9ba21a7d87688f175f07100136e3584086f8a8063b28a9638f05ecdacc71be27

Sharing

Copy URL Twitter E-mail

General

Target

9ba21a7d87688f175f07100136e3584086f8a8063b28a9638f05ecdacc71be27
Size

296KB
MD5

551d14f2b14fbcc0fbb5e76795032f52
SHA1

bd4316267578a23628d020a7d7fada8313c6fba3
SHA256

9ba21a7d87688f175f07100136e3584086f8a8063b28a9638f05ecdacc71be27
SHA512

471137ca68710580491f9d36bb0e0bb2cc9fc094f93e6be1957af8746f977c6694d1da12b887a7fbb7410d5101b0d656423ebdec705ba3811989bdd1b71a7ee4
SSDEEP

3072:nRWV8jWTo2/5LAOk7/eiaZsInmYfbqtbI6vvJe28RzJUDFRkt2jHvo8X+PE69ZDr:RWVxn/k7/ynmYzqtSrORLWPE6nD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ba21a7d87688f175f07100136e3584086f8a8063b28a9638f05ecdacc71be27

Files

9ba21a7d87688f175f07100136e3584086f8a8063b28a9638f05ecdacc71be27
.exe windows:4 windows x86 arch:x86

b25a5ee3a15c36f5a27eec1e7f548075

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
RaiseException
HeapAlloc
GetProfileStringA
InterlockedExchange
HeapFree
ExitProcess
RtlUnwind
GetTickCount
SetErrorMode
GetFileTime
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
SetLastError
GetThreadLocale
GetFullPathNameA
lstrcpynA
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
WriteFile
DuplicateHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
WinExec
CopyFileA
CreateThread
GetModuleFileNameA
GetFileSize
lstrlenA
lstrcmpiA
lstrcpyA
lstrcatA
FlushFileBuffers
GetShortPathNameA
DefineDosDeviceA
MultiByteToWideChar
WideCharToMultiByte
GetVolumeInformationA
GetVersionExA
CreatePipe
GetStartupInfoA
CreateProcessA
WaitForSingleObject
ReadFile
FindFirstFileA
FindNextFileA
FindClose
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateProcess
GetCurrentProcess
GetLastError
Sleep
GetLocalTime
CreateFileA
DeviceIoControl
CloseHandle
GetFileType
OpenProcess

user32

GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowRect
LoadIconA
SendMessageA
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetDlgItem
IsWindowEnabled
SetWindowTextA
DrawMenuBar
DeleteMenu
GetMenu
GetMenuItemCount
OpenClipboard
EmptyClipboard
CloseClipboard
KillTimer
SetForegroundWindow
IsIconic
PostQuitMessage
PostThreadMessageA
RegisterClipboardFormatA
GetDlgCtrlID
InvalidateRect
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
GetWindowTextA
wsprintfA
GetClassNameA
PostMessageA
TranslateMessage
PeekMessageA
FindWindowA
DispatchMessageA
GetWindowLongA
DefDlgProcA
IsWindowUnicode
EnumWindows
GetWindowThreadProcessId
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
InflateRect
LoadStringA
DestroyMenu
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
CharUpperA
MapDialogRect
GetWindowPlacement
SetWindowContextHelpId
GetDC
ReleaseDC
ValidateRect
GetCursorPos
CallWindowProcA
SetCursor
GetMessageA

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptDecrypt
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA

shell32

SHGetFileInfoA
ShellExecuteExA
SHGetSpecialFolderPathA

comctl32

ImageList_ReplaceIcon
ImageList_Remove
ImageList_GetImageCount
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromCLSID
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromString

olepro32

ord253

oleaut32

SysAllocStringLen
SysFreeString
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen

psapi

GetModuleFileNameExA
EnumProcessModules

api2xxx_dll_m

ord24
ord27
ord8
ord9
ord3
ord2

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b25a5ee3a15c36f5a27eec1e7f548075

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

psapi

api2xxx_dll_m

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 24KB - Virtual size: 148KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 24KB - Virtual size: 148KB

.rsrc
Size: 28KB - Virtual size: 26KB