323e77bb6fbcbfcbc3bab9a1df0f782183991135a78a584a9f23262fdba8851d

Sharing

Copy URL Twitter E-mail

General

Target

323e77bb6fbcbfcbc3bab9a1df0f782183991135a78a584a9f23262fdba8851d
Size

1.2MB
MD5

a675c04a8de2b4d795df07d258866a4c
SHA1

74e4f213bd2bb183e931830e7a3b3ae5cecff8fb
SHA256

323e77bb6fbcbfcbc3bab9a1df0f782183991135a78a584a9f23262fdba8851d
SHA512

6a6a74599d03c9f952505f4b120454d2a3098a5f18ceddf592f037a9e24c435c0ce3187844a9776bcd26ec16ac6f67e3c3247fcc2c4bc0ab9b2ba14665928b55
SSDEEP

24576:wUDWz5Rpa2UQHeZYZpfS9zNGM+gPlajhBdsU7uaGf8pHf:PDW1+23HmapfS92gPlalBl7bA8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
323e77bb6fbcbfcbc3bab9a1df0f782183991135a78a584a9f23262fdba8851d

Files

323e77bb6fbcbfcbc3bab9a1df0f782183991135a78a584a9f23262fdba8851d
.exe windows:5 windows x86 arch:x86

3099a2232114b787b2512a2fb177e6e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\worksconv\x86\ship\0\wkconv.pdb

Imports

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

user32

UnregisterClassA
DefWindowProcA
LoadCursorA
CreateWindowExW
ShowWindow
GetClientRect
GetDC
SetCaretPos
HideCaret
OffsetRect
GetMessageW
PeekMessageW
PostThreadMessageW
CopyImage
SetRect
CopyRect
DefWindowProcW
SetWindowPos
SetWindowRgn
EqualRect
EndPaint
BeginPaint
UnionRect
CreateWindowExA
GetWindowLongW
GetClassInfoExW
LoadCursorW
CallWindowProcW
SetFocus
IsChild
GetKeyState
RegisterClassExW
GetCursor
SetCursor
PostMessageA
LoadStringA
CharLowerA
KillTimer
GetUpdateRect
GetWindowPlacement
SetClipboardData
GetCaretBlinkTime
GetKeyboardLayout
ClientToScreen
CharNextExA
IsWindow
DestroyWindow
SetWindowLongW
RegisterClassA
SetTimer
GetCursorPos
CreateCaret
DestroyCaret
ScreenToClient
CharNextA
CharNextW
PtInRect
GetSysColor
FillRect
CloseClipboard
EnumClipboardFormats
GetClipboardOwner
OpenClipboard
EmptyClipboard
InvertRect
DispatchMessageA
TranslateMessage
MessageBeep
PeekMessageA
InflateRect
WindowFromPoint
GetSystemMetrics
GetWindowLongA
GetParent
IsWindowEnabled
GetClassNameA
SetWindowLongA
GetWindowRect
GetDesktopWindow
MoveWindow
ScrollDC
RegisterClipboardFormatA
UpdateWindow
WindowFromDC
GetWindowDC
IntersectRect
DrawTextA
InvalidateRect
GetAsyncKeyState
ReleaseDC
GetFocus
CharUpperA

kernel32

GlobalMemoryStatus
UnmapViewOfFile
GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc
GlobalAlloc
DuplicateHandle
GetCurrentProcess
GlobalFree
CreateEventW
SetEvent
WaitForSingleObject
WriteFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
CreateFileW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
LocalFree
GetCommandLineW
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
IsDBCSLeadByteEx
GetVersionExW
DeleteFileW
GetFileSize
SetFileAttributesW
CopyFileW
SetThreadPriority
LoadLibraryW
WideCharToMultiByte
GetTempFileNameW
GetTempPathW
CreateThread
FlushInstructionCache
FindResourceA
GetVersion
GetSystemDefaultLangID
CompareStringW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetOEMCP
GetCPInfo
InitializeCriticalSectionAndSpinCount
LoadLibraryA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
Sleep
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetACP
GetUserDefaultLCID
IsValidLocale
IsValidCodePage
ReadFile
DeleteFileA
lstrlenA
CreateFileA
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetFileAttributesA
GetVersionExA
MulDiv
OutputDebugStringA
GetProfileStringA
LocalAlloc
GetFullPathNameA
FindClose
FindFirstFileA
GetTempPathA
SetFileAttributesA
GetTempFileNameA
SetEndOfFile
CloseHandle
GetModuleHandleA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
IsDBCSLeadByte
GetFileAttributesW
GetFullPathNameW
GetProfileIntA
GetSystemDefaultLCID
InterlockedCompareExchange
IsProcessorFeaturePresent
GetProcessHeap

