4ea15e559e4e69cbaf57757fbba6b1efa760eea1f258b3e293dce50ea36e896a

Sharing

Copy URL Twitter E-mail

General

Target

4ea15e559e4e69cbaf57757fbba6b1efa760eea1f258b3e293dce50ea36e896a
Size

2.8MB
MD5

2c223ffd239dc5d7f1cec8c4c89f94e5
SHA1

f4e226c0b4bd4307d23f819a4dbb015ca377a0b9
SHA256

4ea15e559e4e69cbaf57757fbba6b1efa760eea1f258b3e293dce50ea36e896a
SHA512

8aef429b09d7b862c322b699106aca4a7917b0b2a29e5b22bfd97cf44308958d68d2e64e8e29bd77f625be513024e1b78b127e26a4aa8db77b0ead734e863e6a
SSDEEP

49152:op77isYfCtxfIKMy1Sl4OUAKr9drClRMBWNtbGwBYRCbec3pMfpGG:WiWNx5iqBCbec6RGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ea15e559e4e69cbaf57757fbba6b1efa760eea1f258b3e293dce50ea36e896a

Files

4ea15e559e4e69cbaf57757fbba6b1efa760eea1f258b3e293dce50ea36e896a
.exe windows:5 windows x64 arch:x64

16a2c527c167852bd3a4bcb2cfa5c6b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetStringTypeW
GetProcessHeap
GetDriveTypeW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
FindFirstFileExA
GetDriveTypeA
LCMapStringW
GetModuleFileNameA
GetPrivateProfileStringA
AttachConsole
CreateDirectoryA
GetPrivateProfileIntA
AllocConsole
GetComputerNameA
CancelIo
WaitForMultipleObjects
GetOverlappedResult
QueryPerformanceFrequency
CreateEventA
GetTimeZoneInformation
SetEnvironmentVariableA
WriteConsoleW
GetConsoleMode
OutputDebugStringA
GetConsoleCP
IsValidCodePage
GetOEMCP
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetVersion
HeapSetInformation
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
HeapSize
HeapQueryInformation
ExitProcess
HeapReAlloc
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
ExitThread
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetStartupInfoW
GetCommandLineW
FindResourceExW
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
lstrcmpiW
GetFileSize
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
DeleteFileW
GetCurrentDirectoryW
FileTimeToSystemTime
GetThreadLocale
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
lstrlenA
ReleaseActCtx
CreateActCtxW
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
lstrcmpW
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
GetModuleFileNameW
GlobalFree
FreeResource
ResetEvent
SetEvent
WideCharToMultiByte
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
DeviceIoControl
FreeLibrary
TerminateThread
ActivateActCtx
GetModuleHandleW
LoadLibraryW
DeactivateActCtx
SetLastError
GetProcAddress
LoadLibraryA
GetACP
TerminateProcess
WaitForSingleObject
WriteFile
SetFilePointer
CreateFileA
GetLocalTime
MultiByteToWideChar
ReleaseMutex
CreateMutexW
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetLastError
GetCurrentProcess
CloseHandle
GetTickCount
Sleep
CreateThread
FindResourceW
SizeofResource
LoadResource
LockResource

