05ad38f508d6ff1eabf7529f02e26e2cc75ba82f17bd8eb2a18aaba5971255e9

Sharing

Copy URL Twitter E-mail

General

Target

05ad38f508d6ff1eabf7529f02e26e2cc75ba82f17bd8eb2a18aaba5971255e9
Size

452KB
MD5

9addaab1aa91f7253e7cf1aa00cc4b12
SHA1

9d2ccfe73979cb638668de03f0b86fd2251f380f
SHA256

05ad38f508d6ff1eabf7529f02e26e2cc75ba82f17bd8eb2a18aaba5971255e9
SHA512

8a4f2ff5f1a23d92b442140b6b6f8bd5465ec0c25e0b92e5df245ff657aa74bdcb8afba6aab5caa398719072dcdc79b5fd07b5a7a4ec2a3a7d7d88b568c96d25
SSDEEP

6144:KjmuAhWvfYw6nuZKMsXRrssoZ4RdML0gnEVRlxrshSP8JOJXAOX:DwfYwMuZKJRrsETVRbssP8J2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ad38f508d6ff1eabf7529f02e26e2cc75ba82f17bd8eb2a18aaba5971255e9

Files

05ad38f508d6ff1eabf7529f02e26e2cc75ba82f17bd8eb2a18aaba5971255e9
.exe windows:4 windows x86 arch:x86

308a7477e3f399079069bd0d2e78ea27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapSize
GetFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
SetHandleCount
GetTimeZoneInformation
RaiseException
ExitProcess
GetStartupInfoA
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
SetErrorMode
GetFileSize
GetStdHandle
GetFileAttributesA
IsBadWritePtr
IsBadReadPtr
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
SetUnhandledExceptionFilter
GetFileType
TlsFree
lstrcpyA
WideCharToMultiByte
FreeLibrary
LoadLibraryA
GetProcAddress
FindFirstFileA
FindClose
GetCommandLineA
GetModuleFileNameA
GetCurrentDirectoryA
MulDiv
GetVersionExA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
lstrlenA
GetSystemDirectoryA
WinExec
CreateThread
DeleteFileA
GetCurrentProcess
OpenProcess
GetExitCodeProcess
TerminateProcess
CloseHandle
OutputDebugStringA
Sleep
WritePrivateProfileStringA
WritePrivateProfileSectionA
GetPrivateProfileStringA
GlobalReAlloc
LeaveCriticalSection
CompareStringW
TlsAlloc
GlobalHandle
GetProfileStringA
DeleteCriticalSection
GlobalAlloc
InitializeCriticalSection
LocalAlloc
lstrcmpA
GetCurrentThread
GetFullPathNameA
GetThreadLocale
SetEndOfFile
GetVolumeInformationA
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
GlobalFree
CreateFileA
DuplicateHandle
FormatMessageA
LocalFree
FileTimeToLocalFileTime
InterlockedDecrement
FileTimeToSystemTime
GlobalUnlock
InterlockedIncrement
GlobalLock
LoadResource
SetLastError
FindResourceA
lstrcatA
LockResource
GetVersion
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
lstrcpynA
GetModuleHandleA
SetEnvironmentVariableA
GetLastError
MultiByteToWideChar

user32

GetSysColorBrush
GetClassNameA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
GetDesktopWindow
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
LoadStringA
WindowFromPoint
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
CharUpperA
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
SetWindowTextA
SetDlgItemTextA
EndPaint
BeginPaint
GetWindowDC
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
PostThreadMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
ScreenToClient
ClientToScreen
TrackPopupMenu
DestroyMenu
GetWindowLongA
SetWindowLongA
GetClassInfoA
GetNextDlgGroupItem
RegisterClipboardFormatA
MessageBeep
CharNextA
SetRect
CopyAcceleratorTableA
SetActiveWindow
IsWindow
GetMenuItemCount
SetMenu
SetWindowRgn
GetDC
InflateRect
OffsetRect
ReleaseDC
PtInRect
LoadMenuA
GetSubMenu
ModifyMenuA
GetCursorPos
UpdateWindow
SetTimer
KillTimer
FindWindowA
IsIconic
GetWindowRect
SetWindowPos
ShowWindow
SetForegroundWindow
LoadIconA
wsprintfA
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
GetKeyState
GetParent
PostMessageA
SetCapture
LoadBitmapA
ReleaseCapture
InvalidateRect
DrawFocusRect
EnableWindow
SetCursor
RedrawWindow
SendMessageA
GetSystemMetrics
DrawIcon
GetClientRect
LoadImageA
GetSysColor
IsDialogMessageA
HideCaret
ShowCaret
UnregisterClassA
DefDlgProcA
IsWindowUnicode
ExcludeUpdateRgn

gdi32

StretchBlt
CreateCompatibleDC
PatBlt
SetBkMode
SetStretchBltMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
IntersectClipRect
LineTo
MoveToEx
GetObjectA
RestoreDC
CreateDIBitmap
GetTextColor
SetBkColor
SaveDC
GetDeviceCaps
DeleteDC
CreateRoundRectRgn
CreatePen
CreateSolidBrush
Rectangle
RoundRect
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateBitmap
GetPixel
LPtoDP
CreateCompatibleBitmap
GetMapMode
DPtoLP
GetBkColor
BitBlt
GetStockObject
CreateFontIndirectA
DeleteObject
SelectObject
SetTextColor
GetClipBox
GetTextExtentPointA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA

shell32

DragQueryFileA
SHGetPathFromIDListA
DragFinish
SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHGetFileInfoA

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord8

ole32

CoGetClassObject
OleFlushClipboard
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize
CoCreateInstance
CoRegisterMessageFilter
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoRevokeClassObject
OleIsCurrentClipboard
CoTaskMemFree

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

308a7477e3f399079069bd0d2e78ea27

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 48KB - Virtual size: 45KB