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance
CoUninitialize
OleSetClipboard
OleGetClipboard
WriteClassStg
OleConvertIStorageToOLESTREAM
CoGetMalloc
CreateBindCtx
OleCreate
OleCreateFromFile
OleCreateFromData
OleCreateStaticFromData
OleCreateLinkToFile
CoDisconnectObject
OleSetContainedObject
OleDuplicateData
OleRun
OleIsRunning
OleSave
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
OleIsCurrentClipboard
GetHGlobalFromStream
StgIsStorageFile
WriteFmtUserTypeStg
OleLoad
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleConvertOLESTREAMToIStorage
ReleaseStgMedium
StgCreateDocfile
OleFlushClipboard
StgOpenStorage
OleCreateLinkFromData

oleaut32

VariantChangeType
SysAllocStringLen
VariantClear
LoadTypeLi
OleCreatePropertyFrame
VarUI4FromStr
LoadRegTypeLi
SysStringLen
VariantInit
SysStringByteLen
SysAllocString
SysFreeString
DispGetIDsOfNames
DispInvoke

shell32

CommandLineToArgvW

gdi32

GetPath
PolyBezierTo
CloseFigure
StrokePath
StrokeAndFillPath
GetTextColor
GetKerningPairsA
GetCharWidthA
GetOutlineTextMetricsA
SetBitmapBits
GetCharWidthW
CreateFontW
ExtTextOutW
InvertRgn
CreateRectRgn
GetEnhMetaFileA
MaskBlt
GetNearestColor
GetBitmapBits
GetTextFaceA
FlattenPath
GetObjectType
GetClipRgn
SetRectRgn
OffsetRgn
GetRegionData
CreateFontIndirectW
EnumFontFamiliesExA
EnumFontFamiliesExW
CreateScalableFontResourceA
AddFontResourceA
RemoveFontResourceA
CreateDCW
CreateRectRgnIndirect
TextOutW
SetDIBitsToDevice
CreateEnhMetaFileW
CreateMetaFileW
GetCurrentObject
CopyEnhMetaFileW
GetWinMetaFileBits
PlayEnhMetaFile
EnumEnhMetaFile
GetEnhMetaFileW
SetEnhMetaFileBits
GetTextExtentPointW
EnumFontFamiliesW
EnumFontFamiliesA
CreatePalette
PlayEnhMetaFileRecord
GetTextCharsetInfo
GetTextCharset
DeleteMetaFile
TranslateCharsetInfo
GetTextFaceW
CreateDIBitmap
GetMapMode
IntersectClipRect
CreateFontIndirectA
SetTextCharacterExtra
SetPixelV
BeginPath
EndPath
SelectClipPath
CreatePolygonRgn
Pie
Chord
Arc
RoundRect
GetWindowExtEx
ExtEscape
ExtTextOutA
SetBkMode
Ellipse
PolyPolygon
Polyline
Polygon
CreateEnhMetaFileA
CloseEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetClipBox
GetViewportOrgEx
GetWindowOrgEx
GetMetaFileA
PlayMetaFile
CreateMetaFileA
SetStretchBltMode
StretchDIBits
CloseMetaFile
SetViewportExtEx
SetWindowOrgEx
SetWindowExtEx
EnumMetaFile
PlayMetaFileRecord
GetCurrentPositionEx
GetTextExtentPointA
GetTextAlign
SetMetaFileBitsEx
GetTextMetricsA
CreateFontA
GetViewportExtEx
SetTextAlign
GetEnhMetaFilePaletteEntries
GetPaletteEntries
DeleteEnhMetaFile
CreatePatternBrush
PatBlt
SetTextColor
CopyMetaFileA
GetDIBits
GetObjectA
MoveToEx
LineTo
SetAbortProc
StartPage
EndPage
Rectangle
StartDocA
LPtoDP
SelectClipRgn
AbortDoc
EndDoc
ResetDCA
CreateICA
CreateDCA
GetDeviceCaps
Escape
CreateCompatibleDC
SelectPalette
RealizePalette
CreateCompatibleBitmap
SetViewportOrgEx
SaveDC
CreateDIBSection
GdiFlush
RestoreDC
CreateBitmap
SetBkColor
CombineRgn
GetRgnBox
FillRgn
DPtoLP
UnrealizeObject
SetBrushOrgEx
BitBlt
CreatePen
CreateSolidBrush
SetROP2
SelectObject
GetStockObject
DeleteObject
GetMetaFileBitsEx
SetMapMode
SetWinMetaFileBits
CopyEnhMetaFileA
DeleteDC

comdlg32

CommDlgExtendedError
PrintDlgA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 27KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3099a2232114b787b2512a2fb177e6e0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

user32

kernel32

ole32

oleaut32

shell32

gdi32

comdlg32

winspool.drv

msvfw32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 27KB - Virtual size: 51KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 108KB - Virtual size: 112KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 27KB - Virtual size: 51KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 108KB - Virtual size: 112KB