e13ae7120b81cd8367e4a162aa881f90N

Sharing

Copy URL Twitter E-mail

General

Target

e13ae7120b81cd8367e4a162aa881f90N
Size

288KB
MD5

e13ae7120b81cd8367e4a162aa881f90
SHA1

3b152c4573c54169cf427cb465a6a42420017e11
SHA256

6faa13a55dc46b2919ab630d6bb7d9131dd78ca3c97770a808fe7263b5d0545f
SHA512

2dee6b4149f694140db141be1bb821bcee23cf094b02cedfc889fba667a20c549dc8aee7821a7ba48aa6ac41bfbfc1393d72474908afb20eea7e01c20fcbda3d
SSDEEP

3072:WAVy8mF6ERXSVKjeIrwZN/oHQI2+P8+hIxUxIkH6/0YFTDowOUnPIRXjIanql8ad:WAPmFxZdjIZNqFjP3hm5jP4z1M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e13ae7120b81cd8367e4a162aa881f90N

Files

e13ae7120b81cd8367e4a162aa881f90N
.exe windows:4 windows x86 arch:x86

a1f6a1be907d37b1e02cde7d9344bfed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
RaiseException
TerminateProcess
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
HeapFree
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
SetErrorMode
GetFileTime
GetFileSize
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
FindNextFileA
FindFirstFileA
FindClose
lstrcmpA
GetCurrentThread
lstrcpynA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
LockResource
FindResourceA
LoadResource
CreateFileA
SetFileTime
CloseHandle
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
GetPrivateProfileSectionA
LoadLibraryA
GetProcAddress
FreeLibrary
CopyFileA
GetWindowsDirectoryA
DosDateTimeToFileTime
LocalFileTimeToFileTime
CompareFileTime
GetFileAttributesA
SetFileAttributesA
FormatMessageA
MulDiv
GetModuleFileNameA
GetTempPathA
GetTempFileNameA
WritePrivateProfileStringA
GetFileAttributesExA
FileTimeToSystemTime
lstrlenA
GetPrivateProfileIntA
GetPrivateProfileStringA
RemoveDirectoryA
GetLastError
DeleteFileA
CreateDirectoryA
UnhandledExceptionFilter
SetCurrentDirectoryA

user32

TabbedTextOutA
DrawTextA
GrayStringA
GetCursorPos
ValidateRect
SetCursor
LoadStringA
CharUpperA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
IsDialogMessageA
SetDlgItemTextA
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndDialog
GetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
InSendMessage
GetMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
GetNextDlgTabItem
GetFocus
GetKeyState
CopyRect
FillRect
GetSysColor
GetWindowRect
OffsetRect
GetDesktopWindow
GetClientRect
SetWindowLongA
SetRect
GetWindow
PostQuitMessage
LoadBitmapA
LockWindowUpdate
InvalidateRect
UpdateWindow
SetActiveWindow
wsprintfA
PeekMessageA
IsWindowVisible
SendMessageA
GetParent
EnableWindow
GetClassLongA
UnregisterClassA

gdi32

MoveToEx
LineTo
DeleteObject
GetDeviceCaps
GetClipBox
CreateSolidBrush
PtVisible
RectVisible
TextOutA
Escape
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
ExtTextOutA
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
CreatePen
BitBlt
GetCurrentObject
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
SetTextColor

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
GetUserNameA
RegCloseKey

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA

comctl32

ord17

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adate
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1f6a1be907d37b1e02cde7d9344bfed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 20KB - Virtual size: 97KB

.rsrc Size: 48KB - Virtual size: 44KB

.adate Size: 16KB - Virtual size: 13KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 20KB - Virtual size: 97KB

.rsrc
Size: 48KB - Virtual size: 44KB

.adate
Size: 16KB - Virtual size: 13KB