aa77f6149387a1dd0b4e319fe14a1a3f78f69f5ef1c1536be7e9b2f3225a869a

Sharing

Copy URL

Twitter E-mail

General

Target

aa77f6149387a1dd0b4e319fe14a1a3f78f69f5ef1c1536be7e9b2f3225a869a
Size

1.6MB
MD5

e55898a4097ae66f15de014979a28d41
SHA1

8249370d601bbce1bf5f8212b89789d68fbeadfc
SHA256

aa77f6149387a1dd0b4e319fe14a1a3f78f69f5ef1c1536be7e9b2f3225a869a
SHA512

d35d91887c823fba2446eb0327d0c5dfa07823fab2a068e35f2c38bae37dd5ae8686710219b41d2c6e982d07d942b607c7f8dd6ee7b4279635193ba90f6a54e7
SSDEEP

24576:GJInb1K2o7Ob8A2SVI5uTOc0k6qc1RxV7e/1mV04OJuGucMLriG:i742k6hEohStM3P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa77f6149387a1dd0b4e319fe14a1a3f78f69f5ef1c1536be7e9b2f3225a869a

Files

aa77f6149387a1dd0b4e319fe14a1a3f78f69f5ef1c1536be7e9b2f3225a869a
.exe windows:4 windows x86 arch:x86

071da4bc9d447b3e59b8a2ccbdf1c11b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
RemoveDirectoryA
GetProfileStringA
HeapSize
GetFileType
SetStdHandle
GetACP
ExitThread
CreateThread
RaiseException
GetCommandLineA
GetStartupInfoA
FindNextFileA
HeapReAlloc
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
WritePrivateProfileStringA
GetPrivateProfileIntA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetCurrentThread
lstrcmpA
SetLastError
GetVersion
lstrcatA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
FindResourceA
LoadResource
GetProcAddress
FreeLibrary
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
GlobalFree
GlobalSize
GetCPInfo
lstrcpynA
SetEvent
GetComputerNameA
GetDriveTypeA
GetVolumeInformationA
GetLastError
FormatMessageA
LocalFree
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
SuspendThread
GetCurrentThreadId
UnmapViewOfFile
GlobalGetAtomNameA
lstrcmpiA
lstrcpyA
GetCurrentDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetTempFileNameA
WinExec
ResumeThread
Sleep
GetTickCount
GetCurrentProcessId
CreateMutexA
GetFileAttributesA
SetFileAttributesA
ReleaseMutex
SetThreadPriority
WaitForSingleObject
CloseHandle
InterlockedDecrement
GetModuleFileNameA
GetPrivateProfileStringA
GetSystemDefaultLangID
GetWindowsDirectoryA
CopyFileA
InterlockedIncrement
CreateEventA
CreateDirectoryA
SetCurrentDirectoryA
OpenFileMappingA
MapViewOfFile
GlobalAddAtomA
DeleteAtom
GetVersionExA
lstrlenA
MulDiv
GetStringTypeW

