47df42e8ea91892f9ce970bd115b81b93361f6e4473342a4cbd2400c9340e4e7

Sharing

Copy URL Twitter E-mail

General

Target

47df42e8ea91892f9ce970bd115b81b93361f6e4473342a4cbd2400c9340e4e7
Size

392KB
MD5

14e240093953e9f841f6510fa93813af
SHA1

787cdc9e4b59d935130cb4503906af03fece2cc2
SHA256

47df42e8ea91892f9ce970bd115b81b93361f6e4473342a4cbd2400c9340e4e7
SHA512

b8cccee04e504175f045170d3557a796957d8ce5c79bcf3fc64ffb0683cdce59ab7f4aec0fc32f7b7647ab8285a5256b7de00ca6c6a3e7cf7f0033d5c49fdb20
SSDEEP

3072:OOnyb7wlDq65xeTd6d9AVwhHyqp3Ijxq0uh92IQHY+WQs/kNroJ0fys37inoCfsS:DyQBq658Qd9AVwh5Cjxq9YewZPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47df42e8ea91892f9ce970bd115b81b93361f6e4473342a4cbd2400c9340e4e7

Files

47df42e8ea91892f9ce970bd115b81b93361f6e4473342a4cbd2400c9340e4e7
.exe windows:4 windows x86 arch:x86

53064f737dfaf9d4e3897b5cea5f7ff3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Reenumerate_DevNode
CM_Locate_DevNodeA

mscms

UninstallColorProfileA
InstallColorProfileA

setupapi

SetupDiRemoveDevice
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupCopyOEMInfA
SetupDiDestroyDeviceInfoList

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

SHDeleteKeyA

newdev

UpdateDriverForPlugAndPlayDevicesA

kernel32

InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
GetLocaleInfoA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcpyA
SetCurrentDirectoryA
GetCurrentDirectoryA
lstrlenA
DeleteFileA
CopyFileA
SetFileAttributesA
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
CreateDirectoryA
GetLastError
SetLastError
FindClose
GetPrivateProfileSectionA
FindNextFileA
FindFirstFileA
Sleep
LocalFree
GetTempPathA
FreeLibrary
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetProfileStringA
GetProcAddress
LoadLibraryA
TerminateProcess
GetExitCodeProcess
Process32Next
OpenProcess
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
CreateProcessA
GetDriveTypeA
GetModuleFileNameA
ExitThread
CreateThread
CloseHandle
TerminateThread
GetExitCodeThread
GetCurrentProcessId
GlobalLock
GlobalUnlock
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
GetPrivateProfileStringA
GetModuleHandleA
MulDiv
GetVersionExA
GetUserDefaultLangID
WriteFile
ReadFile
GetFileSize
CreateFileA
VirtualAlloc
MultiByteToWideChar
WideCharToMultiByte
VirtualFree
lstrcpynA
GetCurrentProcess
HeapFree
HeapAlloc
GetProcessHeap
RemoveDirectoryA
CompareFileTime
GetFileTime
GetLogicalDriveStringsA
SetFilePointer
MoveFileExA
GetCurrentThreadId
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
InterlockedIncrement
InterlockedDecrement
GlobalFree
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
DuplicateHandle

user32

IsDialogMessageA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
CharUpperA
SetCursor
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
ReleaseDC
GetDC
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyMenu
LoadStringA
PtInRect
LoadCursorA
GetSysColorBrush
InflateRect
InvalidateRect
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetCapture
WinHelpA
GetClassInfoA
TrackPopupMenu
GetWindowTextLengthA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
PostMessageA
PostQuitMessage
RegisterDeviceNotificationA
ExitWindowsEx
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
wsprintfA
GetMenuItemCount
GetMenuStringA
GetMenuItemID
ModifyMenuA
DrawMenuBar
GetSubMenu
SetWindowTextA
GetMenu
RedrawWindow
CreatePopupMenu
InsertMenuA
GetKeyState
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
GetWindowRect
GetWindowThreadProcessId
UnregisterDeviceNotification
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
LoadIconA
GetWindowTextA
EnumChildWindows
GetTopWindow
GetClassNameA
GetWindow
RegisterClassA
MessageBoxA
SendNotifyMessageA
SendMessageA
EnableWindow
GetMessagePos

gdi32

GetTextExtentPointA
BitBlt
CreateCompatibleDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
DeleteObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

AddPrinterA
DocumentPropertiesA
DeletePrinter
GetPrinterDriverDirectoryA
SetPrinterA
OpenPrinterA
GetPrinterA
EnumPortsA
AddPrinterDriverA
ClosePrinter
AddMonitorA

advapi32

OpenProcessToken
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
CloseServiceHandle
StartServiceA
ControlService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
SetNamedSecurityInfoA
SetEntriesInAclA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
ChangeServiceConfigA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53064f737dfaf9d4e3897b5cea5f7ff3

Headers

File Characteristics

Imports

cfgmgr32

mscms

setupapi

version

shlwapi

newdev

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 32KB - Virtual size: 45KB

Shared Size: 4KB - Virtual size: 4B

.rsrc Size: 136KB - Virtual size: 132KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 32KB - Virtual size: 45KB

Shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 136KB - Virtual size: 132KB