e2e4868b8cbfa9a2fe711b80f5db4ba72623e509215fc590f4329b427c7ab53c

Sharing

Copy URL

Twitter E-mail

General

Target

e2e4868b8cbfa9a2fe711b80f5db4ba72623e509215fc590f4329b427c7ab53c
Size

782KB
MD5

0c8f330abadf4006448ad18b4bae2ee7
SHA1

dfb935897f027efa76b0052ee0543a2215f09c17
SHA256

e2e4868b8cbfa9a2fe711b80f5db4ba72623e509215fc590f4329b427c7ab53c
SHA512

0d2050691d7794f330e2a6d8a1dbd0053b09614c6859011b11d6368f8bb2a29f1b6b93a0dc41bb8abeec5415af825293a6346ec9d0001a992ffdbf9064a62b09
SSDEEP

12288:ZsdB2j59afDZYwb7dnXyCvqCxIViMBhXVRq/MqmjCWuMLmeTuC7n3a4TQ:Z2B2Nc1Ywb7hXycRxIp/VRuMjzLD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2e4868b8cbfa9a2fe711b80f5db4ba72623e509215fc590f4329b427c7ab53c

Files

e2e4868b8cbfa9a2fe711b80f5db4ba72623e509215fc590f4329b427c7ab53c
.exe windows:5 windows x86 arch:x86

c3d6d69c210e521813cc5203ba308fbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetDriveTypeA
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetSystemInfo
CreateFileA
UnmapViewOfFile
FindFirstFileA
FindClose
LoadLibraryA
Sleep
FreeLibrary
FreeConsole
OpenProcess
VirtualAllocEx
MulDiv
LocalFree
ReadProcessMemory
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
SetLastError
GetModuleFileNameA
GetCurrentProcessId
GetVersionExA
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
GetThreadLocale
FileTimeToSystemTime
lstrcmpA
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
WaitForSingleObject
GetModuleHandleW
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetTickCount
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitProcess
RaiseException
GetCommandLineA
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
GetStdHandle
GetTimeZoneInformation
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
VirtualFreeEx
CloseHandle
GetModuleHandleA
GetProcAddress
GetCurrentProcess
DeleteFileA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedDecrement
GetProcessHeap
HeapFree
FormatMessageA
InterlockedIncrement

user32

IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
CharNextA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetActiveWindow
GetDesktopWindow
PostQuitMessage
ValidateRect
GetCursorPos
TranslateMessage
GetMessageA
SetCursor
MapDialogRect
SetWindowContextHelpId
DestroyMenu
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
LoadCursorA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRect
InvalidateRgn
SetCapture
ReleaseCapture
CharUpperA
GetNextDlgGroupItem
SendDlgItemMessageA
RegisterClipboardFormatA
PostThreadMessageA
SetMenuItemBitmaps
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
DefWindowProcA
CallNextHookEx
EnableWindow
SendMessageA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
CallWindowProcA
PostMessageA
CreateWindowExA
GetClassInfoExA
SetWindowLongA
GetWindowLongA
FindWindowExA
FindWindowA
GetWindowThreadProcessId
DrawIcon
AppendMenuA
GetSystemMenu
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
PtInRect
wsprintfA
GetDlgCtrlID
MessageBeep
UpdateWindow

shell32

ShellExecuteA

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoUninitialize
OleRun
OleInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocString
VariantInit
SysStringByteLen
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
SysAllocStringByteLen
VariantCopy
SysStringLen
SysAllocStringLen
OleCreateFontIndirect
SafeArrayDestroy
GetErrorInfo

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

wldap32

ord143
ord60
ord50
ord22
ord211
ord26
ord30
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200

ws2_32

ntohl
getaddrinfo
freeaddrinfo
connect
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
htonl
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
socket

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetMapMode
DeleteObject
GetViewportExtEx
GetWindowExtEx
RestoreDC
SaveDC
ExtTextOutA
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetMapMode
GetRgnBox
CreateRectRgnIndirect
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey

Sections

.text
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3d6d69c210e521813cc5203ba308fbc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdi32

winspool.drv

comdlg32

advapi32

Sections

.text Size: 540KB - Virtual size: 540KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 55KB - Virtual size: 54KB

.text
Size: 540KB - Virtual size: 540KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 55KB - Virtual size: 54KB