user32

ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
DispatchMessageA
MapWindowPoints
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
TabbedTextOutA
GrayStringA
wvsprintfA
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
CharUpperA
LoadAcceleratorsA
DestroyMenu
DefFrameProcA
TranslateMDISysAccel
TranslateAcceleratorA
DefMDIChildProcA
WindowFromPoint
ReuseDDElParam
UnpackDDElParam
SetCursorPos
DestroyCursor
LoadStringA
IsZoomed
SetParent
DeleteMenu
GetSystemMenu
GetSysColorBrush
GetTabbedTextExtentA
InvertRect
GetWindowTextLengthA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
ModifyMenuA
TrackPopupMenu
SystemParametersInfoA
SubtractRect
GetClipboardData
UnionRect
GetCursor
BringWindowToTop
GetMenuItemInfoA
InsertMenuA
GetMenuItemID
GetMenuStringA
RemoveMenu
DestroyCaret
CreateCaret
PostQuitMessage
PostThreadMessageA
RedrawWindow
LockWindowUpdate
GetWindowDC
SetRectEmpty
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetScrollInfo
IntersectRect
IsRectEmpty
DestroyIcon
GetDoubleClickTime
DrawTextA
LoadCursorA
SetCursor
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetSubMenu
GetClassInfoA
EnumChildWindows
EnableMenuItem
GetMenu
GetMenuItemCount
LoadBitmapA
SetTimer
KillTimer
CreatePopupMenu
AppendMenuA
BeginPaint
EndPaint
MoveWindow
DefWindowProcA
DestroyWindow
RegisterClassA
FrameRect
GetWindowTextA
SendDlgItemMessageA
GetCursorPos
GetDlgItem
CheckRadioButton
HideCaret
ShowCaret
GetCaretPos
SetCaretPos
LoadMenuA
SetMenu
LoadIconA
SetWindowPos
SetWindowLongA
CreateWindowExA
FillRect
DrawFocusRect
GetSysColor
GetCapture
ClientToScreen
ReleaseCapture
ScreenToClient
SetCapture
PtInRect
GetSystemMetrics
DrawIconEx
GetClientRect
PeekMessageA
GetKeyState
GetParent
GetWindowLongA
GetWindow
FindWindowA
IsWindowVisible
keybd_event
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
EnableWindow
UnregisterClassA
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode
ShowWindow
IsWindow
ReleaseDC
GetDC
InvalidateRect
GetAsyncKeyState
MessageBeep
MapVirtualKeyA
SetFocus
SetRect
CopyRect
DrawFrameControl
LoadImageA
DrawMenuBar
UpdateWindow
GetDesktopWindow
GetWindowRect
InflateRect
OffsetRect
PostMessageA
SendMessageTimeoutA
GetLastActivePopup
IsIconic
SetForegroundWindow
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
WinHelpA
GetDlgCtrlID
wsprintfA
GetFocus
GetClassNameA
SendMessageA
RegisterWindowMessageA
GetDCEx

gdi32

ExtTextOutA
CreatePolygonRgn
FillRgn
OffsetRgn
CreateFontA
PtInRegion
CreateRectRgn
SetViewportOrgEx
TextOutW
SetTextAlign
EndDoc
EndPage
StartPage
StartDocA
PatBlt
GetTextMetricsA
CreateDCA
EnumFontFamiliesExA
GetClipBox
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
GetCurrentPositionEx
SaveDC
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
Escape
StretchDIBits
CreateCompatibleBitmap
GetCharWidthA
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
GetViewportOrgEx
AbortDoc
SetAbortProc
LPtoDP
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
RestoreDC
CreateSolidBrush
Rectangle
Polygon
MoveToEx
LineTo
CreatePen
DeleteObject
DeleteDC
GetTextColor
GetBkColor
SetTextColor
SetBkColor
SetBkMode
TextOutA
BitBlt
StretchBlt
SelectObject
CreateBitmap
CreateCompatibleDC
GetDeviceCaps
GetStockObject
GetObjectA
CreateFontIndirectA
CreateDIBitmap
GetTextExtentPointA
GetTextExtentPoint32A

comdlg32

PrintDlgA
ChooseFontA
ChooseColorA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA
SetFileSecurityA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ExtractIconA

comctl32

ImageList_GetIcon
ord17
ImageList_Destroy
ImageList_LoadImageA

Sections

.text
Size: 904KB - Virtual size: 901KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHAREDD
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 492KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

071da4bc9d447b3e59b8a2ccbdf1c11b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 904KB - Virtual size: 901KB

.rdata Size: 116KB - Virtual size: 112KB

.data Size: 92KB - Virtual size: 223KB

.SHAREDD Size: 4KB - Virtual size: 124B

.rsrc Size: 492KB - Virtual size: 491KB

.text
Size: 904KB - Virtual size: 901KB

.rdata
Size: 116KB - Virtual size: 112KB

.data
Size: 92KB - Virtual size: 223KB

.SHAREDD
Size: 4KB - Virtual size: 124B

.rsrc
Size: 492KB - Virtual size: 491KB