372a8d4ae72d1fe208ac7a3e73dc3a2810ac65a9f6d0aec84764451a936fe1bf

Sharing

Copy URL Twitter E-mail

General

Target

372a8d4ae72d1fe208ac7a3e73dc3a2810ac65a9f6d0aec84764451a936fe1bf
Size

1.4MB
MD5

538e73c44d11113b1a6c90d48fa5bc9a
SHA1

1fceb3ff9d4ab7ac8f70a90c873f44ebceb833da
SHA256

372a8d4ae72d1fe208ac7a3e73dc3a2810ac65a9f6d0aec84764451a936fe1bf
SHA512

bd907319ac7aa1fb5bca1a9b680cbbd93e18f5f66ba89b4f2655bc00ab449c641c514822923995cb813289f9e40cafb3228c2398984bb02ebb744f1b8527e352
SSDEEP

24576:ku62AffkBZlbR6uiupLS+P5073ROFyP802IIcc:ku6P+MWt5073RKgc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
372a8d4ae72d1fe208ac7a3e73dc3a2810ac65a9f6d0aec84764451a936fe1bf

Files

372a8d4ae72d1fe208ac7a3e73dc3a2810ac65a9f6d0aec84764451a936fe1bf
.exe windows:4 windows x86 arch:x86

e6f67e4ad359f842741eab9d36973c7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetEnumResourceA
WNetOpenEnumA
WNetCloseEnum

kernel32

GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetCurrentDirectoryA
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
TerminateProcess
GetACP
HeapReAlloc
HeapSize
SetStdHandle
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
UnhandledExceptionFilter
GetLocalTime
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
GetSystemTime
GetProfileStringA
GetTimeZoneInformation
GetFileType
RtlUnwind
GetTickCount
SetErrorMode
GetCurrentDirectoryA
SizeofResource
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetProcessVersion
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
FindNextFileA
CreateFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileA
FindClose
GetFileSize
GlobalReAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
MulDiv
SetLastError
CreateEventA
GetModuleFileNameA
GlobalAlloc
GetCurrentThread
lstrcmpA
GlobalFree
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
lstrcpyA
SetFilePointer
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetDiskFreeSpaceA
SetVolumeLabelA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
WinExec
lstrcpynA
GetFileAttributesExA
CompareFileTime
FormatMessageA
LocalFree
DeleteFileA
GetLogicalDrives
CopyFileA
GetLastError
lstrlenA
GetSystemDirectoryA
GetDriveTypeA
GetComputerNameA
WaitForSingleObject
DeviceIoControl
GetVersion
_lclose
_lopen
_lread
FreeEnvironmentStringsA

user32

TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetLastActivePopup
IsWindowVisible
IsIconic
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
GetCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
RegisterClassA
wsprintfA
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
IsWindow
GetScrollInfo
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
ScreenToClient
DrawFrameControl
GetSysColor
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
ShowScrollBar
IsWindowUnicode
GetWindowRect
ScrollWindow
EndDeferWindowPos
LoadBitmapA
GetAsyncKeyState
GetDlgItemInt
ReleaseCapture
SetCapture
LoadCursorA
SetCursor
FillRect
OffsetRect
ClientToScreen
CopyRect
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
SetWindowLongA
IsChild
MessageBoxA
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetActiveWindow
GetScrollRange
KillTimer
SetTimer
GetFocus
LoadIconA
InvalidateRect
GetSystemMetrics
PostMessageA
GetClientRect
GetCursorPos
CreatePopupMenu
AppendMenuA
PostThreadMessageA
UpdateWindow
GetParent
MessageBeep
EnableWindow
BeginDeferWindowPos
DeferWindowPos
MapWindowPoints
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetParent
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
DestroyIcon
WindowFromPoint
GetMenuStringA
DeleteMenu
InsertMenuA
LoadStringA
DefDlgProcA
SetScrollInfo
GetClassNameA
GetSysColorBrush
CharUpperA
PtInRect
SetRect
FindWindowA
wvsprintfA
MapDialogRect
SetWindowContextHelpId
OemToCharA
CharToOemA
IsZoomed
InflateRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMessageA
ValidateRect
ShowOwnedPopups
PostQuitMessage
GetDC
ReleaseDC
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
DefMDIChildProcA
ModifyMenuA
GetMenuState

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
DeleteObject
CreateRectRgn
SetViewportOrgEx
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
LPtoDP
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
StretchDIBits
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
BitBlt
SetMapMode
SetStretchBltMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
StretchBlt
CreateSolidBrush
Rectangle
GetDeviceCaps
ResetDCA
GetTextColor
GetTextExtentPoint32A
GetBkColor
GetTextMetricsA
GetObjectA
CreateDIBitmap
GetTextExtentPointA
CreateFontIndirectA

comdlg32

PrintDlgA
GetFileTitleA
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
GetUserNameA
RegQueryValueA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegSetValueA
RegCloseKey

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
SHFileOperationA
ShellExecuteA
ExtractIconA

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime

odbc32

ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord10
ord11
ord36
ord16
ord3

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6f67e4ad359f842741eab9d36973c7e

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 76KB - Virtual size: 120KB

.rsrc Size: 148KB - Virtual size: 212KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 76KB - Virtual size: 120KB

.rsrc
Size: 148KB - Virtual size: 212KB