de2f6215c646f09e0fd91a66c50c19f2933367f9e4532eeaf895d1881e339a89

Sharing

Copy URL

Twitter E-mail

General

Target

de2f6215c646f09e0fd91a66c50c19f2933367f9e4532eeaf895d1881e339a89
Size

1.0MB
MD5

f24654055dc202b72ad443744c2074e4
SHA1

ab7ea95fac1af92e18eb9143eb31514ec2c2595f
SHA256

de2f6215c646f09e0fd91a66c50c19f2933367f9e4532eeaf895d1881e339a89
SHA512

6beab2e697a972f5288e77178ae2183d7b2239c927305a69523cc246936016d3d48b3c072cbae8c071c7697f67217bcea6f045677e48dd36c2a4b770ad2df512
SSDEEP

12288:Izq3MboTm2ppP0ZOVztmN9xtuLakUc031kra8CxBFHobfe+yxG8i4AC6MPd0AFAV:ik0ZPCO8CnFHorehr0MARUU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de2f6215c646f09e0fd91a66c50c19f2933367f9e4532eeaf895d1881e339a89

Files

de2f6215c646f09e0fd91a66c50c19f2933367f9e4532eeaf895d1881e339a89
.exe windows:4 windows x86 arch:x86

5276d50d5d21e10c2fb587e3e87973c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
RtlUnwind
GetStartupInfoA
ExitProcess
HeapAlloc
HeapFree
RaiseException
GetTimeZoneInformation
GetSystemTime
TerminateProcess
ExitThread
HeapReAlloc
HeapSize
GetACP
FatalAppExitA
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetCurrentDirectoryA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
TlsGetValue
ResetEvent
PulseEvent
SleepEx
QueryPerformanceCounter
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
GlobalSize
SetErrorMode
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
MulDiv
DefineDosDeviceA
GetDiskFreeSpaceExA
SetVolumeLabelA
QueryDosDeviceW
QueryDosDeviceA
GetLogicalDrives
GetDriveTypeW
GetDriveTypeA
LoadLibraryW
GetProfileStringA
VirtualQueryEx
CreateProcessW
InterlockedExchangeAdd
InterlockedExchange
InterlockedCompareExchange
CreateProcessA
ReadProcessMemory
GetThreadPriority
GetPriorityClass
SetPriorityClass
TerminateThread
CopyFileW
CreateDirectoryW
MoveFileW
GetFileAttributesW
GetEnvironmentVariableW
GetTempPathW
GetTempPathA
GetCurrentDirectoryW
GetSystemDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FormatMessageW
FindResourceExA
SetLastError
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
FindResourceA
LoadResource
LockResource
GlobalFree
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
GlobalLock
GlobalUnlock
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
lstrcpyA
SetEndOfFile
UnlockFile
LockFile
DuplicateHandle
FormatMessageA
lstrlenA
InterlockedDecrement
InterlockedIncrement
OpenEventA
LeaveCriticalSection
EnterCriticalSection
AllocConsole
GetStdHandle
WriteConsoleA
FreeConsole
OutputDebugStringW
SetFilePointer
WriteFile
CreateFileW
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetComputerNameA
GetComputerNameW
FlushFileBuffers
CreateDirectoryA
GetFileAttributesExA
GetFileAttributesExW
DeviceIoControl
ReadFile
Sleep
MoveFileA
SetFileAttributesW
RemoveDirectoryW
MoveFileExW
CopyFileA
DeleteFileW
GetFileAttributesA
SetFileAttributesA
lstrcmpA
RemoveDirectoryA
MoveFileExA
DeleteFileA
GetSystemInfo
FindFirstFileA
FindNextFileA
GetLastError
LoadLibraryA
LocalFree
OpenProcess
GetCurrentProcess
CreateThread
GetSystemDirectoryA
GetModuleHandleW
GetFileInformationByHandle
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
GetTickCount
GetModuleFileNameW
GetLocalTime
GetCurrentProcessId
FindFirstFileW
lstrcmpW
FindNextFileW
FindClose
CreateFileA
CloseHandle
SetConsoleCtrlHandler

user32

ShowWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
LoadStringA
SetWindowPlacement
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CloseDesktop
SetThreadDesktop
GetThreadDesktop
OpenDesktopA
GetUserObjectInformationW
OpenInputDesktop
GetUserObjectInformationA
GetProcessWindowStation
CallWindowProcA
RemovePropA
EndPaint
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
TrackPopupMenu
BeginPaint
ModifyMenuA
SetMenuItemBitmaps
CloseWindowStation
SetProcessWindowStation
OpenWindowStationA
MoveWindow
MessageBoxA
MessageBoxW
SendMessageTimeoutA
EnumDesktopWindows
IsWindowVisible
GetWindowThreadProcessId
GetWindowLongA
GetParent
EnumWindows
EnumChildWindows
GetDesktopWindow
GetWindowTextA
GetWindowTextW
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
SendMessageA
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
EnableWindow
IsWindow
PostMessageA
DrawTextA
TabbedTextOutA
GrayStringA
MsgWaitForMultipleObjects
InsertMenuA
GetMenuStringA
RemoveMenu
GetClassNameA
PtInRect
wvsprintfA
LoadCursorA
SetCapture
ReleaseCapture
WaitMessage
WindowFromPoint
DeleteMenu
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
GetDialogBaseUnits
SetRectEmpty
DestroyIcon
PostThreadMessageA
RegisterClipboardFormatA
InflateRect
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
TranslateAcceleratorA
DefWindowProcA
LoadAcceleratorsA
CharToOemA
OemToCharA
wsprintfA
CharUpperA
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
GetWindowTextLengthA

gdi32

DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
PolylineTo
Escape
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetTextExtentPoint32A
GetTextMetricsA
PolyBezierTo
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
CreateFontIndirectA
SetColorAdjustment
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetBitmapBits
CreateCompatibleBitmap
GetDCOrgEx
ExtTextOutA
CreateBitmap

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegisterEventSourceA
DeregisterEventSource
LookupAccountSidW
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
GetAce
SetSecurityDescriptorDacl
LookupAccountNameW
RegSetKeySecurity
RegEnumValueA
RegQueryInfoKeyA
RegConnectRegistryA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueA
SetFileSecurityA
RegSetValueExA
RegOpenKeyA
GetUserNameA
GetTokenInformation
LookupAccountSidA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegQueryValueExA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCreateKeyW
RegOpenKeyW
RegSetValueExW
RegCloseKey
ReportEventA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA
SHGetSpecialFolderPathA
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
ReleaseStgMedium
CoRegisterMessageFilter
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CLSIDFromString
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoTreatAsClass
CLSIDFromProgID

olepro32

ord253

oleaut32

SysReAllocStringLen
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadTypeLi

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 812KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5276d50d5d21e10c2fb587e3e87973c6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

Sections

.text Size: 812KB - Virtual size: 809KB

.rdata Size: 120KB - Virtual size: 117KB

.data Size: 72KB - Virtual size: 96KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 812KB - Virtual size: 809KB

.rdata
Size: 120KB - Virtual size: 117KB

.data
Size: 72KB - Virtual size: 96KB

.rsrc
Size: 16KB - Virtual size: 12KB