aPEs223 | Triage

Resubmissions

09-04-2024 12:27

240409-pmv5vaab7s 10

Sharing

Copy URL

Twitter E-mail

General

Target

aPEs223
Size

395KB
MD5

794b12db6df68064f3b6114f766507d7
SHA1

954270812e935601653e2a5e05ceaef2c4d060d3
SHA256

8b9d7d64cefc531f00cc9671bb5896058161af2a59e0728339e1fa07450eadce
SHA512

aa8aecb17e3d7e6488fe2f4e8015f579af6e0f36a100333df6e7acbf1f908c330c05a4782334441bff12dd87444e7d67cf35466dc56b691563b5c1aa3059c455
SSDEEP

6144:Z38TFJZ+LiSgRhDbwl3c68fKKebp+TDRRLSSqx1uDJe6M:yTFJZ+LaRpUld8fKKAEp1SSqxOJe6M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aPEs223

Files

aPEs223
.exe windows:5 windows x86 arch:x86

e466f056bfd6e4b657507e2c685995b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetStringTypeW
CompareStringW
CompareStringA
GetDateFormatA
GetTimeFormatA
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
CloseHandle
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
CreateFileA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetModuleHandleW
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetSystemTimeAsFileTime
IsDebuggerPresent
LocalFree
OpenFileMappingA
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameA
OpenEventA
SetConsoleOutputCP
LocalAlloc
LoadLibraryA
GetProcAddress
GetLastError
EnumSystemLanguageGroupsA
SetConsoleTitleA
SetConsoleCP
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetLocaleInfoA
MultiByteToWideChar
InterlockedCompareExchange
LeaveCriticalSection
EnterCriticalSection
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
ExitProcess
GetTimeZoneInformation
WriteFile
GetConsoleWindow
Sleep
GlobalAlloc
EnumUILanguagesA
GetConsoleTitleA
GetTickCount
GetCurrentProcess
HeapAlloc
MapViewOfFile
lstrlenA
GetLocalTime
GetFullPathNameA

user32

LoadCursorA
DestroyIcon
WinHelpW
FindWindowA
EnableWindow
GetPropW
MapWindowPoints
SendMessageW
LoadImageA
SetWindowTextA
IsWindowVisible
GetSystemMetrics
DispatchMessageA
IsDlgButtonChecked
LoadStringW
CopyRect
UpdateWindow
SetWindowPos
GetSysColor
RedrawWindow
EndPaint
ClientToScreen
DestroyWindow
GetMessageA
GetUpdateRgn
SetTimer
ScreenToClient
GetWindowRect
SetActiveWindow
RegisterClassExA
PostQuitMessage
FillRect
LoadImageW
DrawTextA
DialogBoxParamW
GetParent
LoadIconA
wsprintfA
GetClientRect
SetFocus
SendMessageA
RegisterWindowMessageA
BeginPaint
SetScrollRange
CreateIconIndirect
GetIconInfo
GetDC
TranslateMessage
DrawStateA
GetAsyncKeyState
SetWindowLongA
GetWindowLongA
CreateWindowExA
SetScrollPos
ReleaseDC
GetDlgItem
ScrollWindow
EndDialog
DefWindowProcA

gdi32

SetStretchBltMode
MoveToEx
BitBlt
LineTo
SetTextColor
GetBkMode
DeleteDC
CreateDIBSection
CreateFontA
StretchBlt
CreateFontIndirectA
SetBkColor
GdiFlush
CreatePalette
CreateBitmap
GetRegionData
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
Ellipse
SetDCPenColor
CreateRectRgn
CreatePen
GetTextMetricsA
ChoosePixelFormat
SetROP2
SetPixelFormat
SetTextAlign
GetStretchBltMode
GetObjectA
GetStockObject
CreateSolidBrush
TextOutA

winspool.drv

ConnectToPrinterDlg

comdlg32

ReplaceTextW
FindTextA

advapi32

CredWriteDomainCredentialsA
GetOldestEventLogRecord
OpenEventLogW
CredReadDomainCredentialsA
SetTokenInformation
GetTokenInformation
CloseEventLog
ReadEventLogA
CredUnmarshalCredentialA
OpenProcessToken

shell32

SHGetFileInfoA
ShellAboutW

ole32

CoInitialize

oleaut32

SafeArrayGetElement
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayDestroy
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SetErrorInfo
CreateErrorInfo
SafeArrayGetUBound

wininet

InternetSetStatusCallback
InternetCrackUrlA
FtpOpenFileA
InternetConnectA
FtpFindFirstFileA
InternetCanonicalizeUrlA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetReadFile
FtpSetCurrentDirectoryA
InternetFindNextFileA
GopherOpenFileA
HttpOpenRequestA

msimg32

GradientFill

winmm

timeGetTime

crypt32

CryptSignAndEncodeCertificate
CryptExportPublicKeyInfoEx
CertGetNameStringA

comctl32

ord412
ord413
ImageList_Draw

activeds

ord6
ord3
ord4

rpcrt4

UuidCreateSequential

secur32

GetUserNameExA

opengl32

glFlush
glEnable
glLightfv
glViewport
glLoadIdentity
wglDeleteContext
wglCreateContext
glClear
glClearColor
glEnd
glVertex3d
glVertex2i
glVertex2d
glBegin
glShadeModel
glColor3d
wglMakeCurrent
glBlendFunc
glVertex3f
glMatrixMode
glColor3f

glu32

gluPerspective
gluLookAt

traffic

TcCloseInterface
TcAddFilter

Sections

.text
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

e466f056bfd6e4b657507e2c685995b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

msimg32

winmm

crypt32

comctl32

activeds

rpcrt4

secur32

opengl32

glu32

traffic

Sections

.text Size: 309KB - Virtual size: 308KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 309KB - Virtual size: 308KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 33KB - Virtual size: 32KB