5695207fa0fe3320ce3f1233bca2bd9248b79513e0bdeb158e07047340c8a690

Sharing

Copy URL Twitter E-mail

General

Target

5695207fa0fe3320ce3f1233bca2bd9248b79513e0bdeb158e07047340c8a690
Size

10.0MB
MD5

8ac3142a02627b53f50aa4942cbab4d1
SHA1

f8454314b0791bb66a9aa1cc5fd96fc2ef64a7e3
SHA256

5695207fa0fe3320ce3f1233bca2bd9248b79513e0bdeb158e07047340c8a690
SHA512

ccef6fbab03f08d20df916104581eee4c9cb193c7e513e07e13775d62b458e93b9bb3618a189395b8b597bfe14a33a124efaa5d55bb5e5556d2dca9be9cf5895
SSDEEP

196608:GTw4uj5Lo5UCRvg1pLrbdTB3cJmmLeB9hOuJ71QxYJHtM5A4ZuYOuJI:P4uj5s5UCRv8x513cJ92zZYMHtM5A4I3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5695207fa0fe3320ce3f1233bca2bd9248b79513e0bdeb158e07047340c8a690

Files

5695207fa0fe3320ce3f1233bca2bd9248b79513e0bdeb158e07047340c8a690
.exe windows:4 windows x86 arch:x86

f04535dddf038054557480ddf1870083

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
SetStdHandle
ExitProcess
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileAttributesA
GlobalAlloc
lstrcmpA
GetCurrentThread
GetThreadLocale
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
FormatMessageA
LocalFree
MulDiv
GetProcAddress
GetFullPathNameA
CreateMutexA
ReleaseMutex
FindNextFileA
SetFileAttributesA
CreateDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
WaitForSingleObject
FindFirstFileA
FindClose
GetPrivateProfileIntA
WritePrivateProfileStringA
CopyFileA
Sleep
RemoveDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
GetCommandLineA
LoadLibraryA
FindResourceA
SizeofResource
LoadResource
LockResource
lstrcatA
lstrlenA
WinExec
lstrcpyA
MultiByteToWideChar
CreateFileW
GetVersion
GetVersionExA
FreeLibrary
GetTempPathA
DeleteFileA
CreateFileA
ReadFile
GetFileSize
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
TerminateProcess
GetLastError
CloseHandle
GetPrivateProfileStringA
lstrcmpiA
GetCurrentThreadId
HeapFree
GetProcessHeap
HeapAlloc
GetEnvironmentStringsW

user32

IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GrayStringA
TabbedTextOutA
DrawEdge
SetRect
CopyRect
DrawFocusRect
GetSubMenu
TrackPopupMenuEx
CopyAcceleratorTableA
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
DestroyIcon
DestroyCursor
DestroyMenu
LoadImageA
UpdateWindow
PeekMessageA
TranslateMessage
DispatchMessageA
DrawIcon
GetSystemMenu
AppendMenuA
FindWindowA
IsWindow
IsIconic
ShowWindow
SetForegroundWindow
SetWindowRgn
PostMessageA
MessageBeep
GetParent
GetDC
LoadCursorA
SetCursor
SystemParametersInfoA
EnableWindow
LoadBitmapA
InvalidateRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SetWindowsHookExA
CharNextA
GetClientRect
LoadIconA
MessageBoxA
GetSystemMetrics
FillRect
GetSysColorBrush
FrameRect
InflateRect
GetSysColor
GetWindowTextA
OffsetRect
DrawTextA
CallWindowProcA
DefWindowProcA
CallNextHookEx
EnumChildWindows
ScreenToClient
AdjustWindowRectEx
PostThreadMessageA
RegisterClipboardFormatA
DrawStateA
GetNextDlgGroupItem
ReleaseDC
GetWindowRect
GetWindowDC
GetClassNameA
GetWindowLongA
GetFocus
SetWindowLongA
SendMessageA
RedrawWindow
EnumThreadWindows
UnhookWindowsHookEx
GetDesktopWindow
PtInRect
LoadStringA
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
PostQuitMessage
CharUpperA
GetCursorPos
EndPaint
BeginPaint
MoveWindow
SetWindowTextA
IsDialogMessageA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SendDlgItemMessageA
MapWindowPoints
ClientToScreen
SetFocus

gdi32

GetTextExtentPoint32A
StretchBlt
GetBkColor
CreateRectRgn
CreateBitmap
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
ExtCreateRegion
GetBitmapBits
GetDeviceCaps
GetClipBox
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectA
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
GetMapMode
PatBlt
DPtoLP
GetTextColor
LPtoDP
CreateFontIndirectA
StretchDIBits
SelectPalette
CreatePalette
CreateDIBitmap
CreateFontA
RoundRect
SetBkColor
GetStockObject
Ellipse
CreatePen
MoveToEx
LineTo
CreateSolidBrush
SetPixel
SetTextColor
DeleteObject
DeleteDC
CreateCompatibleDC
SetBkMode
SelectObject
CreateCompatibleBitmap
GetTextExtentPointA
BitBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
AdjustTokenPrivileges

shell32

SHGetSpecialFolderPathA
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen

wintrust

CryptCATAdminReleaseCatalogContext
WinVerifyTrust
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATCatalogInfoFromContext

msimg32

GradientFill

winmm

PlaySoundA

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101.1MB - Virtual size: 101.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f04535dddf038054557480ddf1870083

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wintrust

msimg32

winmm

Sections

.text Size: 264KB - Virtual size: 262KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 32KB - Virtual size: 61KB

.rsrc Size: 101.1MB - Virtual size: 101.1MB

.text
Size: 264KB - Virtual size: 262KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 32KB - Virtual size: 61KB

.rsrc
Size: 101.1MB - Virtual size: 101.1MB