1599de517faa27862c8f9554c27ad8ec62936c854181069b136dd8103135c824

Sharing

Copy URL

Twitter E-mail

General

Target

1599de517faa27862c8f9554c27ad8ec62936c854181069b136dd8103135c824
Size

5.2MB
MD5

a27c867f4ff12615bdbdfc28eee5e7b8
SHA1

e0a59231ff8a91bf70518961487eac6c9657d0d4
SHA256

1599de517faa27862c8f9554c27ad8ec62936c854181069b136dd8103135c824
SHA512

536ef29e9943d22ce4fad6aaab759e14b566f5776df5e9da813a256d2f534691b33a8636a88b51abbe36ed22c6965865e5f26ea0e1a0f28684aff0a1301b7a0e
SSDEEP

98304:2rGAOpuG+hqHTzrSweoy5ODzOcc6upLAcd9SXYKHO533:iOpPgAWw76PHSXYKk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1599de517faa27862c8f9554c27ad8ec62936c854181069b136dd8103135c824

Files

1599de517faa27862c8f9554c27ad8ec62936c854181069b136dd8103135c824
.exe windows:4 windows x86 arch:x86

ff04ce23668dca7f76cbac6e54314c73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetGetUniversalNameW
WNetCloseEnum

comctl32

_TrackMouseEvent
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitializeFlatSB
ImageList_EndDrag

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

WritePrivateProfileStringW
GetModuleHandleA
WriteFile
GetStringTypeExW
GetThreadLocale
lstrlenW
GetProcAddress
lstrcmpiW
GetModuleHandleW
LoadLibraryA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetStartupInfoW
CloseHandle
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreatePipe
CreateProcessA
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DosDateTimeToFileTime
EnumCalendarInfoW
EnumResourceNamesW
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCommandLineW
GetComputerNameW
GetConsoleCP
GetConsoleOutputCP
GetCPInfoExW
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetLocalTime
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetOverlappedResult
GetPrivateProfileStringW
GetShortPathNameW
GetStdHandle
GetSystemInfo
GetTempFileNameW
GetTempPathW
GetThreadPriority
GetTimeZoneInformation
GetVersion
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
IsValidLocale
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
lstrcatA
lstrcmpW
lstrcpyW
lstrlenA
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateThread
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
GetStartupInfoA

user32

CreateAcceleratorTableW
CreateCaret
CreateCursor
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
AdjustWindowRectEx
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumChildWindows
EnumClipboardFormats
EnumThreadWindows
EnumWindows
FillRect
FindWindowExW
FindWindowW
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardFormatNameW
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItemTextA
GetDlgItemTextW
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyNameTextW
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMessageExtraInfo
GetMessagePos
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetTopWindow
GetUpdateRect
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
CountClipboardFormats
InflateRect
InsertMenuItemW
InsertMenuW
InvalidateRect
IsCharAlphaNumericA
IsCharAlphaNumericW
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageA
LoadKeyboardLayoutW
LoadStringW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjectsEx
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
SendDlgItemMessageW
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WindowFromPoint
wvsprintfA
CopyImage
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperW
CharUpperBuffW
CharNextW
CharLowerW
CharLowerBuffW
CharLowerBuffA
CallWindowProcW
CallNextHookEx
BringWindowToTop
HideCaret
ActivateKeyboardLayout
GetSystemMetrics
BeginPaint
DefFrameProcW

winspool.drv

EnumPrintersW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
ChooseColorW
FindTextW
ReplaceTextW
ChooseFontW
PrintDlgW
GetOpenFileNameW

advapi32

RegCloseKey
RegFlushKey
RegQueryValueExW
RegOpenKeyExW

ole32

ReleaseStgMedium
CoCreateInstance
RegisterDragDrop
StringFromCLSID
CoCreateGuid
ProgIDFromCLSID
OleUninitialize
OleSetMenuDescriptor
OleSetContainedObject
OleInitialize
OleGetIconOfClass
OleCreateStaticFromData
FreePropVariantArray
CreateILockBytesOnHGlobal
DoDragDrop
CreateBindCtx
CoUninitialize
CoTaskMemFree
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CLSIDFromProgID
RevokeDragDrop

msvcrt

_except_handler3
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sfx1
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 756KB - Virtual size: 755KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mail4
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff04ce23668dca7f76cbac6e54314c73

Headers

File Characteristics

Imports

mpr

comctl32

version

kernel32

user32

winspool.drv

comdlg32

advapi32

ole32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.sfx1 Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 756KB - Virtual size: 755KB

.mail4 Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.sfx1
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 756KB - Virtual size: 755KB

.mail4
Size: 2.1MB - Virtual size: 2.1MB