6e5b87d3a49d3c91abb93431a6b155b01b6d350f9581563af5151296a4346413

Sharing

Copy URL Twitter E-mail

General

Target

6e5b87d3a49d3c91abb93431a6b155b01b6d350f9581563af5151296a4346413
Size

4.4MB
MD5

48b9c489337b210a72ad3b4a89d8831b
SHA1

55b558360747e27a4c09751ec4c213370548a945
SHA256

6e5b87d3a49d3c91abb93431a6b155b01b6d350f9581563af5151296a4346413
SHA512

3ed8719bac81853937837c179a5c280d27f72a8631c7f3dfca76b39d8aad6a335b3494531b37b08f9b2746b30ae5ec894a3187e6ac8d5ba1fec629e07ea4c1a1
SSDEEP

49152:D/dvDllf+JnOyCPOQOyCPOrVHgOGfUzQOyCPO:JvDllVPO/POBHgO9z/PO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e5b87d3a49d3c91abb93431a6b155b01b6d350f9581563af5151296a4346413

Files

6e5b87d3a49d3c91abb93431a6b155b01b6d350f9581563af5151296a4346413
.exe windows:5 windows x86 arch:x86

fa83f1c3a1dd9268fb9039d721b0ac95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
TerminateProcess
GetProcessHeap
HeapAlloc
GetStartupInfoA
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FindResourceW
LoadResource
LockResource
GetVersionExW
FreeResource
GetCommandLineW
GetSystemDirectoryW
ExpandEnvironmentStringsW
lstrlenW
GetCurrentThreadId
lstrcmpW
GetModuleFileNameW
GetFullPathNameW
GetSystemDefaultLangID
HeapReAlloc
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
CompareStringW
GetFileSize
ReadFile
GetWindowsDirectoryW
CreateFileW
SetFilePointer
LockFile
WriteFile
UnlockFile
CloseHandle
HeapFree
GetProcAddress
LoadLibraryW
GetCurrentProcess
FreeLibrary

user32

GetWindowLongW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
BringWindowToTop
IsIconic
GetParent
CreateWindowExW
RegisterClassExW
LoadCursorW
SetWindowLongW
ChildWindowFromPoint
SetWindowTextW
GetClientRect
ActivateKeyboardLayout
DestroyMenu
LoadMenuW
LoadImageW
LoadIconW
GetSystemMetrics
EnumWindows
DispatchMessageW
TranslateMessage
GetMessageW
GetWindow
SendMessageA
CreateWindowExA
SetWindowTextA
DialogBoxParamW
GetKeyState
EndDialog
GetDlgItemTextW
SetWindowPos
SetFocus
FrameRect
GetClassInfoExW
UnregisterClassW
GetWindowRect
ScreenToClient
GetSysColorBrush
FillRect
MessageBeep
DestroyWindow
PostQuitMessage
GetDlgItem
EnableWindow
GetWindowThreadProcessId
PostMessageW
BeginPaint
GetSysColor
DrawEdge
EndPaint
SetRect
ScrollWindow
UpdateWindow
GetDC
ReleaseDC
SetScrollInfo
SendMessageW
ShowWindow
MessageBoxW
LoadStringW
RedrawWindow
GetClassNameW

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegCloseKey

gdi32

GetTextMetricsW
GetStockObject
CreateFontIndirectW
GetDeviceCaps
DeleteDC
DeleteObject
BitBlt
GetTextExtentPoint32W
TextOutW
SetTextAlign
SetBkMode
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
LineDDA
ExtTextOutW
SetBkColor
SetTextColor
GetObjectW
SelectObject

imm32

ImmGetCompositionStringW
ImmSetCompositionStringW
ImmNotifyIME
ImmGetContext
ImmSetOpenStatus
ImmGetIMEFileNameW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

msvcrt

memmove
wcsncpy
_itow
??2@YAPAXI@Z
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
__CxxFrameHandler
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
_except_handler3
?terminate@@YAXXZ
_vsnwprintf
??3@YAXPAX@Z
_initterm
_CxxThrowException

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa83f1c3a1dd9268fb9039d721b0ac95

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

imm32

comdlg32

msvcrt

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB