c675ee914a2054b3c4bba4129a4ead4931d01562143b0d29d3b218f9bfcd8521

Sharing

Copy URL

Twitter E-mail

General

Target

c675ee914a2054b3c4bba4129a4ead4931d01562143b0d29d3b218f9bfcd8521
Size

427KB
MD5

271276421499fcc0e0a467acb1ca5ec8
SHA1

49eb08f3f5bf64888c67977d6124d88eae5bf96a
SHA256

c675ee914a2054b3c4bba4129a4ead4931d01562143b0d29d3b218f9bfcd8521
SHA512

ed039fd033eb4b6cb3a2275cbeccba067fb26766e7a35a2016a322bfc3cfe510048746b699b300cfdf7db25bd925b7846111fb899c5039cc20dadaa9df1b0e41
SSDEEP

6144:0YhL+Jt8aHM+/RPrp9XM19NQwM9ZnwLq4klO5j5SXHkggv04j:HWLBrp9MQN9ZwLqb6Nn/s4j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c675ee914a2054b3c4bba4129a4ead4931d01562143b0d29d3b218f9bfcd8521

Files

c675ee914a2054b3c4bba4129a4ead4931d01562143b0d29d3b218f9bfcd8521
.exe windows:5 windows x86 arch:x86

d2ff5200ecbe3b7b8e82f2767452aa84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetVersion
SetProcessWorkingSetSize
LocalAlloc
Sleep
TerminateProcess
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleHandleA
FlushFileBuffers
SetStdHandle
CreateFileA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
HeapCreate
IsValidCodePage
GetOEMCP
GetFileSize
GetCPInfo
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
WaitForSingleObject
GetStartupInfoW
IsDebuggerPresent
UnhandledExceptionFilter
CreateThread
ExitThread
HeapSize
HeapReAlloc
HeapDestroy
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
CreateFileMappingW
GetLocalTime
FileTimeToSystemTime
WriteFile
SystemTimeToFileTime
UnmapViewOfFile
MapViewOfFile
SetFilePointer
ReadFile
FreeResource
lstrlenA
FindResourceExW
LockResource
WideCharToMultiByte
lstrcmpW
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
CreateMutexW
SetUnhandledExceptionFilter
SetErrorMode
OutputDebugStringA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetLastError
RaiseException
lstrcmpiW
lstrlenW
FreeLibrary
CreateDirectoryW
OpenProcess
GetACP
GetTickCount
CreateProcessW
GetCurrentProcessId
GetModuleFileNameW
CloseHandle
GetProcAddress
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
DeleteFileW
SetFileAttributesW
GetFileAttributesExW
WriteProcessMemory
ResumeThread
VirtualProtect
VirtualAlloc
VirtualFree
VirtualQuery
SetThreadContext
GetThreadContext
DeleteFileA
SetFileAttributesA
GetSystemDirectoryW
GetVolumeInformationW
GetComputerNameW
InterlockedCompareExchange
GetPrivateProfileStringW
IsBadReadPtr
FlushInstructionCache
RtlUnwind
GetCurrentProcess

user32

GetParent
GetClientRect
MoveWindow
LoadCursorW
BeginPaint
EndPaint
CallWindowProcW
WindowFromPoint
GetForegroundWindow
UnregisterClassA
SendMessageW
SetTimer
DestroyWindow
GetAncestor
PostQuitMessage
CharNextW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
RegisterClassExW
DestroyAcceleratorTable
DefWindowProcW
GetWindowLongW
SetWindowLongW
GetWindowThreadProcessId
GetKeyState
SetLayeredWindowAttributes
SetActiveWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
EnableWindow
IsWindowEnabled
GetActiveWindow
EqualRect
DrawFrameControl
OffsetRect
DrawIconEx
SetRect
DrawTextW
GetDlgCtrlID
CopyRect
GetSystemMetrics
LoadIconW
KillTimer
PtInRect
GetCursorPos
SystemParametersInfoW
GetWindowRect
DestroyIcon
ShowWindow
IsWindowVisible
PostThreadMessageW
SetCursor
CreateDialogParamW
InflateRect
LoadBitmapW
LoadImageW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
IsWindow
GetClassNameW
GetSysColor
SetWindowPos
RedrawWindow
GetClassInfoExW
CreateWindowExW
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
SetCapture
ReleaseCapture
FillRect
InvalidateRgn
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow

gdi32

GetClipRgn
MoveToEx
LineTo
GetTextExtentPoint32W
TextOutW
SelectClipRgn
RectInRegion
SetBkMode
CreateRectRgnIndirect
CombineRgn
CreateFontW
CreateFontIndirectW
CreatePen
Rectangle
CreateDIBSection
CreateBitmap
StretchBlt
SetTextColor
CreateRectRgn
SaveDC
RestoreDC
ExtTextOutW
SetBkColor
CreateSolidBrush
CreateCompatibleBitmap
GetStockObject
GetObjectW
GetDeviceCaps
BitBlt
SelectObject
CreateCompatibleDC
DeleteDC
DeleteObject
RoundRect

advapi32

RegEnumKeyExW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW

shell32

SHGetFileInfoW
SHGetFileInfoA
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
StringFromGUID2
OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
OleLockRunning

oleaut32

VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
SysAllocString
SysFreeString
VarUI4FromStr
SysAllocStringLen
VarBstrCmp

shlwapi

PathUnExpandEnvStringsW
PathUnquoteSpacesW
PathRemoveArgsW
StrStrW
PathAddExtensionW
PathRemoveExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathFileExistsA
StrToIntW
SHDeleteValueW
StrToIntA
SHDeleteKeyW
PathFindFileNameW
SHSetValueW
SHGetValueW
PathAppendW

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectRectI
GdipFree
GdipAlloc
GdipCloneImage
GdipGetImageWidth
GdipLoadImageFromFile
GdipRotateWorldTransform
GdipDrawImageI
GdipSetPageScale
GdipSetPageUnit
GdipSetSmoothingMode
GdipLoadImageFromStream
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDisposeImage
GdipDrawImageRectI
GdipGetImageHeight

Sections

.text
Size: 268KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2ff5200ecbe3b7b8e82f2767452aa84

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

Sections

.text Size: 268KB - Virtual size: 161KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 268KB - Virtual size: 161KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 26KB - Virtual size: 26KB