f73ff13cc042fcf1849c03504051c585f8549d549683848b5dc22b0ceb31bf8a

Sharing

Copy URL

Twitter E-mail

General

Target

f73ff13cc042fcf1849c03504051c585f8549d549683848b5dc22b0ceb31bf8a
Size

3.8MB
MD5

17ddab48231f8c7d34079a1e3ed31086
SHA1

04ecad18310309a2358098fe422a5ee694926724
SHA256

f73ff13cc042fcf1849c03504051c585f8549d549683848b5dc22b0ceb31bf8a
SHA512

550411ba09091c0a1992502fac57a7c80786558c0c99d4f8534a5a4512adc6726a2e9023be3256b9f7ea70c4cd8414d3acb76458862dc54a85c7c1f8a79f0258
SSDEEP

98304:Gl9hYLYMlXCzeXekffPL8OpdfLC+0anTwLK:G+YeXjbp04f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f73ff13cc042fcf1849c03504051c585f8549d549683848b5dc22b0ceb31bf8a

Files

f73ff13cc042fcf1849c03504051c585f8549d549683848b5dc22b0ceb31bf8a
.exe windows:5 windows x86 arch:x86

54f7685803dde7fdb8d94c2053991847

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Read
ImageList_Remove
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_Write
ord17
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_SetIconSize
ImageList_Destroy

version

GetFileVersionInfoW
VerQueryValueA
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalFileTimeToFileTime
LocalSize
LockResource
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
MapViewOfFile
MoveFileA
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingA
GetUserDefaultLCID
OpenProcess
OutputDebugStringW
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SetVolumeLabelA
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
IsValidCodePage
GetConsoleCP
HeapReAlloc
GetOEMCP
WriteFile
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentProcess
GetVersion
RtlUnwind
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathA
GetSystemTime
GetSystemDirectoryA
GetStringTypeExW
GetStringTypeExA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetPriorityClass
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocalTime
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetDriveTypeA
CloseHandle
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCPInfo
GetComputerNameA
GetCommandLineW
GetCommandLineA
GetACP
FreeResource
FreeLibrary
FormatMessageW
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
EnumCalendarInfoA
EnterCriticalSection
GetTempFileNameA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
ExitProcess
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
OpenMutexW

user32

PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SendMessageTimeoutA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExA
SetWindowTextA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WindowFromPoint
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
OemToCharBuffA
OemToCharA
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyA
LoadStringA
PostThreadMessageA
LoadImageA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetMessageW
GetMessageTime
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetLastActivePopup
GetKeyState
GetKeyNameTextA
GetKeyboardType
GetKeyboardState
GetKeyboardLayoutNameA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowW
FindWindowA
FillRect
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
LoadKeyboardLayoutA
EqualRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextA
DrawMenuBar
PostQuitMessage
GetKeyboardLayoutList

gdi32

GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectA
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextExtentPointA
GetTextFaceA
GetTextMetricsA
GetDeviceCaps
GetWinMetaFileBits
IntersectClipRect
LineTo
LPtoDP
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
RealizePalette
Rectangle
RectVisible
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
SetWinMetaFileBits
StartDocA
StartPage
StretchBlt
TextOutA
UnrealizeObject
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExcludeClipRect
EndPage
EndDoc
GetWindowOrgEx
DeleteObject

winspool.drv

OpenPrinterW
SetPortA
SetPortW
XcvDataW
WaitForPrinterChange
WritePrinter
StartPagePrinter
StartDocPrinterW
StartDocPrinterA
SetPrinterW
SetPrinterDataW
SetPrinterDataExW
SetPrinterDataExA
SetPrinterA

advapi32

InitializeSecurityDescriptor
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
SetSecurityDescriptorDacl
RegFlushKey

ole32

CoTaskMemAlloc
StringFromCLSID
ProgIDFromCLSID
OleSetMenuDescriptor
OleDraw
IsAccelerator
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

VariantInit

Sections

.text
Size: 428KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lol524
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54f7685803dde7fdb8d94c2053991847

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

Sections

.text Size: 428KB - Virtual size: 424KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 12.1MB

.data1 Size: 4KB - Virtual size: 537B

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.lol524 Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 428KB - Virtual size: 424KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 12.1MB

.data1
Size: 4KB - Virtual size: 537B

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.lol524
Size: 2.0MB - Virtual size: 2.0MB