7c3e0e1abb4c8225358ab2c945a5d2911a4aadbaffd7bc0b70abf04dd403986a

Sharing

Copy URL

Twitter E-mail

General

Target

7c3e0e1abb4c8225358ab2c945a5d2911a4aadbaffd7bc0b70abf04dd403986a
Size

284KB
MD5

00f8f62adc589d253565ed468516b007
SHA1

2f385f1492f975251942eb5305bd912942646441
SHA256

7c3e0e1abb4c8225358ab2c945a5d2911a4aadbaffd7bc0b70abf04dd403986a
SHA512

348c8dec6e8016390a185d5c73be163e1fbdc66cd7d637ed86a7a6c8e45d344ef63856015e0b48afd3ca42d100df4373f316cb52d807cbd8a51540e2a01f14cd
SSDEEP

3072:BAwUuwD5ad4QQI/j9XD8b1QK1VLAUzcViIjUW7JcJNKEOecUXKN/nHQU:BAwUZIb9X4BQAV5WiIj/sOVr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c3e0e1abb4c8225358ab2c945a5d2911a4aadbaffd7bc0b70abf04dd403986a

Files

7c3e0e1abb4c8225358ab2c945a5d2911a4aadbaffd7bc0b70abf04dd403986a
.exe windows:4 windows x86 arch:x86

dfdd3a6235642054261022ef54bc4d68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
lstrlenA
GetLocalTime
CreateFileA
WriteFile
SetEndOfFile
LocalAlloc
GetSystemInfo
Sleep
GetLastError
InterlockedDecrement
ExpandEnvironmentStringsA
GetFileAttributesA
SetFilePointer
LockResource
FormatMessageA
WideCharToMultiByte
FreeLibrary
GlobalFree
GlobalAlloc
SetLastError
MultiByteToWideChar
GetFileSize
GetVersionExA
GetCommandLineA
DeleteFileA
GetSystemDirectoryA
GetEnvironmentStrings
CreateDirectoryA
LoadLibraryA
GetProcAddress
GlobalMemoryStatus
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
ReadFile
GetEnvironmentVariableA
GetWindowsDirectoryA
FindResourceA
LoadResource
SizeofResource
EnterCriticalSection
GetEnvironmentStringsW
InterlockedIncrement
IsBadReadPtr
GetStringTypeA
SetUnhandledExceptionFilter
GetStringTypeW
GetStdHandle
SetHandleCount
GetFileType
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
GlobalHandle
HeapDestroy
GetACP
TerminateProcess
HeapSize
RaiseException
ExitProcess
GetStartupInfoA
HeapAlloc
HeapReAlloc
HeapFree
GetVersion
RtlUnwind
SetStdHandle
IsBadCodePtr
lstrcpynA
GetModuleFileNameA
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalUnlock
GlobalFindAtomA
GlobalAddAtomA
LeaveCriticalSection
GlobalLock
GlobalReAlloc
CloseHandle
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
HeapCreate
GetCurrentThreadId
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GetOEMCP
GetCPInfo
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
lstrcmpA
GlobalFlags
GetCurrentProcess
FlushFileBuffers

user32

ShowWindow
LoadStringA
GetSubMenu
KillTimer
CheckMenuRadioItem
GetWindowTextA
GetMenu
SetTimer
GetWindowTextLengthA
SetWindowPos
CreateWindowExA
DestroyWindow
EndDeferWindowPos
EnumChildWindows
BeginDeferWindowPos
DeferWindowPos
GetClassNameA
PtInRect
IsZoomed
DrawFrameControl
GetClientRect
DispatchMessageA
IsDialogMessageA
TranslateMessage
EnableMenuItem
LoadAcceleratorsA
TranslateAcceleratorA
GetMessageA
CheckMenuItem
CreateDialogParamA
RegisterClassExA
CopyRect
ReleaseDC
wsprintfA
SendMessageA
GetDC
SetWindowTextA
GetSysColor
MessageBoxA
LoadImageA
FillRect
GetSystemMetrics
IsWindowEnabled
GetLastActivePopup
UnhookWindowsHookEx
SetWindowsHookExA
PeekMessageA
CallNextHookEx
GetKeyState
GetNextDlgTabItem
GetFocus
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetWindowPlacement
RegisterWindowMessageA
GetWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetDlgCtrlID
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
SystemParametersInfoA
SetSysColors
AdjustWindowRectEx
ClientToScreen
DestroyMenu
ScreenToClient
TabbedTextOutA
DrawTextA
GrayStringA
IsIconic
SetForegroundWindow
PostQuitMessage
GetScrollInfo
SetScrollInfo
GetScrollPos
ScrollWindowEx
DefWindowProcA
IsWindowVisible
UpdateWindow
LoadCursorA
SetCursor
CheckRadioButton
BeginPaint
SetFocus
EndPaint
PostMessageA
CheckDlgButton
EnableWindow
IsDlgButtonChecked
DialogBoxParamA
LoadIconA
SetWindowLongA
GetWindowRect
MoveWindow
ChildWindowFromPoint
GetWindowLongA
InvalidateRect
GetSysColorBrush
FrameRect
GetParent
MapWindowPoints
CallWindowProcA
SetDlgItemTextA
GetDlgItem
GetDlgItemTextA
EndDialog

gdi32

SetWindowExtEx
CreatePalette
GetPaletteEntries
SetDIBColorTable
UnrealizeObject
SelectPalette
RealizePalette
CreateSolidBrush
DeleteObject
CreateCompatibleDC
SelectObject
BitBlt
SetStretchBltMode
StretchBlt
DeleteDC
SetBkMode
GetSystemPaletteEntries
GetDeviceCaps
GetNearestColor
GdiFlush
GetObjectA
GetDIBits
CreateDIBSection
LineTo
MoveToEx
CreatePen
SetTextColor
CreateFontIndirectA
GetStockObject
UpdateColors
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetPixel
ScaleWindowExtEx
CreateHalftonePalette
EnumFontsA
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RestoreDC
SaveDC
GetClipBox
GetMapMode
CreateCompatibleBitmap
SetMapMode
DPtoLP
SetBkColor
GetDIBColorTable
CreateBitmap

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

advapi32

GetUserNameA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegCreateKeyA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyA

shell32

ShellExecuteA
SHAppBarMessage

ole32

OleRun
CoUninitialize
CoInitialize
CreateILockBytesOnHGlobal
CoCreateInstance
StgCreateDocfileOnILockBytes
OleCreateFromFile

oleaut32

SysAllocString
GetErrorInfo
VariantCopy
VariantInit
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysFreeString
SystemTimeToVariantTime

wsock32

inet_addr
gethostname
WSAStartup

comctl32

CreateToolbarEx
ord17

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfdd3a6235642054261022ef54bc4d68

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wsock32

comctl32

version

winspool.drv

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 28KB - Virtual size: 52KB

.rsrc Size: 80KB - Virtual size: 78KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 28KB - Virtual size: 52KB

.rsrc
Size: 80KB - Virtual size: 78KB