ace36e52dec837ddb334007529ef145276620cfbbea0100937f01c1ddac59d25

Sharing

Copy URL

Twitter E-mail

General

Target

ace36e52dec837ddb334007529ef145276620cfbbea0100937f01c1ddac59d25
Size

2.0MB
MD5

66b8950c9d1f733a0142b59df982a0e5
SHA1

2b90c538ec8c87c6407bd5e295210a566520724c
SHA256

ace36e52dec837ddb334007529ef145276620cfbbea0100937f01c1ddac59d25
SHA512

871f215d2ae47b9e9b7e53525bbed33b14dcf91dcc1c0d2d401ca597a30df6b74cedd8b9b991d587485eb56d8cadada9bd06b40e54cc770060db7a6f9e2daf70
SSDEEP

49152:jYQgaAyDS+EzeMdPStTboddLAgUZJU5c0Sdhd0MSdhQA:RgaAymNddLAPJU5cNdhd0MSdhQA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ace36e52dec837ddb334007529ef145276620cfbbea0100937f01c1ddac59d25

Files

ace36e52dec837ddb334007529ef145276620cfbbea0100937f01c1ddac59d25
.exe windows:4 windows x64 arch:x64

22d9778a7c641bb7254e707b2d08a7a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

Arc
BitBlt
CreateBrushIndirect
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
CreateFontIndirectW
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
ExtCreatePen
ExtFloodFill
FloodFill
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetObjectA
GetObjectW
GetTextExtentPoint32A
GetTextExtentPoint32W
LineTo
MoveToEx
Pie
PolyBezier
PolyPolyline
Polygon
Polyline
Rectangle
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportOrgEx
StretchBlt
TextOutA
TextOutW

gdiplus

GdipAddPathEllipse
GdipAlloc
GdipCloneBrush
GdipCloneImage
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipCreateLineBrush
GdipCreatePath
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePen1
GdipCreateSolidFill
GdipCreateTexture2
GdipDeleteBrush
GdipDeleteGraphics
GdipDeletePath
GdipDeletePen
GdipDisposeImage
GdipDrawArc
GdipDrawBeziers
GdipDrawCurve
GdipDrawEllipse
GdipDrawImageRectRect
GdipDrawLine
GdipDrawLines
GdipDrawPie
GdipDrawRectangle
GdipFillEllipse
GdipFillPie
GdipFillPolygon
GdipFillRectangle
GdipFree
GdipSetPathGradientCenterColor
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdiplusStartup

imm32

ImmGetContext
ImmSetCompositionWindow

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateEventW
CreateMutexA
CreateSemaphoreA
CreateThread
CreateWaitableTimerA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
EnumResourceNamesA
ExitProcess
FindAtomA
FindResourceA
FindResourceW
GetAtomNameA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetProcessAffinityMask
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetCriticalSectionSpinCount
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
SizeofResource
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcatW
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW

msimg32

GradientFill

msvcrt

__C_specific_handler
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_fmode
_ftime
_gmtime64
_initterm
_lock
_onexit
_setjmp
_unlock
_vsnprintf
_vswprintf
_wfopen
_time64
_write
abort
atof
atoi
calloc
exit
fclose
fflush
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
fwrite
longjmp
malloc
memcmp
memcpy
memmove
memset
printf
rand
realloc
remove
rename
signal
sprintf
srand
strcmp
strlen
strncmp
vfprintf
vsprintf
wcsstr

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture
OleLoadPicturePath

user32

BeginPaint
ClientToScreen
CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyWindow
DispatchMessageA
DrawTextA
DrawTextW
FillRect
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetKeyState
GetMessageA
GetParent
GetSystemMetrics
GetWindowLongPtrW
GetWindowRect
IsWindowVisible
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MessageBoxW
MoveWindow
PostMessageA
PostMessageW
PostQuitMessage
RegisterClassExA
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SendMessageW
SetCapture
SetCursor
SetFocus
SetTimer
SetWindowLongPtrW
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowWindow
TranslateMessage
UpdateWindow
ValidateRect
wsprintfW

Sections

.text
Size: 526KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 974KB - Virtual size: 974KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/105
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22d9778a7c641bb7254e707b2d08a7a3

Headers

File Characteristics

Imports

gdi32

gdiplus

imm32

kernel32

msimg32

msvcrt

ole32

oleaut32

user32

Sections

.text Size: 526KB - Virtual size: 525KB

.data Size: 89KB - Virtual size: 88KB

.rdata Size: 47KB - Virtual size: 47KB

.pdata Size: 14KB - Virtual size: 14KB

.xdata Size: 16KB - Virtual size: 16KB

.bss Size: - Virtual size: 30KB

.idata Size: 10KB - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 112B

.tls Size: 512B - Virtual size: 104B

.rsrc Size: 5KB - Virtual size: 5KB

/4 Size: 2KB - Virtual size: 1KB

/19 Size: 79KB - Virtual size: 79KB

/31 Size: 11KB - Virtual size: 11KB

/45 Size: 28KB - Virtual size: 27KB

/57 Size: 5KB - Virtual size: 4KB

/70 Size: 1KB - Virtual size: 1KB

/81 Size: 24KB - Virtual size: 23KB

/92 Size: 974KB - Virtual size: 974KB

/105 Size: 2KB - Virtual size: 1KB

.text
Size: 526KB - Virtual size: 525KB

.data
Size: 89KB - Virtual size: 88KB

.rdata
Size: 47KB - Virtual size: 47KB

.pdata
Size: 14KB - Virtual size: 14KB

.xdata
Size: 16KB - Virtual size: 16KB

.bss
Size: - Virtual size: 30KB

.idata
Size: 10KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 112B

.tls
Size: 512B - Virtual size: 104B

.rsrc
Size: 5KB - Virtual size: 5KB

/4
Size: 2KB - Virtual size: 1KB

/19
Size: 79KB - Virtual size: 79KB

/31
Size: 11KB - Virtual size: 11KB

/45
Size: 28KB - Virtual size: 27KB

/57
Size: 5KB - Virtual size: 4KB

/70
Size: 1KB - Virtual size: 1KB

/81
Size: 24KB - Virtual size: 23KB

/92
Size: 974KB - Virtual size: 974KB

/105
Size: 2KB - Virtual size: 1KB