88e601acebc1b2336a7460f7e23d200e1b70c786602ffd794a426106c2a6b614

Sharing

Copy URL Twitter E-mail

General

Target

88e601acebc1b2336a7460f7e23d200e1b70c786602ffd794a426106c2a6b614
Size

717KB
MD5

0e13657ba6fcf9cb35cb95d965d45213
SHA1

9f9a9c34079541ee929525cd0987a715c18cbda4
SHA256

88e601acebc1b2336a7460f7e23d200e1b70c786602ffd794a426106c2a6b614
SHA512

864f9784dea1d25fcd930a4a5fd920d93bb87654a652a14766e22a31440638673f1a6b8713fe82c6ae2f13705a825a23a7666209c6216a4c68fd7693be5fc1ed
SSDEEP

12288:EJZo7MeZRI16bysruVi5kz9agf0SgVES6uRk0Ia4f3MqH:oZo7Mew1aysCVi5cgVia4fl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88e601acebc1b2336a7460f7e23d200e1b70c786602ffd794a426106c2a6b614

Files

88e601acebc1b2336a7460f7e23d200e1b70c786602ffd794a426106c2a6b614
.dll windows:5 windows x86 arch:x86

e5477e28b09b05562221fb7ef9f53e34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileTime
WritePrivateProfileStringW
RtlUnwind
HeapFree
HeapAlloc
RaiseException
GetCommandLineA
HeapReAlloc
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
GetFileSizeEx
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
lstrlenA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
VirtualProtect
WideCharToMultiByte
FormatMessageW
LocalFree
GetCurrentProcessId
MulDiv
GetModuleHandleA
lstrlenW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
GlobalHandle
GetLastError
OpenFile
_lclose
WaitForSingleObject
ReleaseMutex
GetModuleHandleW
GetDiskFreeSpaceA
GlobalFree
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteFileW
GetWindowsDirectoryW
GetDiskFreeSpaceExW
CreateThread
SetThreadPriority
CloseHandle
GetCurrentThreadId
GetTempPathW
CreateDirectoryW
Sleep
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
FindResourceExW
SetLastError
GetModuleFileNameW
GetUserDefaultLangID
GetLocaleInfoW
LoadResource
LockResource
SizeofResource
FindResourceW
LCMapStringW
MultiByteToWideChar

user32

GetMessageW
ValidateRect
PostQuitMessage
CharUpperW
MapDialogRect
GetAsyncKeyState
EndPaint
BeginPaint
ReleaseDC
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowLongW
EnumChildWindows
SendMessageW
EnableWindow
GetSysColor
SetWindowRgn
DrawEdge
GetNextDlgGroupItem
PostMessageW
ClientToScreen
GetCapture
GetCursorPos
WindowFromPoint
OffsetRect
DrawFocusRect
RedrawWindow
GrayStringW
DrawTextExW
GetSysColorBrush
DestroyMenu
DrawTextW
TabbedTextOutW
UnregisterClassW
GetClientRect
SetTimer
KillTimer
GetFocus
wsprintfW
LoadBitmapW
GetDC
GetSystemMetrics
GetWindowRect
ShowScrollBar
InvalidateRect
ReleaseCapture
FillRect
SetCapture
GetParent
DispatchMessageW
TranslateMessage
PeekMessageW
PtInRect
SetCursor
SetActiveWindow
MessageBoxW
ScreenToClient
SetWindowPos
IsWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SystemParametersInfoW
AllowSetForegroundWindow
SetForegroundWindow
InflateRect
GetScrollRange
SetScrollPos
GetScrollPos
LoadCursorW
UnhookWindowsHookEx

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
EnumFontFamiliesExW
MoveToEx
LineTo
SetMapMode
DeleteObject
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetPixel
SelectObject
SelectClipRgn
DeleteDC
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StretchDIBits
StretchBlt
CreateDCW
CreateCompatibleBitmap
CreateDIBSection
GetDeviceCaps
CombineRgn
CreateRectRgn
CreateFontW
StrokePath
EndPath
BeginPath
GetBkColor
CreatePen
BitBlt
CreateCompatibleDC
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

comctl32

_TrackMouseEvent

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

DS_Entry

Sections

.text
Size: 481KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5477e28b09b05562221fb7ef9f53e34

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 481KB - Virtual size: 480KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 13KB - Virtual size: 34KB

.rsrc Size: 72KB - Virtual size: 72KB

.reloc Size: 48KB - Virtual size: 47KB

.text
Size: 481KB - Virtual size: 480KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 13KB - Virtual size: 34KB

.rsrc
Size: 72KB - Virtual size: 72KB

.reloc
Size: 48KB - Virtual size: 47KB