ce7312503ef9e1a9148e1e82219ff987e52f0ddbe4dd6582a501a299cd41ee68

Sharing

Copy URL Twitter E-mail

General

Target

ce7312503ef9e1a9148e1e82219ff987e52f0ddbe4dd6582a501a299cd41ee68
Size

1.8MB
MD5

57d893539d8bb4af5119f237bd435379
SHA1

1793190482328ad0a85b8d381bdd3bd1eb15db19
SHA256

ce7312503ef9e1a9148e1e82219ff987e52f0ddbe4dd6582a501a299cd41ee68
SHA512

11169b536c6adb8a0a5280cf129feacac82446940be4c6f99d41743cb4c29974cab58a35d25952130a996eaf29be5a4bf4990f93685c2ec0d97dc0e8aa10e78c
SSDEEP

49152:e9m3cj4CD4CxuMA6TP3C3U43sX7nk3UmSF7VFjvt/CRAEJtxXzFP7EEFk:HCD4CxE6TfL43sX7nk3UmSF77j1wxXz3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce7312503ef9e1a9148e1e82219ff987e52f0ddbe4dd6582a501a299cd41ee68

Files

ce7312503ef9e1a9148e1e82219ff987e52f0ddbe4dd6582a501a299cd41ee68
.exe windows:5 windows x86 arch:x86

a2e9d01a3d7609a21c19ecf75e4a7186

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntwdblib

ord11
ord69
ord17
ord76
ord66
ord25
ord55
ord70
ord48
ord71
ord150
ord36
ord93
ord9
ord20
ord41
ord53
ord30
ord14
ord31
ord149
ord51
ord43
ord58

kernel32

SetEndOfFile
IsProcessorFeaturePresent
WaitForSingleObject
CreateEventA
FreeLibrary
GetProcAddress
GetModuleHandleW
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
SizeofResource
LockResource
LoadResource
FindResourceW
SetLastError
DeactivateActCtx
GetLastError
LoadLibraryA
ActivateActCtx
CompareStringA
WideCharToMultiByte
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
MultiByteToWideChar
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
GetModuleHandleA
lstrlenA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
lstrcmpW
LoadLibraryW
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
MulDiv
GlobalFlags
LocalAlloc
LocalFree
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
lstrlenW
FormatMessageA
GlobalSize
CopyFileA
InterlockedIncrement
lstrcpyA
GetThreadLocale
lstrcmpiA
LockFile
UnlockFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
RtlUnwind
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
ExitProcess
ExitThread
HeapQueryInformation
HeapSize
VirtualAlloc
SetStdHandle
GetFileType
SetEvent
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTimeZoneInformation
GetStringTypeW
CompareStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
RaiseException
GetSystemInfo
VirtualQuery
IsBadReadPtr
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetModuleFileNameA
GetLocalTime
Sleep
GetTickCount
CreateThread
GetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
TerminateThread
FileTimeToSystemTime
GetFileTime
ReadFile
WriteFile
CloseHandle
DeleteFileA
SetFilePointer
GetFileSize
FlushFileBuffers
CreateDirectoryA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree

user32

ReleaseDC
GetWindowDC
BeginPaint
EndPaint
DeleteMenu
InsertMenuA
RealChildWindowFromPoint
RemoveMenu
AppendMenuA
GetMenuStringA
InvalidateRect
SetTimer
KillTimer
SetRectEmpty
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
LoadCursorA
GetSysColorBrush
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperA
CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
InflateRect
GetMenuItemInfoA
DestroyMenu
UnregisterClassA
IsZoomed
SetWindowRgn
RedrawWindow
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
GetSystemMenu
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
GetDC
GetIconInfo
CopyImage
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
ShowWindow
MoveWindow
SetWindowTextA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
EnableScrollBar
FillRect
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetWindowLongA
SetWindowPos
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
PostMessageA
wsprintfA
GetSystemMetrics
LoadIconW
EnableWindow
GetClientRect
GetWindowRect
IsIconic
SendMessageA
DrawIcon
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
GetWindow
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
IsDialogMessageA
IsWindowVisible

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetFileInfoA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoCreateGuid
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString

comdlg32

GetFileTitleA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

dbghelp

MiniDumpWriteDump

ws2_32

WSAEventSelect
closesocket
WSACreateEvent
WSACloseEvent
socket
WSAGetLastError
inet_addr
htons
inet_ntoa
gethostbyname
WSAStartup
connect
ioctlsocket
send
listen
bind
htonl
accept
recv
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
shutdown
setsockopt
WSACleanup

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipAlloc
GdipGetImageWidth
GdipDisposeImage
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipGetImageHeight
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

gdi32

Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
DPtoLP
PatBlt
GetMapMode
PtInRegion
SetRectRgn
GetRgnBox
GetTextColor
GetBkColor
GetTextExtentPoint32A
EnumFontFamiliesExA
EnumFontFamiliesA
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
CreateDCA
CopyMetaFileA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
LPtoDP
GetWindowOrgEx
GetTextCharsetInfo
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
CombineRgn
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
GetTextFaceA
SetPixelV

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

oleaut32

VarBstrFromDate
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
OleCreateFontIndirect
SysAllocStringByteLen
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2e9d01a3d7609a21c19ecf75e4a7186

Headers

DLL Characteristics

File Characteristics

Imports

ntwdblib

kernel32

user32

shell32

ole32

comdlg32

msimg32

comctl32

shlwapi

oledlg

dbghelp

ws2_32

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

oleaut32

advapi32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 283KB - Virtual size: 282KB

.data Size: 34KB - Virtual size: 80KB

.rsrc Size: 14KB - Virtual size: 14KB

.reloc Size: 173KB - Virtual size: 173KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 283KB - Virtual size: 282KB

.data
Size: 34KB - Virtual size: 80KB

.rsrc
Size: 14KB - Virtual size: 14KB

.reloc
Size: 173KB - Virtual size: 173KB