ab4124bef72bb5dfb58603cb229106e03dd58a259c6839af63b273d1f77ebf05

Sharing

Copy URL

Twitter E-mail

General

Target

ab4124bef72bb5dfb58603cb229106e03dd58a259c6839af63b273d1f77ebf05
Size

316KB
MD5

26b31b051b4e354313f88c8c7bc5e03b
SHA1

9211d41c599a52239b7a3393568bb59f73c0e81c
SHA256

ab4124bef72bb5dfb58603cb229106e03dd58a259c6839af63b273d1f77ebf05
SHA512

6da6f4a4049256b5af0c490a83cf85d966d80e4608772d562e628e8005c1b8eb4e16b27d62fcc5afd4478784abebe039040cafb8d665f3af8bd283dbc405dd84
SSDEEP

6144:/SEpctXkMaKiQFWxcb1eSkY3Pr7GTSR1/j6+:/SAsXHECWxjmzESR9j6+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
ab4124bef72bb5dfb58603cb229106e03dd58a259c6839af63b273d1f77ebf05

Files

ab4124bef72bb5dfb58603cb229106e03dd58a259c6839af63b273d1f77ebf05
.exe windows:5 windows x86 arch:x86

ce5e3133746e3c54290a9eb20ee3210d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ReplaceTextA
FindTextA
ChooseFontA
ChooseColorA
PrintDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

shell32

ShellExecuteA
DragQueryFileA
SHChangeNotify
ShellExecuteExA
DragAcceptFiles
SHGetFileInfoA
DragFinish
ExtractIconA

gdi32

GetOutlineTextMetricsA
EnumFontFamiliesExA
GetFontData
FillPath
GetROP2
Polygon
CreatePolygonRgn
Polyline
CreateEllipticRgnIndirect
GetTextExtentPointA
SetMiterLimit
StrokePath
CreateDIBitmap
CreateDIBSection
GetDIBColorTable
EnumFontFamiliesA
CreateHalftonePalette
Ellipse
CreatePalette
RealizePalette
Rectangle
GetTextAlign
LPtoDP
CopyMetaFileA
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
GetTextMetricsA
SetAbortProc
AbortDoc
DPtoLP
GetCharWidthA
StretchDIBits
SetRectRgn
CreateRectRgnIndirect
CombineRgn
Escape
PatBlt
GetMapMode
ExtTextOutA
PtVisible
GetWindowExtEx
ExtCreatePen
GetViewportExtEx
GetObjectType
PolyBezierTo
SelectClipPath
GetClipRgn
GetCurrentPositionEx
MoveToEx
ExtEscape
LineTo
ExcludeClipRect
IntersectClipRect
SetWindowExtEx
SelectClipRgn
ScaleWindowExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetViewportOrgEx
SetViewportExtEx
OffsetViewportOrgEx
SetROP2
SetMapMode
SetStretchBltMode
SelectPalette
SetPolyFillMode
SetBkMode
GetClipBox
RestoreDC
SaveDC
RectVisible
GetTextColor
GetBkColor
CreateRectRgn
CreateDCA
StartDocA
EndDoc
StartPage
EndPage
PolyBezier
TextOutA
BeginPath
SetTextColor
EndPath
StrokeAndFillPath
CreateFontA
SetBkColor
GetTextExtentPoint32A
BitBlt
GetBitmapDimensionEx
CreateFontIndirectA
CreatePen
GetDIBits
SetDIBitsToDevice
SetBrushOrgEx
CreatePatternBrush
UnrealizeObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
DeleteObject
SelectObject
CreateSolidBrush
GetTextFaceA
DeleteDC
CreateBrushIndirect
CreateBitmap
GetStockObject
GetObjectA
TextOutW
WidenPath
SetTextAlign

comctl32

PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_Create
ImageList_Destroy
_TrackMouseEvent
ImageList_GetImageCount
ImageList_AddMasked

winspool.drv

EnumPrinterDriversA
ClosePrinter
EnumMonitorsA
OpenPrinterA
DocumentPropertiesA
EnumPrintersA
SetPrinterA
GetPrinterA

kernel32

WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetTempPathA
GetModuleFileNameA
DeleteFileA
GetProcAddress
FreeLibrary
MulDiv
CreateFileA
LoadLibraryA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
lstrcpyA
GetACP
GetLastError
WriteFile
GetVersion
lstrcpynA
WaitForSingleObject
CreateProcessA
lstrcmpiA
lstrcmpA
GetSystemDirectoryA
LocalFree
FormatMessageA
lstrcatA
Sleep
GetTickCount
FindResourceA
GetSystemTimeAsFileTime
VirtualProtect
FindResourceExA
GlobalAlloc
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
GetExitCodeThread
GlobalFree
CopyFileA
CreateEventA
CloseHandle
GetFullPathNameA
GetFileAttributesA
GetWindowsDirectoryA
SetEvent
GetTempFileNameA
GetProfileStringA
ResumeThread
lstrlenA
GetVersionExA
WriteProfileStringA
TerminateThread
GetModuleHandleA
GlobalDeleteAtom
MultiByteToWideChar
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFindAtomA
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
FlushFileBuffers
LockFile
SetFilePointer
SetEndOfFile
MoveFileA
UnlockFile
FindFirstFileA
GetVolumeInformationA
FindClose
GetThreadLocale
GetShortPathNameA
GetStringTypeExA
LocalAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetLastError
DeleteCriticalSection
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SuspendThread
GetProfileIntA
SetThreadPriority
GetCurrentDirectoryA
lstrlenW
GetCurrentThread
GetFileTime
GetDiskFreeSpaceA
SetFileTime
FileTimeToLocalFileTime
TlsAlloc
FileTimeToSystemTime
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
TlsGetValue
TlsSetValue
GetProcessVersion
GetCPInfo
GlobalFlags
LocalFileTimeToFileTime
SystemTimeToFileTime
GetOEMCP
SetErrorMode
lstrcpyW
RtlUnwind
GlobalSize
HeapAlloc
GetTimeZoneInformation
HeapFree
GetLocalTime
GetStartupInfoA
GetSystemTime
ExitProcess
RaiseException
GetCommandLineA
ExitThread
HeapReAlloc
CreateThread
SetStdHandle
GetFileType
TerminateProcess
GetEnvironmentVariableA
HeapDestroy
HeapSize
VirtualFree
VirtualAlloc
HeapCreate
FatalAppExitA
LCMapStringA
IsBadWritePtr
SetHandleCount
GetStdHandle
LCMapStringW
CompareStringW
UnhandledExceptionFilter
CompareStringA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeA
GetStringTypeW
GetEnvironmentStringsW
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
SetEnvironmentVariableA
GetProcessHeap
IsDebuggerPresent
InterlockedIncrement

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 206KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce5e3133746e3c54290a9eb20ee3210d

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

shell32

gdi32

comctl32

winspool.drv

kernel32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 206KB - Virtual size: 317KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 206KB - Virtual size: 317KB

.rsrc
Size: 7KB - Virtual size: 7KB