ef95ed29bdc097fcaba0fce85af24580d1adb17bfe5b180c764b3eb55d7eab06

Sharing

Copy URL

Twitter E-mail

General

Target

ef95ed29bdc097fcaba0fce85af24580d1adb17bfe5b180c764b3eb55d7eab06
Size

1.2MB
MD5

d193c7454012d54f9045e68530e45d90
SHA1

5cd9458c338d39b6895cc7e546b55935c8ee6aa3
SHA256

ef95ed29bdc097fcaba0fce85af24580d1adb17bfe5b180c764b3eb55d7eab06
SHA512

4d83f2e9b1566f626af743edcf39a4e7e4667ba73084d35f3764ea7fc14d5a8b007cd3a174cabc4ec2191d2d316e1003d61a485ead24578da98927dfa6ea2c3d
SSDEEP

12288:oPpMAUhNlagn2PM9RiK0yB05Tua1hZTOyPV8eW+9wTLSLueo4YnYAZSxjU4NA0/:sUhNl4PM7i2mua1h1Oy9OLSLubmN80/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef95ed29bdc097fcaba0fce85af24580d1adb17bfe5b180c764b3eb55d7eab06

Files

ef95ed29bdc097fcaba0fce85af24580d1adb17bfe5b180c764b3eb55d7eab06
.exe windows:4 windows x86 arch:x86

1a0fa404c39043869fbbb6e7b25fdb32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
GetSystemTime
GetLocalTime
FatalAppExitA
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
ExitThread
GetUserDefaultLCID
SetStdHandle
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
TerminateThread
ResetEvent
TerminateProcess
HeapFree
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GlobalSize
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
GetShortPathNameA
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
OpenFileMappingA
ReleaseMutex
CreateFileW
WaitForMultipleObjects
GetProfileStringA
QueryPerformanceCounter
VirtualProtect
GetWindowsDirectoryA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
EnumResourceLanguagesA
EnumResourceTypesA
EnumResourceNamesA
VirtualQuery
LoadLibraryExA
GetModuleHandleW
FormatMessageW
FindResourceExA
OutputDebugStringW
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
SizeofResource
GetProcessVersion
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
MulDiv
SetLastError
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
FormatMessageA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
LoadLibraryW
FreeLibrary
CreateMutexA
OpenMutexA
CreateProcessA
GetFileAttributesExW
ReadFile
MoveFileExA
GetTickCount
Sleep
MoveFileA
CopyFileA
SetFileAttributesW
lstrcmpW
RemoveDirectoryW
DeleteFileW
GetFileAttributesA
SetFileAttributesA
lstrcmpA
RemoveDirectoryA
DeleteFileA
GetSystemInfo
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
GetExitCodeThread
GetLastError
LoadLibraryA
LocalFree
OpenProcess
GetCurrentProcess
CreateThread
GetSystemDirectoryA
CreateFileA
GetFileInformationByHandle
CloseHandle
GetModuleHandleA
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
WideCharToMultiByte
EnumSystemLocalesA
MultiByteToWideChar

user32

wvsprintfA
ShowWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
LoadStringA
CloseDesktop
SetThreadDesktop
GetThreadDesktop
OpenDesktopA
OpenInputDesktop
GetUserObjectInformationA
GetProcessWindowStation
CloseWindowStation
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DestroyMenu
ClientToScreen
GetDC
WindowFromPoint
ReleaseDC
GetWindowDC
GetMessageA
TranslateMessage
SetProcessWindowStation
OpenWindowStationA
MessageBoxA
MessageBoxW
EnumDesktopWindows
GetWindowThreadProcessId
GetWindowLongA
GetParent
IsWindowVisible
EnumWindows
EnumChildWindows
GetDesktopWindow
GetWindowTextA
GetWindowTextW
LoadIconA
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetUserObjectInformationW
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
EnableWindow
CharToOemA
OemToCharA
PostMessageA
PostQuitMessage
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
SetCapture
ReleaseCapture
WaitMessage
DestroyIcon
PostThreadMessageA
RemoveMenu
RegisterClipboardFormatA
InflateRect
CharUpperA
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
GetSysColorBrush
GetMenuStringA
DeleteMenu
InsertMenuA
PtInRect
GetClassNameA
GetWindowRect
ShowOwnedPopups
SetCursor
IsWindowEnabled
GetLastActivePopup
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
MoveWindow

gdi32

SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
SetMapperFlags
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
ArcTo
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CopyMetaFileA
CreateDCA
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
CreateFontIndirectA
GetCurrentPositionEx
GetBitmapBits
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPointA
CreateDIBitmap
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
RectVisible
CreateBitmap
GetDCOrgEx

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegSetValueExW
RegQueryValueExW
RegConnectRegistryA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
LookupAccountSidW
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
GetAce
SetSecurityDescriptorDacl
LookupAccountNameW
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
GetUserNameA
GetTokenInformation
LookupAccountSidA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA

shell32

ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA

comctl32

ord17

oledlg

ord8

ole32

CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
ReleaseStgMedium
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
OleInitialize

olepro32

ord253

oleaut32

LoadTypeLi
SysStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 980KB - Virtual size: 979KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a0fa404c39043869fbbb6e7b25fdb32

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

Sections

.text Size: 980KB - Virtual size: 979KB

.rdata Size: 184KB - Virtual size: 180KB

.data Size: 72KB - Virtual size: 91KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 980KB - Virtual size: 979KB

.rdata
Size: 184KB - Virtual size: 180KB

.data
Size: 72KB - Virtual size: 91KB

.rsrc
Size: 12KB - Virtual size: 11KB