d6bdab7c1a51c155cfe4faf3c4f7fa8ff95ec7c2994adba417b4bed528bb5557

Sharing

Copy URL

Twitter E-mail

General

Target

d6bdab7c1a51c155cfe4faf3c4f7fa8ff95ec7c2994adba417b4bed528bb5557
Size

1.6MB
MD5

6427dcf60504a0fbd56e0bb54ae609ae
SHA1

008b302b6909b978e5e99946afd261115f604dee
SHA256

d6bdab7c1a51c155cfe4faf3c4f7fa8ff95ec7c2994adba417b4bed528bb5557
SHA512

b47f01a2e942aa74af7517b6492ff9b1eece1ebc9211c15c93db49110d22a85534b67ec759b6ca77f2f190dd28248af72386011bb6384ae706f74edb9c2c88a4
SSDEEP

24576:Eue0pqXvElMy4gm5c7ZqmbB540yY7tPjO2YIakpOUqjYBVr3T:Euo/QImFG0yY7tPC2V1pOUqjQ3T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6bdab7c1a51c155cfe4faf3c4f7fa8ff95ec7c2994adba417b4bed528bb5557

Files

d6bdab7c1a51c155cfe4faf3c4f7fa8ff95ec7c2994adba417b4bed528bb5557
.exe windows:5 windows x86 arch:x86

32ac923d59229f27dbe28a28921ff4c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
GlobalFlags
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
WritePrivateProfileStringW
SetErrorMode
GetStartupInfoW
RtlUnwind
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
HeapAlloc
GetCPInfo
GetTimeZoneInformation
CreateThread
HeapReAlloc
SetStdHandle
GetFileType
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
lstrlenA
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetOEMCP
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetProcessHeap
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetModuleHandleA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
MoveFileW
SuspendThread
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
InterlockedDecrement
FreeResource
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GetVersionExA
GetACP
GetComputerNameExW
GetCommandLineW
LoadLibraryExW
GetCurrentProcessId
CreateFileW
OutputDebugStringW
GetComputerNameW
GetFileSize
GetCurrentThreadId
GetModuleHandleW
CreateEventW
WaitForSingleObject
SetEvent
ExitThread
CreateProcessW
WaitForMultipleObjects
GetExitCodeProcess
TerminateProcess
CloseHandle
DeleteFileW
GetPrivateProfileStringW
GetTickCount
GetExitCodeThread
Sleep
lstrlenW
WideCharToMultiByte
ResumeThread
SetThreadPriority
GetVersionExW
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
LoadLibraryW
CreateDirectoryW
GetLastError
FreeLibrary
GetModuleFileNameW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemInfo
InitializeCriticalSection
InterlockedCompareExchange

user32

GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
MessageBoxW
GetClassInfoExW
GetClassInfoW
GetSysColor
AdjustWindowRectEx
EndPaint
ReleaseCapture
GetDlgCtrlID
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
UnhookWindowsHookEx
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DestroyWindow
SetTimer
GetMessageW
PostQuitMessage
UnregisterClassW
KillTimer
CreateWindowExW
RegisterClassW
DefWindowProcW
PeekMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
GetSystemMetrics
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
LoadIconW
GetParent
GetDesktopWindow
RedrawWindow
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
PostMessageW
DrawIcon
SendMessageW
EnableWindow
GetFocus
SetCapture
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
LoadCursorW
GetSysColorBrush
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
SetWindowContextHelpId
MapDialogRect
CharUpperW
GetWindowThreadProcessId
SetCursor
GetCursorPos
ValidateRect
ReleaseDC
GetDC
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
EqualRect
CheckMenuItem

gdi32

SaveDC
RestoreDC
SetMapMode
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtTextOutW
CreateRectRgnIndirect
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
SetViewportExtEx
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysFreeString

wsock32

closesocket
WSACleanup
sendto
WSASetLastError
ntohs
getservbyport
setsockopt
htons
getservbyname
htonl
inet_addr
gethostbyname
WSAGetLastError
ioctlsocket
socket
WSAStartup
recvfrom
gethostbyaddr
bind
select

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32ac923d59229f27dbe28a28921ff4c8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

wsock32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 294KB - Virtual size: 294KB

.data Size: 28KB - Virtual size: 44KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 294KB - Virtual size: 294KB

.data
Size: 28KB - Virtual size: 44KB

.rsrc
Size: 52KB - Virtual size: 51KB