cae593652c8b6c1a09641f1b4e310c5a9d6c799bc1c118d755855e4329db3347

Sharing

Copy URL Twitter E-mail

General

Target

cae593652c8b6c1a09641f1b4e310c5a9d6c799bc1c118d755855e4329db3347
Size

744KB
MD5

d410ec156938bbf1d5c413e48f296cab
SHA1

d97373d66c80d11134df45166a66fe6d2ff2dd71
SHA256

cae593652c8b6c1a09641f1b4e310c5a9d6c799bc1c118d755855e4329db3347
SHA512

7b209497cf35f65f45340afdb83faf6abb55f68db7c767c57cd7b9ec1af63be76b17b4f43d282409f2e383af9c775d0e6f2c2a87902c1e08c9acf4319fca516d
SSDEEP

12288:xHKOKRFIs7Y8h1IMaFPf0GKTisO0yMimnR0c/0t122LO:xbS7Y8h6MaFPMGKisgWR0c/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cae593652c8b6c1a09641f1b4e310c5a9d6c799bc1c118d755855e4329db3347

Files

cae593652c8b6c1a09641f1b4e310c5a9d6c799bc1c118d755855e4329db3347
.exe windows:4 windows x86 arch:x86

d0712e154e79e85170f7d3f9b4561311

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetTimeZoneInformation
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceExA
GetOEMCP
GetCPInfo
SetErrorMode
GetFileTime
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
ExitThread
CreateThread
InterlockedExchange
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
LocalFree
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
MulDiv
GetModuleHandleA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
CloseHandle
GetLastError
SetLastError
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
lstrcpynA
GetLocalTime
lstrcpyA
lstrcatA
lstrlenA
GetTickCount
WaitForMultipleObjects
ResetEvent
SetEvent
CreateEventA
GetPrivateProfileStringA
lstrcmpA
GetVersionExA
Sleep
WriteFile
GetFileSize
SetFilePointer
ReadFile
CreateFileA
DeleteFileA
GetTempPathA
GetTempFileNameA
GetCurrentDirectoryA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetDriveTypeA
GetFileAttributesA
CreateMutexA
WaitForSingleObject
GetFileType

user32

GetCapture
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EqualRect
IsWindow
GetSysColor
MapWindowPoints
CreateDialogIndirectParamA
EndDialog
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
GetAsyncKeyState
MapDialogRect
GetClassNameA
GetSysColorBrush
LoadStringA
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
IsIconic
GetWindowPlacement
GetWindowRect
EndPaint
BeginPaint
CharUpperA
UnhookWindowsHookEx
ShowWindow
WinHelpA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
ShowOwnedPopups
PostQuitMessage
GetDesktopWindow
PtInRect
SetWindowLongA
SetMenu
EnableMenuItem
DrawMenuBar
AdjustWindowRectEx
SystemParametersInfoA
LoadIconA
GetMenu
SetActiveWindow
GetSystemMetrics
SetWindowPos
SetFocus
EnableWindow
PostMessageA
IsRectEmpty
GetParent
SendMessageA
SetRectEmpty
GrayStringA
DrawTextA
TabbedTextOutA
SetCursor
OffsetRect
IntersectRect
CopyRect
SetCursorPos
GetCursorPos
ClientToScreen
ScreenToClient
GetClientRect
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
ChangeDisplaySettingsA
wvsprintfA
UnionRect
SetRect
wsprintfA
GetDC
ReleaseDC
MessageBoxA
LoadCursorA
UpdateWindow
GetFocus
UnregisterClassA

gdi32

SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetStockObject
GetObjectA
EnumFontFamiliesExA
RestoreDC
SaveDC
CreateBitmap
GetTextExtentPoint32A
CreateFontA
BitBlt
Escape
TextOutA
RectVisible
PtVisible
GetTextMetricsA
GetGlyphOutlineA
CreateCompatibleDC
SelectObject
ExtTextOutA
DeleteDC
CreateDIBSection
GdiFlush
DeleteObject
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

DragFinish
DragQueryFileA

comctl32

ord17
DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

winmm

mmioOpenA
mmioDescend
mmioRead
mmioAscend
midiOutClose
midiOutOpen
mciSendCommandA
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeGetTime
mmioClose
mmioSeek

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd

Sections

.text
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Cv��u
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0712e154e79e85170f7d3f9b4561311

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

winmm

imm32

Sections

.text Size: 524KB - Virtual size: 523KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 104KB - Virtual size: 131KB

.rsrc Size: 36KB - Virtual size: 33KB

Cv��u Size: 20KB - Virtual size: 20KB

.text
Size: 524KB - Virtual size: 523KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 104KB - Virtual size: 131KB

.rsrc
Size: 36KB - Virtual size: 33KB

Cv��u
Size: 20KB - Virtual size: 20KB