f4eba6a94af7fd7ea105b3e8c832f8b93232c0b04709c019e36488313a019bc9

Sharing

Copy URL

Twitter E-mail

General

Target

f4eba6a94af7fd7ea105b3e8c832f8b93232c0b04709c019e36488313a019bc9
Size

4.2MB
MD5

2eeb979521b0eefa2829b958f39ec09d
SHA1

6299f453d5bc27faf9838006db25ad121f526513
SHA256

f4eba6a94af7fd7ea105b3e8c832f8b93232c0b04709c019e36488313a019bc9
SHA512

026826b09208039ec33ecb4e0871693a2ce829f051692e2e7600f9daf5dbf6b220373d25c76303fefe5df8a9a0fda404f80f683b89158c24ea8d9349eee6ba9d
SSDEEP

98304:Gc0AM9vPfSLwvkRWjhd1nxEKQqzLoYGK6:OtFPfywvkId1nxELqxL6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4eba6a94af7fd7ea105b3e8c832f8b93232c0b04709c019e36488313a019bc9

Files

f4eba6a94af7fd7ea105b3e8c832f8b93232c0b04709c019e36488313a019bc9
.exe windows:5 windows x86 arch:x86

7ef7b893be8642deb51d9d428de89cec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIconSize
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_GetDragImage
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_Write
ord17
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Create
ImageList_BeginDrag
ImageList_Add
ImageList_ReplaceIcon
ImageList_Destroy

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetStartupInfoW
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingW
CreateMutexA
CreateMutexW
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
EnumCalendarInfoA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindResourceA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCommandLineW
GetComputerNameA
GetCPInfo
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLocalTime
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProfileStringA
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetStringTypeExW
GetSystemDefaultLangID
GetSystemInfo
GetSystemTime
GetTempFileNameA
GetCommandLineA
GetTempPathW
GetThreadLocale
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidCodePage
LoadLibraryExA
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFileEx
LockResource
lstrcatA
lstrcmpA
lstrcmpW
lstrcpyA
lstrcpynA
lstrlenA
MapViewOfFile
MoveFileA
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetThreadExecutionState
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
CreateFileW
FindClose
LoadLibraryA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
GetTempPathA

user32

EnableScrollBar
EnableWindow
EndPaint
EnumChildWindows
EnumClipboardFormats
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetCapture
GetCaretPos
GetClassInfoA
GetClassInfoW
GetClassNameA
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardFormatNameA
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardType
GetKeyNameTextA
GetKeyState
GetLastActivePopup
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessageA
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaNumericA
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
keybd_event
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
LoadStringW
LockWindowUpdate
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
mouse_event
EnableMenuItem
MsgWaitForMultipleObjects
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostMessageW
PtInRect
RedrawWindow
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterHotKey
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageTimeoutA
SendMessageW
SendNotifyMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenuItemInfoA
SetMenuItemInfoW
SetParent
SetPropA
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetSysColors
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
ShowCaret
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UnregisterClassW
UnregisterHotKey
UpdateWindow
ValidateRect
WaitForInputIdle
WaitMessage
WindowFromPoint
WinHelpA
wvsprintfA
CreateCaret
CopyImage
CloseClipboard
ClipCursor
ClientToScreen
ChildWindowFromPointEx
CheckMenuItem
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharUpperA
CharToOemA
AdjustWindowRectEx
AttachThreadInput
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CallWindowProcW
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharNextA
DrawTextW
DrawTextA
DrawMenuBar
DrawIconEx
CreateIconIndirect
DrawFocusRect
DrawEdge
DrawCaption
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateMenu
MoveWindow
CreateMDIWindowW
DrawFrameControl

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegFlushKey
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA

ole32

ProgIDFromCLSID
OleUninitialize
OleSetMenuDescriptor
OleInitialize
OleDraw
IsAccelerator
GetRunningObjectTable
RegisterDragDrop
DoDragDrop
CreateStreamOnHGlobal
CreateItemMoniker
CoUninitialize
CoTaskMemFree
CoGetClassObject
CoDisconnectObject
CoCreateInstance
ReleaseStgMedium
RevokeDragDrop
StringFromCLSID
FreePropVariantArray

oleaut32

VarCyFromStr
VarBstrFromCy
VarBstrFromBool
VarBoolFromStr
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
SafeArrayAccessData
GetErrorInfo
VarDateFromStr
VarI4FromStr
VariantChangeTypeEx
VariantClear
VariantCopyInd
VariantInit
VarR8FromStr
VarNeg
VarNot
VarBstrFromDate

msvcrt

_XcptFilter
_exit
_except_handler3
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
exit

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.react4
Size: 892KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7ef7b893be8642deb51d9d428de89cec

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.react4 Size: 892KB - Virtual size: 896KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.react4
Size: 892KB - Virtual size: 896KB