0eedeed964b1bc832b9281c91a07ee9a0125702410ba9db1a6a950e94e753c48

Sharing

Copy URL

Twitter E-mail

General

Target

0eedeed964b1bc832b9281c91a07ee9a0125702410ba9db1a6a950e94e753c48
Size

2.0MB
MD5

9ac57408bdf94025e8b14a7ecb4ad8ee
SHA1

96c401d47b8a332c2d5ea6c00ba37b073135bc18
SHA256

0eedeed964b1bc832b9281c91a07ee9a0125702410ba9db1a6a950e94e753c48
SHA512

f28e8c87915d6b9e7cb5041f7fa8f8d0a47b1eaf64c2b63bc2170d833450a1e2cc18a39f8eba0455035eb0f0cfd9eccabd71eb428465add90caf81a9163b7612
SSDEEP

49152:6bEh2dssoUNova2SyGIEUylu1rzAGCh4Tews:nh2dssoUNSa0ylu1rzFCh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0eedeed964b1bc832b9281c91a07ee9a0125702410ba9db1a6a950e94e753c48

Files

0eedeed964b1bc832b9281c91a07ee9a0125702410ba9db1a6a950e94e753c48
.exe windows:6 windows x86 arch:x86

4b7e9be39e98db96ec4bfe77faf49e5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\source\repos\DisableUpdate\Release\DisableUpdate.pdb

Imports

kernel32

GetVersionExW
GetTickCount
MulDiv
IsBadReadPtr
EnumResourceTypesW
EnumResourceNamesW
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
FreeLibrary
SetLastError
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
FlushInstructionCache
GetCurrentProcess
SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
OutputDebugStringW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
DeleteCriticalSection
GetACP
IsValidCodePage
FindFirstFileExW
SetConsoleCtrlHandler
GetTimeZoneInformation
SetStdHandle
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetLocalTime
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
GetFileType
GetCurrentThread
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
GlobalLock
GlobalUnlock
GlobalAlloc
GetCPInfo
CompareStringEx
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
GetLocaleInfoEx
LocalFree
FormatMessageA
GetProcAddress
GetVersionExA
GetModuleHandleW
GetSystemTime
GetModuleHandleA
GetTempPathW
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
Sleep
GetCurrentThreadId
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
RemoveDirectoryW
GetExitCodeProcess
CloseHandle
CreateProcessW
GetStartupInfoW
GetLastError
CreatePipe
SetCurrentDirectoryW
GetModuleFileNameW
GetOEMCP
lstrlenA

user32

MessageBoxW
GetActiveWindow
MonitorFromRect
GetWindowPlacement
LoadStringW
LoadStringA
PostQuitMessage
IsWindow
SystemParametersInfoA
DrawTextW
GetSystemMetrics
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetCaretPos
SetRect
DestroyWindow
TrackMouseEvent
AnimateWindow
SetLayeredWindowAttributes
SetWindowPos
SetFocus
KillTimer
UpdateWindow
BeginPaint
EndPaint
GetClientRect
GetCursorPos
CopyRect
InflateRect
IntersectRect
UnionRect
IsRectEmpty
GetClassNameW
DestroyIcon
MonitorFromWindow
GetMonitorInfoW
SendMessageW
SendNotifyMessageW
PostMessageW
DefWindowProcW
CallWindowProcW
DrawIconEx
CharLowerBuffW
MapVirtualKeyA
EnableMenuItem
GetIconInfo
CharNextW
PostThreadMessageW
DispatchMessageW
TranslateMessage
DestroyCursor
EqualRect
GetForegroundWindow
CallMsgFilterW
WaitMessage
PeekMessageW
GetDesktopWindow
SetActiveWindow
EnableWindow
CheckMenuRadioItem
GetSysColor
GetMenuContextHelpId
SetMenuContextHelpId
SetForegroundWindow
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DeleteMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetSubMenu
CheckMenuItem
DestroyMenu
CreatePopupMenu
IsMenu
LoadImageW
CreateIconFromResource
LoadBitmapW
SetCursor
GetKeyState
GetFocus
PtInRect
OffsetRect
WindowFromPoint
LoadCursorW
GetWindow
SetParent
GetParent
SetWindowLongW
GetWindowLongW
MapWindowPoints
ScreenToClient
ClientToScreen
ShowCaret
HideCaret
CreateCaret
GetWindowRect
GetWindowTextW
SetWindowTextW
InvalidateRect
SetWindowRgn
ReleaseDC
GetWindowDC
GetDC
IsWindowEnabled
SetTimer
ReleaseCapture
SetCapture
GetCapture
GetDlgCtrlID
GetDlgItem
IsZoomed
IsIconic
IsWindowVisible
MoveWindow
UpdateLayeredWindow
ShowWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
FillRect
InvertRect

gdi32

CreateSolidBrush
CreateFontIndirectW
EnumFontsW
SetGraphicsMode
GetDeviceCaps
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
DeleteObject
RectInRegion
ExcludeClipRect
BitBlt
GetClipBox
Rectangle
SetBkMode
GetObjectW
GetDCOrgEx
StretchBlt
CreateCompatibleBitmap
SetViewportOrgEx
GetStockObject
Arc
CombineRgn
CreateEllipticRgnIndirect
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
Ellipse
EqualRgn
GetClipRgn
GetRgnBox
GetTextColor
GetTextExtentPoint32W
IntersectClipRect
OffsetRgn
Pie
PtInRegion
RestoreDC
RoundRect
SaveDC
ExtSelectClipRgn
SetRectRgn
SetROP2
SetTextColor
GetWorldTransform
SetWorldTransform
CreateDIBSection
GetViewportOrgEx
GetCurrentObject
Polyline
CreatePolygonRgn
ExtCreatePen

shell32

ShellExecuteW

ole32

CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
OleLockRunning
RegisterDragDrop
OleUninitialize
OleInitialize

oleaut32

SetErrorInfo
GetErrorInfo
SysFreeString
VariantInit
VariantClear
CreateErrorInfo
SysAllocString
VariantChangeType

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

StrToIntExW

imm32

ImmDestroyContext
ImmGetContext
ImmAssociateContext
ImmReleaseContext
ImmCreateContext

gdiplus

GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawImageRectI
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGraphicsClear
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipImageSelectActiveFrame

msimg32

AlphaBlend
GradientFill

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b7e9be39e98db96ec4bfe77faf49e5f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

version

shlwapi

imm32

gdiplus

msimg32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 410KB - Virtual size: 410KB

.data Size: 38KB - Virtual size: 108KB

.rsrc Size: 57KB - Virtual size: 57KB

.reloc Size: 121KB - Virtual size: 121KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 410KB - Virtual size: 410KB

.data
Size: 38KB - Virtual size: 108KB

.rsrc
Size: 57KB - Virtual size: 57KB

.reloc
Size: 121KB - Virtual size: 121KB