88eb59a5c1ba1ddbdca3fc449999e6679d6da43ce3e2dbd32df822fbb447e553

Sharing

Copy URL

Twitter E-mail

General

Target

88eb59a5c1ba1ddbdca3fc449999e6679d6da43ce3e2dbd32df822fbb447e553
Size

2.4MB
MD5

ae8b032ec75b68f77072f34c0bf9b1fb
SHA1

f40fc20219c4780a575a83fb1298c6f088dc6dd0
SHA256

88eb59a5c1ba1ddbdca3fc449999e6679d6da43ce3e2dbd32df822fbb447e553
SHA512

cda8de013989e3ae96ea35b53c9cd16fc417bf8d33209e18e90a4309e5661c8170d06d6ec650ffd897f1f37775e90d18c1ef98249ac8cfdec085c74b87192938
SSDEEP

49152:hoo+zQ6KWnfaZTcDU7TVMj9kx1pqighV0XW:hAQ6KB1Mj9kx1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88eb59a5c1ba1ddbdca3fc449999e6679d6da43ce3e2dbd32df822fbb447e553

Files

88eb59a5c1ba1ddbdca3fc449999e6679d6da43ce3e2dbd32df822fbb447e553
.dll regsvr32 windows:5 windows x86 arch:x86

effc510d5a926b67f184e2587ca7b53f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\WorkshopAgent\DevelopProj2\Outlook\4.71.223.8275\Bin\ReleaseMinDependency\outlka23.pdb

Imports

kernel32

FindResourceW
DisableThreadLibraryCalls
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetFileTime
IsBadStringPtrA
GetSystemTimeAsFileTime
IsBadStringPtrW
lstrlenW
GetLongPathNameA
VirtualProtect
QueryDosDeviceW
GetLongPathNameW
OpenMutexW
ReleaseMutex
AllocConsole
GetStdHandle
WriteConsoleW
FreeConsole
OutputDebugStringW
GetLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLogicalDriveStringsW
GetDriveTypeW
GetVolumeInformationW
GetDiskFreeSpaceExW
GetFileSize
UnlockFile
LockFile
SetEndOfFile
SetFilePointer
GetPrivateProfileStringW
GetProfileStringW
CreateSemaphoreW
WaitForMultipleObjects
ReleaseSemaphore
CreateEventW
OpenEventW
SetEvent
WaitForSingleObject
GetTempPathW
GetShortPathNameW
GetExitCodeThread
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
LoadLibraryExA
EnumResourceLanguagesW
FindResourceExW
SizeofResource
LoadResource
LockResource
FreeResource
GetComputerNameW
CreateDirectoryW
Sleep
MoveFileW
FlushFileBuffers
GetFileAttributesExW
ReadFile
CopyFileW
GetFileAttributesW
SetFileAttributesW
lstrcmpW
RemoveDirectoryW
DeleteFileW
MoveFileExW
GetSystemInfo
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
CreateFileW
WriteFile
MultiByteToWideChar
WideCharToMultiByte
GetLastError
LocalFree
OpenProcess
GetCurrentProcess
CreateThread
GetModuleHandleA
CreateFileA
GetFileInformationByHandle
GetStringTypeExW
GetThreadLocale
SetLastError
DuplicateHandle
GetFullPathNameW
MulDiv
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalFree
SetErrorMode
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetFileSizeEx
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
CompareStringW
GlobalGetAtomNameW
GetAtomNameW
lstrcmpA
lstrlenA
GetVersionExA
LoadLibraryA
GetVersionExW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
SetThreadPriority
ResumeThread
SuspendThread
GlobalFlags
InterlockedExchange
CompareStringA
GetLocaleInfoW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
WritePrivateProfileStringW
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
HeapReAlloc
ExitThread
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
VirtualAlloc
GetModuleFileNameA
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
LCMapStringA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
FormatMessageA
SleepEx
CreateMutexW
PulseEvent
ResetEvent
TerminateThread
GetProcessHeap
ExpandEnvironmentStringsA
GetSystemDirectoryA
ExpandEnvironmentStringsW
GetCurrentDirectoryA
GetTempPathA
GetEnvironmentVariableA
GetEnvironmentVariableW
SetFileAttributesA
GetFileAttributesA
DeleteFileA
MoveFileA
CreateDirectoryA
CopyFileA
RemoveDirectoryA
MoveFileExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
BackupWrite
BackupSeek
BackupRead
IsBadReadPtr
SetNamedPipeHandleState
WaitNamedPipeW
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
CancelIo
OpenSemaphoreW
GetVersion
SetPriorityClass
GetPriorityClass
GetThreadPriority
ReadProcessMemory
GetExitCodeProcess
CreateProcessA
InterlockedExchangeAdd
CreateProcessW
VirtualQueryEx
VirtualQuery
EnumResourceNamesW
EnumResourceTypesW
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
CreateFileMappingA
GetWindowsDirectoryA
GetDriveTypeA
GetLogicalDrives
QueryDosDeviceA
SetVolumeLabelW
DefineDosDeviceW
CloseHandle
GetModuleHandleW
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
FreeLibrary
InterlockedCompareExchange
LoadLibraryW
GetProcAddress
GetWindowsDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
GetSystemDirectoryW

