07ee365ac7dfc2b2f15fa1d6f02d8b361cb958f070f0fd1d4e14f1e11d197b29

Sharing

Copy URL Twitter E-mail

General

Target

07ee365ac7dfc2b2f15fa1d6f02d8b361cb958f070f0fd1d4e14f1e11d197b29
Size

4.9MB
MD5

f11d6e11c24712c6cb6f3e35543da6af
SHA1

483eb74a2ea2f5e6443a6a7febbdbb9165844441
SHA256

07ee365ac7dfc2b2f15fa1d6f02d8b361cb958f070f0fd1d4e14f1e11d197b29
SHA512

ff528890cbe7346b008624fabfc47917b057a76870769f3309ad6a2b7b174a660df571f419fea6e990364e6cdfa280a0f8a4d822b8001f705f61577e462a4eb1
SSDEEP

98304:6k1LBkPHPmomY0+DRN2GJmMMMMMMMMMMMMMMMMMMMMMppSTOdIyTEb:3NkPHyqR5k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ee365ac7dfc2b2f15fa1d6f02d8b361cb958f070f0fd1d4e14f1e11d197b29

Files

07ee365ac7dfc2b2f15fa1d6f02d8b361cb958f070f0fd1d4e14f1e11d197b29
.exe windows:5 windows x86 arch:x86

391ee5d13354453ffa5a74c13dd95ffb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext

comctl32

ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
ord17
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_AddMasked
ImageList_DrawEx

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetVersionExA
LoadLibraryA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
CreateFileA
CloseHandle
CompareStringA
CompareStringW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnlockFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TerminateThread
SuspendThread
SleepEx
Sleep
SizeofResource
SetThreadPriority
SetThreadLocale
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryA
SearchPathA
ResumeThread
ResetEvent
RemoveDirectoryA
ReleaseMutex
ReadFile
RaiseException
OpenFileMappingA
MultiByteToWideChar
MoveFileA
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
LockResource
LockFile
LocalAlloc
LoadResource
LoadLibraryExA
LCMapStringA
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationA
WritePrivateProfileStringA
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatA
GetThreadLocale
GetTempPathA
GetSystemTime
GetStdHandle
GetStartupInfoA
GetProfileStringA
GetProfileIntA
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLogicalDrives
GetLocalTime
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesA
GetExitCodeThread
GetEnvironmentVariableA
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryA
GetCPInfo
GetComputerNameA
GetACP
FreeResource
FreeLibrary
FormatMessageA
FlushFileBuffers
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
FatalAppExitA
ExitThread
ExitProcess
EnumSystemLocalesA
EnumCalendarInfoA
DeleteFileA
DeleteCriticalSection
CreateThread
CreateMutexA
CreateEventA
CreateDirectoryA
CopyFileA

user32

SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowCaret
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoA
TabbedTextOutA
TabbedTextOutW
ToAscii
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
VkKeyScanA
WaitMessage
WindowFromPoint
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OemToCharBuffA
OemToCharA
MsgWaitForMultipleObjectsEx
MoveWindow
MessageBeep
MapWindowPoints
MapVirtualKeyA
LockWindowUpdate
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharAlphaNumericA
IsCharAlphaA
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextA
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetTabbedTextExtentW
GetTabbedTextExtentA
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
SetWindowPlacement
SetRectEmpty
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetLastActivePopup
GetKeyNameTextA
GetKeyboardType
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCaretPos
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExA
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExA
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DragDetect
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
GetKeyState
MessageBoxA
ActivateKeyboardLayout
AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
CharLowerBuffA
CreateCaret
CopyImage
CloseClipboard
ClientToScreen
ChildWindowFromPointEx
CheckMenuItem
CharUpperBuffW
CharUpperBuffA
CharToOemBuffA
CharToOemA
CharNextW
CharNextA
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
GetParent
SetScrollInfo
CharLowerBuffW
SetPropA
SetParent
SetMenuItemInfoA
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetClassLongA
SetCapture
SetActiveWindow
SendNotifyMessageA
SendMessageW
SendMessageA
SendDlgItemMessageA
ScrollWindowEx
ScreenToClient
GetMessageTime
RemovePropA
OffsetRect

gdi32

CreateEllipticRgnIndirect
CreateEnhMetaFileA
CreateFontIndirectA
CreateHalftonePalette
CreateHatchBrush
CreateICA
CreatePalette
CreatePatternBrush
CreatePenIndirect
CreatePolygonRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
DPtoLP
Ellipse
EndDoc
EndPage
EnumFontFamiliesExA
EqualRgn
ExcludeClipRect
ExtCreatePen
ExtSelectClipRgn
ExtTextOutA
ExtTextOutW
FillPath
FillRgn
FrameRgn
GdiFlush
GetBitmapBits
GetBkColor
GetBkMode
GetBrushOrgEx
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetMapMode
CreateDIBSection
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetOutlineTextMetricsA
GetPaletteEntries
CreateDIBitmap
GetRgnBox
GetROP2
GetStockObject
GetSystemPaletteEntries
GetTextCharset
GetTextColor
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointA
GetTextMetricsA
GetTextMetricsW
GetViewportOrgEx
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineTo
LPtoDP
MaskBlt
MoveToEx
OffsetRgn
OffsetWindowOrgEx
PaintRgn
PatBlt
PathToRegion
Pie
PlayEnhMetaFile
Polygon
Polyline
PolyPolyline
PtInRegion
RealizePalette
Rectangle
RectVisible
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetMapMode
SetPaletteEntries
SetPixel
SetRectRgn
SetROP2
SetStretchBltMode
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWinMetaFileBits
StretchBlt
StretchDIBits
StrokePath
TextOutA
TextOutW
UnrealizeObject
CreateDCA
UpdateColors
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineRgn
CloseEnhMetaFile
GetPixel
GetNearestColor
BitBlt

winspool.drv

EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetOpenFileNameA
ChooseColorA
ChooseFontA
GetSaveFileNameA

advapi32

RegSetValueExA
RegOpenKeyExA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA

shell32

ShellExecuteA
ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles
SHFileOperationA

ole32

CoGetClassObject
CoCreateInstance
CoCreateGuid
CLSIDFromProgID
CoInitialize
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
IsAccelerator
OleDraw
OleSetMenuDescriptor
ProgIDFromCLSID
StringFromCLSID

oleaut32

SafeArrayCreate
GetErrorInfo
GetActiveObject
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopyInd
VariantInit
SafeArrayAccessData

ws2_32

WSAAsyncSelect
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAAsyncGetServByName
accept
bind
closesocket
connect
ioctlsocket
getpeername
getsockopt
htonl
htons
inet_addr
inet_ntoa
listen
ntohs
recv
select
send
setsockopt
socket
gethostbyname
getservbyname
WSAStartup
WSACleanup
WSAGetLastError

msvcrt

__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__set_app_type
_controlfp
_except_handler3

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 584KB - Virtual size: 581KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_dcore_2
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

391ee5d13354453ffa5a74c13dd95ffb

Headers

File Characteristics

Imports

imm32

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 584KB - Virtual size: 581KB

_dcore_2 Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 584KB - Virtual size: 581KB

_dcore_2
Size: 2.0MB - Virtual size: 2.0MB