f1e36ad2785271e6cc2dc5ab7488bbaa90eeb881150c69eaeedb8bc385c36201

Sharing

Copy URL Twitter E-mail

General

Target

f1e36ad2785271e6cc2dc5ab7488bbaa90eeb881150c69eaeedb8bc385c36201
Size

1.7MB
MD5

9eaacd7e9bbd5dddb9a962065283ee26
SHA1

e6e8976e245ad82499e8eb14d15ab927c992509b
SHA256

f1e36ad2785271e6cc2dc5ab7488bbaa90eeb881150c69eaeedb8bc385c36201
SHA512

f7eff1144fccfe596ff86aad34a7c8f7b110ecea11ee70033ad9aa40a2e8638b18648327fa7338cea290ae5c238ee14081c1be0c1cfb849eade1875f05139d79
SSDEEP

24576:klEYGzZkFV9blxepE8rfaaoqShkWIM5BKq5OiBpKp9ujX9HUhTeTBhh+nc7Rbiro:NYGebRyu9eTeTBhh+ncg9tLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1e36ad2785271e6cc2dc5ab7488bbaa90eeb881150c69eaeedb8bc385c36201

Files

f1e36ad2785271e6cc2dc5ab7488bbaa90eeb881150c69eaeedb8bc385c36201
.exe windows:4 windows x86 arch:x86

f3c1ade89fc659b4bf16f8dd7d09308d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
HeapReAlloc
GetStdHandle
TerminateProcess
HeapSize
lstrcmpA
VirtualAlloc
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
IsBadReadPtr
WideCharToMultiByte
lstrcpyA
MultiByteToWideChar
LockResource
FreeResource
lstrlenA
HeapAlloc
ExitProcess
HeapFree
GetStartupInfoA
SetEnvironmentVariableA
GetCommandLineA
GetTimeZoneInformation
GetLocalTime
GetSystemTime
GetFullPathNameA
GetCurrentDirectoryA
_lopen
SetupComm
GetVersionExA
_lwrite
_lcreat
_llseek
GetACP
_lclose
DebugBreak
GlobalFlags
GetCPInfo
GlobalSize
GetModuleHandleA
GlobalMemoryStatus
GlobalGetAtomNameA
GetProfileStringA
WinExec
GetProfileIntA
GetWindowsDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
_hwrite
_hread
GetDiskFreeSpaceA
GetVolumeInformationA
GetSystemDirectoryA
GetDriveTypeA
GetTempPathA
GetModuleFileNameA
SetFileTime
GetFileTime
SetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
DeleteFileA
CreateDirectoryA
FindNextFileA
FlushFileBuffers
RemoveDirectoryA
MoveFileA
SetEndOfFile
WriteFile
ReadFile
FindClose
SetFilePointer
FindFirstFileA
GetTempFileNameA
GetFileAttributesA
CloseHandle
SetLastError
CreateFileA
GetFileSize
HeapDestroy
GlobalHandle
GetCurrentProcess
GetTickCount
lstrcatA
OpenFile
SetErrorMode
LoadLibraryA
GetLastError
GetSystemInfo
GlobalReAlloc
GlobalAlloc
GlobalFree
GetCurrentProcessId
FindResourceA
LoadResource
GetVersion
lstrcmpiA
lstrcpynA
GlobalUnlock
GetProcAddress
GlobalLock
FreeLibrary
IsBadStringPtrA
HeapCreate
VirtualFree
SetHandleCount
GetFileType
OutputDebugStringA

