3236a5500ae359f9cbf939d7352bdd29e160a81266f88359429f4d0ecdcfdc97

Sharing

Copy URL

Twitter E-mail

General

Target

3236a5500ae359f9cbf939d7352bdd29e160a81266f88359429f4d0ecdcfdc97
Size

14.3MB
MD5

f0d176036b4638608212484c586a8f36
SHA1

6e836a8b8ef90b268d8ad0fc0092553c8e38df03
SHA256

3236a5500ae359f9cbf939d7352bdd29e160a81266f88359429f4d0ecdcfdc97
SHA512

7a21f8ce6b94a669712e8bcf1c59cf6b069d0bbf2f46ea5e4a6d47c18e5c735dac78edcd2fca81848eed78b3ae7501f05f5e12d0a818b37d134222fdd4d54c12
SSDEEP

393216:iwS6WiKWvXxHsScXsN9x06jh/vkiMplSb7lCxnxWKZNVs6umkt:iwS6BNMSccN9BZkbmch0k63J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3236a5500ae359f9cbf939d7352bdd29e160a81266f88359429f4d0ecdcfdc97

Files

3236a5500ae359f9cbf939d7352bdd29e160a81266f88359429f4d0ecdcfdc97
.exe windows:5 windows x86 arch:x86

137e31e4484fc09766993ecba8cf59f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetVersionExW
InterlockedDecrement
InterlockedIncrement
MulDiv
LocalFree
GlobalFree
SetLastError
GetModuleHandleW
GetVersionExA
lstrcmpW
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
WritePrivateProfileStringW
GetModuleHandleA
GetThreadLocale
FileTimeToSystemTime
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
SetErrorMode
GetTickCount
FormatMessageA
GetFileSizeEx
GetFileTime
GetStartupInfoW
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
GetSystemTimeAsFileTime
GetDriveTypeA
GetDriveTypeW
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
GetFullPathNameA
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
FormatMessageW
GetSystemInfo
GlobalMemoryStatus
GetModuleFileNameA
GetLocalTime
GlobalAlloc
GlobalLock
GlobalUnlock
OutputDebugStringW
QueryPerformanceCounter
FindNextFileW
FindFirstFileA
FindNextFileA
RemoveDirectoryW
RemoveDirectoryA
CreateDirectoryA
MoveFileW
MoveFileA
GetFileAttributesA
DeleteFileA
SetFileAttributesW
SetFileAttributesA
CopyFileA
CreateFileA
SetCurrentDirectoryW
SetCurrentDirectoryA
SetFilePointerEx
CreateEventA
Sleep
lstrlenW
SetThreadPriority
SuspendThread
ResumeThread
InterlockedExchange
TerminateThread
ResetEvent
PulseEvent
WaitForSingleObject
RaiseException
WriteConsoleW
GetStdHandle
SetEvent
GetCurrentProcessId
SetStdHandle
ExitProcess
FlushFileBuffers
GetCurrentThreadId
lstrlenA
SetThreadIdealProcessor
GetCurrentThread
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingW
DeleteFileW
GetLastError
CopyFileW
FreeLibrary
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetCriticalSectionSpinCount
InitializeCriticalSection
SetFileTime
WriteFile
WideCharToMultiByte
LocalFileTimeToFileTime
GetCurrentDirectoryW
ReadFile
CloseHandle
CreateFileW
GetFileAttributesW
SystemTimeToFileTime
SetFilePointer
CreateThread
CreateDirectoryW
DebugBreak
GetModuleFileNameW
GetCommandLineW
IsDebuggerPresent
GetFullPathNameW
CreateProcessW
lstrcatW
MultiByteToWideChar
FindClose
FindFirstFileW
FindResourceW
LoadResource
LockResource
FileTimeToLocalFileTime
SizeofResource

user32

RegisterClipboardFormatW
PostThreadMessageW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetParent
EndPaint
GetDlgCtrlID
CallWindowProcW
PtInRect
GetMenu
GetWindowLongW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetSysColor
ReleaseDC
GetDC
CopyRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageW
DispatchMessageW
TranslateMessage
DefWindowProcW
MessageBoxW
GetActiveWindow
GetWindowRect
SetWindowPos
ReleaseCapture
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
IsWindow
EnableWindow
PostQuitMessage
InvalidateRect
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
LoadIconW
DestroyMenu
TrackPopupMenu
wsprintfW
CreatePopupMenu
SendMessageW
UnregisterClassW
CharUpperW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
SetCapture
LoadCursorW
GetSysColorBrush
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetCursor
GetMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
IsWindowEnabled
RegisterWindowMessageW
SendDlgItemMessageW
EqualRect
SendDlgItemMessageA
GetForegroundWindow

gdi32

SetMapMode
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
RestoreDC
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateBitmap
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutW
GetObjectW
CreateRectRgnIndirect
ScaleViewportExtEx
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegQueryValueW
RegOpenKeyExW

shell32

SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHGetMalloc
ShellExecuteA
SHGetFolderPathW
SHCreateDirectoryExW

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

Sections

.text
Size: 760KB - Virtual size: 759KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.4MB - Virtual size: 13.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

137e31e4484fc09766993ecba8cf59f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 760KB - Virtual size: 759KB

.rdata Size: 207KB - Virtual size: 207KB

.data Size: 21KB - Virtual size: 287KB

.rsrc Size: 13.4MB - Virtual size: 13.4MB

.text
Size: 760KB - Virtual size: 759KB

.rdata
Size: 207KB - Virtual size: 207KB

.data
Size: 21KB - Virtual size: 287KB

.rsrc
Size: 13.4MB - Virtual size: 13.4MB