ae792982e5fc32ad5538306256e1ad4c682cc049a386792e2b617508e137e922

Sharing

Copy URL Twitter E-mail

General

Target

ae792982e5fc32ad5538306256e1ad4c682cc049a386792e2b617508e137e922
Size

1.2MB
MD5

4bb7cb280268f5e23e801f30744a698a
SHA1

a4719a9f7c878c997dda20ca4e71206403c789a7
SHA256

ae792982e5fc32ad5538306256e1ad4c682cc049a386792e2b617508e137e922
SHA512

1fed109c38373a22ade26665e4c90e81217be9efc2bb0a24726033dfc3b8a43798609ab5085b4c10cd8c5f68fc2b755d392b8b7620d58ce10667d44f9113bdf5
SSDEEP

6144:/Oats0VnxsMwQOfGQjNciqujIjd2Ef10CZRkr/:/hsOBwQO+psEf106Rkr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae792982e5fc32ad5538306256e1ad4c682cc049a386792e2b617508e137e922

Files

ae792982e5fc32ad5538306256e1ad4c682cc049a386792e2b617508e137e922
.exe windows:6 windows x64 arch:x64

e94d9cab15ebea38d5874f191e4855e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegCloseKey
RegEnumKeyW
RegOpenKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW

user32

PostMessageW
SendMessageW
DispatchMessageW
TranslateMessage
RegisterWindowMessageW
wsprintfW
GetAncestor
LoadCursorW
GetClassNameW
GetWindowLongPtrW
WindowFromPoint
SetCursor
SetWindowRgn
IsWindowUnicode
ReleaseCapture
SetCapture
IsWindowVisible
CallWindowProcW
DefWindowProcW
IsHungAppWindow
DestroyIcon
ShowWindow
SendMessageA
MessageBoxA
IsWindow
wsprintfA
GetComboBoxInfo
MonitorFromWindow
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
ReleaseDC
GetDC
SetMenuItemInfoW
PostQuitMessage
GetMenuItemInfoW
InsertMenuItemW
DeleteMenu
GetMenuItemCount
DrawMenuBar
IsWindowEnabled
GetFocus
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowPlacement
GetWindowPlacement
IsChild
DrawFrameControl
CreateWindowExW
LoadStringW
MapDialogRect
IsDialogMessageW
LoadIconW
EnumChildWindows
GetParent
SetClassLongPtrW
SetWindowLongPtrW
PtInRect
OffsetRect
MapWindowPoints
ScreenToClient
GetCursorPos
MessageBeep
MessageBoxW
GetWindowRect
GetClientRect
SetWindowTextW
RedrawWindow
InvalidateRect
EndPaint
BeginPaint
SetForegroundWindow
DrawTextW
SetMenuDefaultItem
TrackPopupMenu
EnableMenuItem
CheckMenuItem
GetMenu
GetSystemMetrics
TranslateAcceleratorW
LoadAcceleratorsW
EnableWindow
KillTimer
SetTimer
GetKeyState
SetFocus
GetDlgCtrlID
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
EndDialog
DialogBoxParamW
CreateDialogParamW
SetWindowPos
DestroyWindow
GetMessageW

gdi32

CreateRectRgn
CombineRgn
ExtTextOutW
SetBkColor
GetDeviceCaps
EnumFontsW
CreateFontW
SetTextColor
SetBkMode
SelectObject
DeleteObject

msimg32

GradientFill

shell32

ExtractIconW
DragQueryFileW
DragFinish
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderPathW
ShellExecuteExW

shlwapi

StrCmpNIW
StrToIntExW
PathParseIconLocationW
StrCmpNW

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW

comctl32

ImageList_LoadImageW
ImageList_Destroy

wininet

InternetQueryOptionW
InternetOpenA
InternetAttemptConnect
InternetSetOptionW
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

winmm

PlaySoundA

kernel32

GetStringTypeW
GetFileType
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapFree
HeapAlloc
GetModuleHandleExW
TerminateProcess
ExitProcess
GetCurrentProcess
GetStdHandle
RtlPcToFileHeader
RaiseException
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
FormatMessageW
LoadLibraryExW
FreeLibrary
SetLastError
ExpandEnvironmentStringsW
FormatMessageA
LocalFree
GetLastError
lstrlenA
lstrcpyA
MulDiv
LoadLibraryW
GetProcAddress
GetModuleFileNameW
GetVersionExW
GetSystemDirectoryW
GetStartupInfoW
GetCurrentThreadId
CreateThread
GetExitCodeProcess
WaitForSingleObject
CreatePipe
GetFullPathNameW
FindFirstFileW
FindClose
CopyFileW
lstrlenW
lstrcatW
lstrcpyW
WriteConsoleW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
IsProcessorFeaturePresent
lstrcpynW
lstrcmpiW
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalAlloc
GetWindowsDirectoryW
CreateProcessW
CreateEventW
SetEvent
CloseHandle
WriteFile
ReadFile
GetFileSize
DeleteFileW
CreateFileW
GetCommandLineW
GetProcessHeap
HeapSize
SetFilePointerEx
HeapReAlloc
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e94d9cab15ebea38d5874f191e4855e3

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

gdi32

msimg32

shell32

shlwapi

comdlg32

comctl32

wininet

winmm

kernel32

Sections

.text Size: 84KB - Virtual size: 84KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 3KB - Virtual size: 11KB

.pdata Size: 5KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 84KB - Virtual size: 84KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 3KB - Virtual size: 11KB

.pdata
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 2KB - Virtual size: 1KB