user32

GetSubMenu
GetAsyncKeyState
ToAscii
GetMessageA
IsDialogMessageA
IsIconic
SetActiveWindow
IsWindowVisible
GetLastActivePopup
DeleteMenu
GetSystemMenu
GetDialogBaseUnits
BringWindowToTop
AppendMenuA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
DestroyMenu
DrawMenuBar
RemoveMenu
GetMenu
ModifyMenuA
EnableMenuItem
IsZoomed
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
DdeFreeDataHandle
DdeClientTransaction
DdeCreateStringHandleA
DdeConnect
DdeInitializeA
DispatchMessageA
TranslateMessage
SetMenu
CreateMenu
LoadAcceleratorsA
TranslateAcceleratorA
SetMessageQueue
GetUpdateRect
ScrollDC
LoadStringA
MessageBoxA
MessageBeep
SetPropA
RemovePropA
GetPropA
GetWindowDC
AdjustWindowRect
GetTopWindow
OemToCharA
CharToOemA
SystemParametersInfoA
CreateWindowExA
GetKeyState
SetWindowTextA
GetCursorPos
EqualRect
ValidateRect
ExitWindowsEx
CharLowerA
HideCaret
InvertRect
DestroyCaret
ClientToScreen
PostQuitMessage
wsprintfA
EnumWindows
GetWindow
ReleaseCapture
SetCapture
EnableWindow
GetClassNameA
GetActiveWindow
CreateDialogParamA
GetDlgItem
SetFocus
ShowWindow
IntersectRect
DrawFocusRect
GetWindowRect
DrawIcon
LoadBitmapA
LoadIconA
CreateCursor
SetCursor
DestroyCursor
SetSysColors
GetFocus
GetWindowThreadProcessId
GetClipboardData
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetDlgItemTextA
SetDlgItemTextA
CreateCaret
SetCaretPos
ShowCaret
UnionRect
CharNextA
InflateRect
GetClassLongA
IsWindow
SetWindowLongA
SetWindowPos
GetWindowLongA
OffsetRect
GetWindowTextA
GetSysColor
FrameRect
IsWindowEnabled
DestroyWindow
GetNextDlgGroupItem
SendMessageA
GetWindowWord
GetDlgCtrlID
GetParent
PostMessageA
GetCapture
SetWindowWord
InvalidateRect
UpdateWindow
DefWindowProcA
PeekMessageA
PtInRect
CharUpperA
DefDlgProcA
GetDC
ReleaseDC
GetSystemMetrics
MoveWindow
SetTimer
KillTimer
BeginPaint
SetRect
DrawTextA
EndPaint
GetClientRect
FillRect
EndDialog
CharPrevA
ScreenToClient
GetClassInfoA
LoadCursorA
RegisterClassA
DialogBoxParamA
EnumChildWindows
SendDlgItemMessageA
IsCharLowerA

gdi32

TextOutA
SetBkMode
DeleteObject
SelectPalette
StretchDIBits
RealizePalette
LPtoDP
SetViewportExtEx
SetWindowExtEx
SetMapMode
DeleteDC
SelectObject
BitBlt
CreateCompatibleDC
StretchBlt
SetTextColor
UnrealizeObject
CreatePatternBrush
CreateBitmap
CreateSolidBrush
LineTo
MoveToEx
CreatePen
GetSystemPaletteUse
GetTextColor
GetBkColor
RestoreDC
SetBkColor
SaveDC
Rectangle
SetROP2
GetBitmapBits
GetSystemPaletteEntries
GetObjectA
SetSystemPaletteUse
CreatePalette
GetDeviceCaps
GetNearestPaletteIndex
GetDIBits
GetPaletteEntries
CreateCompatibleBitmap
ExtFloodFill
RectVisible
GetPixel
GetNearestColor
SetPixel
CreateDIBitmap
SelectClipRgn
SetStretchBltMode
CreateFontIndirectA
PatBlt
ExcludeClipRect
CreateRectRgn
GetClipBox
ExtTextOutA
SetTextCharacterExtra
Ellipse
IntersectClipRect
SetViewportOrgEx
GetViewportOrgEx
Pie
SetDIBits
GetTextMetricsA
GetRgnBox
CreateICA
GetOutlineTextMetricsA
EnumFontsA
RoundRect
Arc
GetTextExtentPoint32A
Polyline
SetWindowOrgEx
Polygon
OffsetWindowOrgEx
GetViewportExtEx
GetWindowOrgEx
CloseMetaFile
DeleteMetaFile
CreateMetaFileA
CreateDiscardableBitmap
StartPage
StartDocA
Escape
AbortDoc
SetAbortProc
EndPage
CreateDCA
EndDoc
SetRectRgn
CreateRectRgnIndirect
CombineRgn
GetDCOrgEx
OffsetRgn
SetTextAlign
GetStockObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

shell32

SHAppBarMessage
ShellExecuteA

winspool.drv

ClosePrinter
OpenPrinterA
GetPrinterA
DocumentPropertiesA

winmm

waveOutGetNumDevs

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueA
RegOpenKeyExA

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

ole32

CreateBindCtx
OleLoad
CoCreateInstance
OleInitialize
CreateGenericComposite
CreateItemMoniker
CreateFileMoniker
MkParseDisplayName
OleSetMenuDescriptor
CLSIDFromString
OleUninitialize
OleSetContainedObject
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleSave
OleCreateStaticFromData
OleDraw
StgCreateDocfileOnILockBytes
CoUninitialize
CoInitialize

Sections

.text
Size: 919KB - Virtual size: 919KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3c1ade89fc659b4bf16f8dd7d09308d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

winspool.drv

winmm

advapi32

mpr

ole32

Sections

.text Size: 919KB - Virtual size: 919KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 19KB - Virtual size: 50KB

.idata Size: 10KB - Virtual size: 10KB

.rsrc Size: 312KB - Virtual size: 311KB

.reloc Size: 43KB - Virtual size: 43KB

.text
Size: 919KB - Virtual size: 919KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 19KB - Virtual size: 50KB

.idata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 312KB - Virtual size: 311KB

.reloc
Size: 43KB - Virtual size: 43KB