
lstrcpyW
VirtualFree
SystemTimeToFileTime
RaiseException
GetModuleHandleW
EnumResourceNamesA
ExitProcess
SetFileTime
LoadLibraryW
InterlockedExchange
GetCurrentProcessId
FindFirstFileW
GetVersion
ConvertDefaultLocale
GetThreadLocale
FreeLibrary
CloseHandle
lstrcmpiA
GetCurrentDirectoryW
DeleteFileW
GetACP
CreateDirectoryW
WideCharToMultiByte
InitializeCriticalSection
GetFileAttributesW
GetSystemDefaultLangID
GetProcAddress
lstrcmpA

user32

GetPropW
GetClientRect
GetNextDlgTabItem
GetMenu
CharNextW
CharUpperW
CreateWindowExW
IsIconic
IntersectRect
RemovePropW
DefWindowProcW
GetClassInfoExW
MapWindowPoints
GetClassLongW
OffsetRect
GetForegroundWindow
AdjustWindowRectEx
CallWindowProcW
GetMessagePos
IsWindow
EqualRect
MessageBeep
CopyAcceleratorTableW
SetForegroundWindow
SendDlgItemMessageA
InvalidateRect
GetMessageTime
RegisterClassW
LoadIconW
InvalidateRgn
GetTopWindow
GetClassInfoW
RegisterWindowMessageW
UpdateWindow
SetActiveWindow
SetPropW
IsRectEmpty
SetRect
GetNextDlgGroupItem
GetWindowPlacement
WinHelpW
IsChild
DestroyMenu

oledlg

OleUIBusyW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e6a2f64117ae68bbc302327127c6637

Headers

File Characteristics

Imports

shlwapi

gdi32

ole32

shell32

advapi32

comdlg32

winspool.drv

kernel32

user32

oledlg

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 77KB - Virtual size: 76KB

.edata Size: 1024B - Virtual size: 108KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 77KB - Virtual size: 76KB

.edata
Size: 1024B - Virtual size: 108KB