558c9b93e0d1585d9f3a8a464f39a695500eb0a8ce60dec6edb66cd116a0d14e

Sharing

Copy URL

Twitter E-mail

General

Target

558c9b93e0d1585d9f3a8a464f39a695500eb0a8ce60dec6edb66cd116a0d14e
Size

454KB
MD5

3b8965dca3ec4de66da442d9fe4ac2d9
SHA1

a3776e6db22e776c46e444a67c18b8dd3f4b62c7
SHA256

558c9b93e0d1585d9f3a8a464f39a695500eb0a8ce60dec6edb66cd116a0d14e
SHA512

09255ffbb207cd8b137bb9923cede5b4e8e0c4468494d7ab9bfa9feb4a7aadb22de4e3064f026b75db1907d80f3628292a91fe9380c0ee839c21e98d78b42032
SSDEEP

6144:gDY8rUKZ0pqumOS3AkL+QyCaY/u9BEwQq1wpQPLarALLPt9oJO8adcz5e4fnVsHS:2YwAknNyyiWrAXPt9oJqmQ4dh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
558c9b93e0d1585d9f3a8a464f39a695500eb0a8ce60dec6edb66cd116a0d14e

Files

558c9b93e0d1585d9f3a8a464f39a695500eb0a8ce60dec6edb66cd116a0d14e
.exe windows:5 windows x86 arch:x86

e51fb4115af2b2a44b94328fa4736a00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualQuery
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LockResource
LoadResource
VirtualProtect
HeapSize
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
FindNextFileA
FindFirstFileA
FindResourceW
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
GetModuleHandleW
GetSystemInfo
GetVersionExW
CreateProcessA
LoadLibraryA
GetModuleFileNameW
CloseHandle
SetEvent
OpenEventW
InitializeCriticalSection
ReleaseMutex
CreateMutexW
InterlockedDecrement
GetSystemDefaultLangID
FileTimeToSystemTime
FileTimeToLocalFileTime
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateThread
WaitForSingleObject
ExitProcess
GetFileAttributesA
GetModuleFileNameA
UnmapViewOfFile
InterlockedIncrement
OpenFileMappingW
CreateEventW
WaitForMultipleObjects
GetTickCount
ResetEvent
LocalFree
HeapFree
MapViewOfFile
CreateFileMappingW
LocalAlloc
RtlUnwind
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WritePrivateProfileStringW
GetThreadLocale
lstrlenA
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
HeapAlloc
GetProcessHeap
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrlenW
MulDiv
SetLastError
LoadLibraryExW
GetPrivateProfileIntA
ReadFile
GetPrivateProfileStringA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetCurrentThread
GetCurrentProcess
GetSystemTime
WideCharToMultiByte
GetPrivateProfileStringW
GetPrivateProfileIntW
WriteFile
CreateFileW
GetFileSize
SizeofResource

user32

IsRectEmpty
CharNextW
CharUpperW
ReleaseCapture
SetCapture
UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
CreateDialogIndirectParamW
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetRect
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
EnableWindow
SendMessageW
SetWindowTextA
GetWindowTextA
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
IsWindowVisible
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetWindowDC
ScreenToClient
RegisterClipboardFormatW
PostThreadMessageW
IsWindow
GetWindowTextLengthA
GetSystemMetrics
DrawIcon
CreatePopupMenu
AppendMenuW
PostMessageW
IsIconic
GetClientRect
UpdateWindow
SetTimer
KillTimer
SetForegroundWindow
LoadIconW
GetCursorPos
GetForegroundWindow
ShowWindow
GetDesktopWindow
DrawStateW
CopyRect
InflateRect
OffsetRect
FillRect
FrameRect
DrawFocusRect
GetWindowRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem
GetParent
WindowFromPoint
GetWindowLongW
DestroyIcon
SetCursor
GetSysColor
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadBitmapW
DrawIconEx
DestroyCursor

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePen
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
GetClipBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateSolidBrush
GetObjectW
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
GetStockObject
DeleteObject
CreateFontW
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC

msimg32

GradientFill

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetTokenInformation
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
MakeAbsoluteSD
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyA
RegCreateKeyA
GetUserNameA
LookupAccountSidA
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteW
ShellExecuteA
Shell_NotifyIconW

comctl32

_TrackMouseEvent

shlwapi

StrCmpW
StrStrW
PathFileExistsW
StrCatW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
StrCpyW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
OleRun
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantClear
SysAllocStringLen
VariantChangeType
VariantInit
SysStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
GetErrorInfo

crypt32

CertFindCertificateInStore
CertCreateCertificateContext
CertOpenStore
CertCloseStore
CertFreeCertificateContext
CertAddCertificateContextToStore
CertGetNameStringW
CertDeleteCertificateFromStore
CertCompareCertificate
CertEnumCertificatesInStore
CertSetCertificateContextProperty

cryptui

CryptUIDlgViewCertificateW

winmm

PlaySoundW

Sections

.text
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e51fb4115af2b2a44b94328fa4736a00

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

crypt32

cryptui

winmm

Sections

.text Size: 288KB - Virtual size: 288KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 14KB - Virtual size: 37KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 288KB - Virtual size: 288KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 14KB - Virtual size: 37KB

.rsrc
Size: 64KB - Virtual size: 64KB