5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9

Sharing

Copy URL

Twitter E-mail

General

Target

5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9
Size

624KB
MD5

7e18dd4a4b84f2f93eff4790f16e8e8b
SHA1

3113dbbeb536000ac8175ccb6438355af41ab2eb
SHA256

5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9
SHA512

3edfa60480ec1e0a6b5ce01d99cf0156fe544a77944ccd87acf95dcd0667cdfe4a2b99e9988cee0e597de03aa96d8098ae3f324fe63ca37db688522e5ec87fca
SSDEEP

12288:PCtVb4i2eVyASN5sPd9dLcch0xXnA1b0LLmu1:PCzUxQE5sPOU0xGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9

Files

5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9
.exe windows:4 windows x86 arch:x86

ba4b1691fb4a228beb6f017272abe75c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetUnhandledExceptionFilter
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileType
GetProfileStringA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetACP
HeapSize
HeapReAlloc
TerminateProcess
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetTickCount
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FindNextFileA
FindFirstFileA
FindClose
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
lstrcpynA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
GetCurrentThread
lstrcmpA
SetLastError
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetFileAttributesA
GetModuleFileNameA
CreateDirectoryA
Sleep

user32

TranslateMessage
ValidateRect
GetCursorPos
SetCursor
ShowOwnedPopups
PostQuitMessage
WaitMessage
IsRectEmpty
FindWindowA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetDC
ReleaseDC
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
InvertRect
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
SetRectEmpty
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SendMessageA
SetCapture
WindowFromPoint
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
UpdateWindow
KillTimer
PostThreadMessageA
RegisterClipboardFormatA
LockWindowUpdate
MessageBoxA
GetDCEx
SetTimer
GetSystemMetrics
FillRect
GetSysColor
DrawFocusRect
CopyRect
InvalidateRect
LoadBitmapA
LoadImageA
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
DestroyIcon
GetMenuStringA
InsertMenuA
InflateRect
LoadStringA
GetSysColorBrush
GetClassNameA
GetSystemMenu
DeleteMenu
AppendMenuA
SetParent
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
DestroyMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
GetMessageA
PtInRect
SetRect
LoadCursorA
DestroyCursor
CharUpperA
MapDialogRect
wsprintfA
SetWindowContextHelpId

gdi32

GetStockObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateRectRgn
SelectObject
GetViewportExtEx
GetWindowExtEx
CreateHatchBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
LPtoDP
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetTextExtentPoint32A
GetTextMetricsA
StretchDIBits
GetCharWidthA
CreateFontA
CreateFontIndirectA
SetRectRgn
CombineRgn
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateRectRgnIndirect
PatBlt
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject
Rectangle
CreatePen
CreateSolidBrush
Ellipse
CreateCompatibleDC
GetObjectA
DPtoLP
CreateBitmap
CreateCompatibleBitmap
GetMapMode
BitBlt
CreateDIBitmap
GetTextExtentPointA
StretchBlt

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA
GetFileTitleA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegCloseKey
SetFileSecurityA
RegDeleteValueA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

OleIsCurrentClipboard
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard

olepro32

ord253
ord251

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

wsock32

closesocket
WSACleanup
WSAStartup
WSASetLastError
WSAGetLastError
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
inet_addr
gethostbyname
recv
htonl
htons
bind
ioctlsocket
accept
getpeername
ntohs

Sections

.text
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba4b1691fb4a228beb6f017272abe75c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 308KB - Virtual size: 305KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 196KB - Virtual size: 210KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 308KB - Virtual size: 305KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 196KB - Virtual size: 210KB

.rsrc
Size: 40KB - Virtual size: 37KB