user32

RedrawWindow
SetWindowRgn
DrawFocusRect
DrawEdge
OffsetRect
InflateRect
IsRectEmpty
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
ShowWindow
MoveWindow
SetWindowLongW
GetSysColorBrush
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
CheckDlgButton
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
MonitorFromPoint
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetWindowRect
PtInRect
IsMenu
CreatePopupMenu
SetMenuDefaultItem
EndPaint
MessageBeep
GetMenuDefaultItem
WaitMessage
CharNextW
CopyAcceleratorTableW
SetRect
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuState
GetMenuStringW
InsertMenuW
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
GetNextDlgTabItem
EndDialog
DrawIconEx
SetRectEmpty
SetCapture
GetNextDlgGroupItem
DestroyIcon
CopyImage
GetIconInfo
ReleaseCapture
SetCursor
ValidateRect
ShowOwnedPopups
DestroyMenu
SystemParametersInfoW
EnumDisplayMonitors
GetKeyState
SetWindowPos
WindowFromPoint
ScreenToClient
IsWindowEnabled
GetParent
GetClassNameW
LoadBitmapW
UpdateWindow
FillRect
DrawStateW
GetSysColor
SetLayeredWindowAttributes
LoadCursorW
RealChildWindowFromPoint
IntersectRect
GetDlgCtrlID
DeleteMenu
InvalidateRgn
BringWindowToTop
LockWindowUpdate
SetParent
SetCursorPos
CopyIcon
GetDoubleClickTime
SetClassLongPtrW
SendMessageW
EnableWindow
PostMessageW
PostThreadMessageW
MessageBoxA
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
LoadIconW
GetSystemMenu
AppendMenuW
LoadAcceleratorsW
GetClientRect
SetTimer
LoadImageW
InvalidateRect
IsIconic
GetSystemMetrics
DrawIcon
TranslateAcceleratorW
GetMenuItemInfoW
SetMenuItemInfoW
KillTimer
IsWindowVisible
GetFocus
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DestroyAcceleratorTable
GetUpdateRect
UnregisterClassW
ToUnicodeEx
GetKeyboardLayout
LoadMenuW
GetSubMenu
EnableMenuItem
ClientToScreen
GetKeyboardState
CreateAcceleratorTableW
InvertRect
HideCaret
NotifyWinEvent
GetAsyncKeyState
IsZoomed
CharUpperW
UnionRect
EnableScrollBar
BeginPaint
UpdateLayeredWindow
GetCursorPos
IsWindow
GetMenuItemCount
GetMenuItemID
DrawFrameControl
DrawTextW
GetWindowRgn
DestroyCursor
CreateMenu
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
SubtractRect
CharUpperBuffW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
SetFocus
FrameRect

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
PatBlt
CreateEllipticRgn
CreatePolygonRgn
CombineRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
GetTextExtentPoint32W
GetTextMetricsW
CreateDIBitmap
GetTextCharsetInfo
SetRectRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetRgnBox
OffsetRgn
Rectangle
SetDIBColorTable
RealizePalette
StretchBlt
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetWindowOrgEx
SetPixelV
GetTextFaceW
ExcludeClipRect
SelectClipRgn
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetStockObject
CreateSolidBrush
BitBlt
CreateFontIndirectW
GetObjectW
CreateRectRgnIndirect
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
SetPixel
IntersectClipRect
DeleteObject
CreateCompatibleDC
SetTextColor
EnumFontFamiliesW
CreateCompatibleBitmap

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegEnumValueW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExA
RegOpenKeyExA
CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegCreateKeyExA

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage

comctl32

ImageList_GetIconSize
InitCommonControlsEx
ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

StringFromCLSID
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleLockRunning
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

VariantClear
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
VariantInit
SysAllocString
SysStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect

oledlg

OleUIBusyW

gdiplus

GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipFree

ws2_32

sendto
recvfrom
WSAStartup
setsockopt
closesocket
bind
htons
inet_addr
WSASocketA
htonl
WSACleanup
socket

dbghelp

MiniDumpWriteDump

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses
IcmpCloseHandle
IcmpCreateFile
IcmpSendEcho2Ex

setupapi

SetupDiGetClassDevsA
SetupDiClassNameFromGuidA
SetupDiGetDeviceInstanceIdA
SetupDiSetClassInstallParamsA
SetupDiChangeState
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

wsock32

inet_ntoa
WSAGetLastError

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16a2c527c167852bd3a4bcb2cfa5c6b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

dbghelp

iphlpapi

setupapi

oleacc

imm32

winmm

wsock32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 616KB - Virtual size: 616KB

.data Size: 43KB - Virtual size: 95KB

.pdata Size: 87KB - Virtual size: 86KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 208KB - Virtual size: 207KB

.reloc Size: 80KB - Virtual size: 80KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 616KB - Virtual size: 616KB

.data
Size: 43KB - Virtual size: 95KB

.pdata
Size: 87KB - Virtual size: 86KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 208KB - Virtual size: 207KB

.reloc
Size: 80KB - Virtual size: 80KB