user32

CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
RegisterWindowMessageW
ValidateRect
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
SetWindowTextW
DestroyIcon
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
MoveWindow
ShowWindow
ScrollWindowEx
InflateRect
CheckMenuItem
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMenuItemInfoW
DestroyMenu
SystemParametersInfoW
PostQuitMessage
SetRectEmpty
InvalidateRect
SetCursor
ShowOwnedPopups
DeleteMenu
EndDialog
GetNextDlgTabItem
SetFocus
TranslateAcceleratorW
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
ReleaseCapture
GetMenuBarInfo
LoadMenuW
ReuseDDElParam
UnpackDDElParam
SetRect
SetTimer
KillTimer
WindowFromPoint
GetDialogBaseUnits
GetKeyNameTextW
MapVirtualKeyW
IsRectEmpty
GetSystemMenu
GetClassLongW
UnionRect
GetDCEx
LockWindowUpdate
SetCapture
MsgWaitForMultipleObjects
MessageBoxA
CloseWindow
FindWindowW
EnumWindowStationsW
EnumDesktopsW
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
CharUpperW
GetSystemMetrics
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetParent
IsWindow
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
UnregisterClassW
GetWindowTextLengthW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageW
CreateDialogIndirectParamW
CharNextW
GetForegroundWindow
CloseDesktop
SetThreadDesktop
GetThreadDesktop
wsprintfW
PostMessageW
PostThreadMessageW
GetDesktopWindow
EnumChildWindows
EnumWindows
GetWindowLongW
IsWindowVisible
GetWindowTextW
GetWindowTextA
GetParent
EnumDesktopWindows
SendMessageTimeoutW
MessageBoxW
OpenWindowStationW
SetProcessWindowStation
CloseWindowStation
GetProcessWindowStation
GetUserObjectInformationW
OpenInputDesktop
OpenDesktopW

advapi32

OpenProcessToken
AdjustTokenPrivileges
RegCreateKeyW
RegQueryValueExW
RegCloseKey
RegSetValueW
RegQueryValueW
RegQueryValueExA
RegSetValueExA
RegEnumValueW
RegCreateKeyA
RegCreateKeyExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegOpenKeyA
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountNameW
GetAce
AddAccessAllowedAce
InitializeAcl
GetLengthSid
SetFileSecurityW
RegSetKeySecurity
LookupAccountSidW
GetTokenInformation
GetUserNameW
RegOpenKeyW
RegSetValueExW
RegConnectRegistryW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
LookupPrivilegeValueW

shell32

DragFinish
ExtractIconW
SHGetFileInfoW
SHGetSpecialFolderPathW
DragQueryFileW
SHFileOperationA

ole32

CoCreateGuid
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
SetConvertStg
CoInitialize
CoInitializeEx
CoUninitialize
CLSIDFromString
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg

oleaut32

VarBstrCat
SysAllocStringLen
VarBstrCmp
VariantInit
VariantClear
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringByteLen
LoadTypeLi
DispCallFunc
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SysFreeString
SysStringLen
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
CreateErrorInfo
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
DosDateTimeToVariantTime
GetErrorInfo
SetErrorInfo
SafeArrayGetDim

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW

mapi32

ord17
ord136
ord135

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

ws2_32

inet_ntoa
recvfrom
WSAGetLastError
sendto
recv
send
getsockopt
getsockname
ntohl
listen
shutdown
closesocket
connect
socket
WSAIoctl
htons
htonl
bind
accept
setsockopt
WSACleanup
WSAStartup
inet_addr
ntohs
gethostbyname
getpeername

mpr

WNetGetConnectionW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
SelectObject
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32W
GetCharWidthW
CreateFontW
StretchDIBits
CreateCompatibleBitmap
OffsetViewportOrgEx
GetTextMetricsW
GetBitmapBits
GetObjectA
GetDeviceCaps
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
GetBkColor
SetViewportOrgEx
CreateDCA
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
PlayMetaFile
Escape

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

comdlg32

GetFileTitleW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Dll_GetLogFileName
Dll_GetLogLevel
Dll_GetLogTos
Dll_SetLogOutput

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OutputL
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

effc510d5a926b67f184e2587ca7b53f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

mapi32

version

ws2_32

mpr

oleacc

gdi32

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 377KB - Virtual size: 376KB

.data Size: 91KB - Virtual size: 188KB

.OutputL Size: 1024B - Virtual size: 528B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 126KB - Virtual size: 125KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 377KB - Virtual size: 376KB

.data
Size: 91KB - Virtual size: 188KB

.OutputL
Size: 1024B - Virtual size: 528B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 126KB - Virtual size: 125KB