aaab2761214b6771309d99a587f7a65d[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

aaab2761214b6771309d99a587f7a65d.exe
Size

14.2MB
MD5

aaab2761214b6771309d99a587f7a65d
SHA1

d868a1b7faa59760fde8ac688ee250c228f4e11b
SHA256

ba5e295cf0c72cb878970014feee4238be22fd2ef658cce58b0b3b97a938c137
SHA512

60d08646ce2d54788f97f00cbf2d845e31cd50fa8ee0e8409040da8b9fb54053a3f0edfb39e339247ec8c7f2c370cc1353e2239bec7aaa575b59732e3bb490c7
SSDEEP

196608:MM1nTNRsq7douaJsv6tWKFdu9CxL2U0fJS:MuBaJsv6tWKFdu9Cp50fJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaab2761214b6771309d99a587f7a65d.exe

Files

aaab2761214b6771309d99a587f7a65d.exe
.exe windows:6 windows x86 arch:x86

9fca7ec96f19b6e58145d3e0a9b2154f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
SetErrorMode
DeviceIoControl
CopyFileW
MoveFileW
MoveFileExW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileInformationByHandleEx
FlushFileBuffers
GetFileType
SetEndOfFile
SetFilePointerEx
MultiByteToWideChar
CompareStringW
LCMapStringW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
FindNextFileW
FreeLibrary
GetModuleHandleExW
UnregisterWaitEx
RegisterWaitForSingleObject
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
GetExitCodeProcess
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualFree
WriteConsoleW
GetLogicalDrives
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
SetEnvironmentVariableW
EnumSystemLocalesW
IsValidLocale
HeapReAlloc
HeapAlloc
GetFileSizeEx
HeapFree
GetStdHandle
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetStdHandle
SetFileAttributesW
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
LoadLibraryExW
SetLastError
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
RaiseException
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
GetFileAttributesExW
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetSystemDirectoryW
ResetEvent
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
WaitForMultipleObjects
Sleep
WaitForSingleObject
DuplicateHandle
CreateEventW
WaitForSingleObjectEx
SetEvent
GetTickCount64
QueryPerformanceFrequency
GetStartupInfoW
QueryPerformanceCounter
GetLocalTime
GetSystemTime
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
OutputDebugStringW
GetCommandLineW
CompareStringEx
GetUserDefaultLangID
GetCurrentProcessId
GlobalSize
LoadLibraryW
LoadLibraryA
GetLocaleInfoW
GlobalLock
GlobalUnlock
GlobalAlloc
OpenProcess
CheckRemoteDebuggerPresent
CreateProcessW
ExpandEnvironmentStringsW
WTSGetActiveConsoleSessionId
FormatMessageW
LocalFree
GetProcAddress
GetModuleHandleW
GetCurrentThreadId
WideCharToMultiByte
UnmapViewOfFile
GetVolumeInformationW
MapViewOfFile
CreateFileMappingW
GetLastError
CloseHandle
WriteFile
ReadFile
CreateFileW
GetConsoleWindow
lstrcmpW
GetDriveTypeW
GetLongPathNameW
HeapSize

user32

CreateIconIndirect
LoadCursorW
GetCursor
SetCursorPos
EnumDisplayDevicesW
RegisterClassW
TrackPopupMenuEx
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
GetIconInfo
HideCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
RegisterDeviceNotificationW
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
GetCursorInfo
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
GetWindowTextW
EnumWindows
RealGetWindowClassW
ChangeWindowMessageFilterEx
TranslateMessage
DispatchMessageW
DrawIconEx
ShowCaret
UnregisterDeviceNotification
KillTimer
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetSysColor
SystemParametersInfoW
DefWindowProcW
DestroyWindow
GetDesktopWindow
MessageBoxW
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
PostMessageW
AttachThreadInput
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
IsHungAppWindow
SetWindowsHookExW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
DrawMenuBar
SetMenu
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
WindowFromPoint
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
DestroyIcon
DestroyCursor
GetWindow
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
SetCapture
ReleaseCapture
GetMenu
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
CreateCursor

gdi32

AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetStockObject
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetBitmapBits
SwapBuffers
GetPixelFormat
DescribePixelFormat
SetPixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
GetGlyphOutlineW
GetDIBits
CombineRgn

shell32

SHGetKnownFolderPath
CommandLineToArgvW
Shell_NotifyIconGetRect
Shell_NotifyIconW
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetFileInfoW
SHCreateItemFromParsingName

ole32

ReleaseStgMedium
DoDragDrop
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoInitialize
CoInitializeEx
CoUninitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoGetMalloc

oleaut32

SafeArrayCreateVector
SafeArrayPutElement
SysFreeString
SysAllocString

advapi32

RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetLengthSid
FreeSid
DuplicateToken
CopySid
AllocateAndInitializeSid
AccessCheck
OpenProcessToken
SystemFunction036
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

imm32

ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetOpenStatus
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetDefaultIMEWnd

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

netapi32

NetShareEnum
NetApiBufferFree

ws2_32

WSAAsyncSelect

winmm

PlaySoundW
timeKillEvent
timeSetEvent

uxtheme

GetCurrentThemeName
SetWindowTheme
GetThemeBool
IsAppThemed
IsThemeActive
IsThemeBackgroundPartiallyTransparent
OpenThemeData
GetThemePartSize
GetThemeColor
GetThemeInt
GetThemeEnumValue
GetThemeBackgroundRegion
ord47
CloseThemeData
GetThemeTransitionDuration
GetThemePropertyOrigin
GetThemeMargins

dwmapi

DwmGetWindowAttribute
DwmEnableBlurBehindWindow
DwmSetWindowAttribute
DwmIsCompositionEnabled

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

Sections

.text
Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fca7ec96f19b6e58145d3e0a9b2154f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

imm32

userenv

version

netapi32

ws2_32

winmm

uxtheme

dwmapi

wtsapi32

Sections

.text Size: 7.8MB - Virtual size: 7.8MB

.rdata Size: 2.9MB - Virtual size: 2.9MB

.data Size: 1.0MB - Virtual size: 1.1MB

.qtmetad Size: 1KB - Virtual size: 1KB

.qtmimed Size: 2.2MB - Virtual size: 2.2MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 244KB - Virtual size: 244KB

.text
Size: 7.8MB - Virtual size: 7.8MB

.rdata
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 1.0MB - Virtual size: 1.1MB

.qtmetad
Size: 1KB - Virtual size: 1KB

.qtmimed
Size: 2.2MB - Virtual size: 2.2MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 244KB - Virtual size: 244KB