dea6355e5483e6c12b6c9d0ce13d29a8

Sharing

Copy URL Twitter E-mail

General

Target

dea6355e5483e6c12b6c9d0ce13d29a8
Size

173KB
MD5

dea6355e5483e6c12b6c9d0ce13d29a8
SHA1

7103f6749c103560bbac7bb94b458b88dd6eb617
SHA256

e82c0887d61d870f4efcfda40362897f276bc84e207af7b787a03668827ebef7
SHA512

8f26abd40676c56fece5f37e3a5e45533714be1fc92e6832d16bea204d64e1ab13a8bf31472407237fb4cc4722330844e4a3783d1095e7ed591b5b1248bdbf7e
SSDEEP

3072:/RGczuwKVTC+ntw5Xor5qju2rlAp0qr9:/RG7VTCea5Xg5qjuCAN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dea6355e5483e6c12b6c9d0ce13d29a8

Files

dea6355e5483e6c12b6c9d0ce13d29a8
.exe windows:4 windows x86 arch:x86

035f770534fb42b039e4ed84e2fbb3c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
RectVisible
PtVisible
GetObjectW
GetWindowExtEx
CreateBitmap
GetTextColor
DeleteDC
SetWindowExtEx
OffsetViewportOrgEx
RestoreDC
GetBkColor
ExtSelectClipRgn
SelectObject
TextOutW
DeleteObject
SaveDC
GetRgnBox
SetBkColor
GetViewportExtEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetTextColor
ExtTextOutW
GetStockObject
SetViewportOrgEx
Escape
GetMapMode
ScaleWindowExtEx
GetClipBox
CreateRectRgnIndirect

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

oledlg

OleUIBusyW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

LoadIconW
IsChild
WinHelpW
GetTopWindow
CharNextW
IsIconic
CopyAcceleratorTableW
EqualRect
GetNextDlgGroupItem
GetNextDlgTabItem
InvalidateRect
GetClassInfoExW
CreateWindowExW
InvalidateRgn
CallWindowProcW
SetForegroundWindow
GetPropW
RegisterClassW
GetForegroundWindow
GetClassLongW
UpdateWindow
CharUpperW
MessageBeep
SetRect
DefWindowProcW
GetWindowPlacement
SetActiveWindow
GetMenu
GetMessageTime
RegisterWindowMessageW
RemovePropW
IsWindow
IsRectEmpty
MapWindowPoints
OffsetRect
SendDlgItemMessageA
GetMessagePos
IntersectRect
GetClientRect
SetPropW
GetClassInfoW
AdjustWindowRectEx
DestroyMenu

comdlg32

GetFileTitleW

ole32

StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CoTaskMemAlloc
OleUninitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoCreateInstance
CoInitialize
CoUninitialize
CoFreeUnusedLibraries
CLSIDFromProgID
CoRegisterMessageFilter
OleIsCurrentClipboard
OleInitialize
CoTaskMemFree
CLSIDFromString

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW

shlwapi

PathFindFileNameW
PathIsUNCW
PathFileExistsW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW
PathAppendW

kernel32

GetCalendarInfoW
RaiseException
CreateMutexW
GetSystemDefaultLangID
DeleteFileW
EnumResourceLanguagesW
GetModuleFileNameW
InitializeCriticalSection
lstrcpyW
lstrcmpiA
InterlockedExchange
SystemTimeToFileTime
VirtualFree
GetModuleHandleW
FreeLibrary
GetVersionExW
FindNextFileW
CreateFileW
GetThreadContext
ReadFile
SetFilePointer
LocalFileTimeToFileTime
MultiByteToWideChar
EnumResourceNamesA
CloseHandle
WaitForSingleObject
FindResourceW
GetLocaleInfoW
GetCurrentDirectoryW
GetACP
FindClose
RemoveDirectoryW
ConvertDefaultLocale
LoadResource
GetProcAddress
GetThreadLocale
FindFirstFileW
DeleteCriticalSection
ExitProcess
GetVersion
CreateDirectoryW
WideCharToMultiByte
GetCurrentProcessId
LoadLibraryW
ReleaseMutex
InterlockedDecrement
LockResource
WriteFile
MoveFileW
GetLocaleInfoA
GetFileAttributesW
SizeofResource
SetFileTime
lstrcmpA

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

035f770534fb42b039e4ed84e2fbb3c9

Headers

File Characteristics

Imports

gdi32

winspool.drv

oledlg

shell32

user32

comdlg32

ole32

advapi32

shlwapi

kernel32

Sections

.text Size: 97KB - Virtual size: 97KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 68KB - Virtual size: 68KB

.edata Size: 1024B - Virtual size: 88KB

.text
Size: 97KB - Virtual size: 97KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 68KB - Virtual size: 68KB

.edata
Size: 1024B - Virtual size: 88KB