393ee8048c41e43b0921a77adbcca96275a9d96eebec9a2dcf879a7195e38618

Sharing

Copy URL Twitter E-mail

General

Target

393ee8048c41e43b0921a77adbcca96275a9d96eebec9a2dcf879a7195e38618
Size

1.1MB
MD5

e6b04a7bf069582d33ba36475f68fa8c
SHA1

3c4ed6081ce59d5f54d86524295c59b7f28d834f
SHA256

393ee8048c41e43b0921a77adbcca96275a9d96eebec9a2dcf879a7195e38618
SHA512

6e408051faf969879cbce1c339d8089456758546e68e74b291aafa86e292eedc64a6e9e3368a275cb2589c7c6afb0eb8a2841065b851604b3ee6891526bae938
SSDEEP

24576:7S7F6lAZZGXJp9s6TULo5TZvTiIZrAnIC27/Z5u:8HZZoJpe6so5dTiIZwi7B5u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
393ee8048c41e43b0921a77adbcca96275a9d96eebec9a2dcf879a7195e38618

Files

393ee8048c41e43b0921a77adbcca96275a9d96eebec9a2dcf879a7195e38618
.exe windows:4 windows x86 arch:x86

38115c7ead4a392c80d3ecafa2500644

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr

kernel32

GlobalAlloc
GlobalFree
GlobalFlags
LocalAlloc
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
RtlUnwind
ExitProcess
RaiseException
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
lstrcmpA
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcatA
GlobalLock
GlobalUnlock
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
FindNextFileA
lstrcpyA
FindFirstFileA
SetLastError
FindClose
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileStringA
GetSystemInfo
ReleaseMutex
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
CreateFileA
CreateFileMappingA
FlushViewOfFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessVersion
CreateDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeLibrary
GetVersionExA
GetTickCount
GetSystemDirectoryA
CopyFileA
GetFileAttributesA
SetFileAttributesA
CreateToolhelp32Snapshot
Process32First
OpenProcess
TerminateProcess
Process32Next
CreateMutexA
CreateEventA
CreateThread
GetModuleFileNameA
WaitForSingleObject
Sleep
DeleteFileA
WritePrivateProfileStringA
GetCurrentProcess
GetLastError
CloseHandle
SetCurrentDirectoryA
GetACP
RemoveDirectoryA

user32

EnableMenuItem
GetNextDlgTabItem
LoadIconA
PostMessageA
MapWindowPoints
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
DestroyMenu
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowLongA
GetDlgItem
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetPropA
LoadCursorA
GetKeyState
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
SetFocus
GetFocus
GetParent
SendMessageA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PostQuitMessage
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
IsIconic
CheckMenuItem
PtInRect
GetWindowLongA
GetClassNameA
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuItemID
UnhookWindowsHookEx
GetWindowTextA
LoadStringA
GetSystemMetrics
CharUpperA
OemToCharA
GetDesktopWindow
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CreateDialogParamA
DialogBoxParamA
ShowWindow
KillTimer
SetTimer
SetWindowPos

gdi32

PtVisible
RectVisible
TextOutA
Escape
GetObjectA
CreateBitmap
ExtTextOutA
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

QueryServiceStatus
DeleteService
ControlService
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ord17

shlwapi

PathFileExistsA

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38115c7ead4a392c80d3ecafa2500644

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 24KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 24KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 2KB