ed1d01740b250208894f0ce0960e56823ec73b5dfa97d26e8c5783a76586efec

Sharing

Copy URL

Twitter E-mail

General

Target

ed1d01740b250208894f0ce0960e56823ec73b5dfa97d26e8c5783a76586efec
Size

582KB
MD5

3e2e7fefb5f15ff9cca7ea8d2d3d366c
SHA1

7f2d918f748bfeee99fabb85422eb299b77f03fa
SHA256

ed1d01740b250208894f0ce0960e56823ec73b5dfa97d26e8c5783a76586efec
SHA512

b0e9abf438038e1088a41b124484615c4926853acbf3a389e4905d1582c5e31636d706644ea5423ed827b936832cc9f42e598787ff65218c6526d331705a6eee
SSDEEP

6144:cN9cWHXF45+2hK8garcaA+wsyztTBV9R:ycWHXFAphBgaQcLWtT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed1d01740b250208894f0ce0960e56823ec73b5dfa97d26e8c5783a76586efec

Files

ed1d01740b250208894f0ce0960e56823ec73b5dfa97d26e8c5783a76586efec
.exe windows:4 windows x86 arch:x86

9c7584bf537f00c8130b1e6db8d79418

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
GetFileAttributesW
GetFileTime
GetStartupInfoW
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetStdHandle
FlushFileBuffers
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
SetStdHandle
LCMapStringA
LCMapStringW
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetCurrentProcess
DuplicateHandle
SetErrorMode
FindResourceA
GlobalAddAtomA
GetProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
SizeofResource
GetProcessVersion
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
lstrcpynW
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FormatMessageW
LocalFree
FindNextFileW
FindFirstFileW
FindClose
MulDiv
SetLastError
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
lstrlenA
MultiByteToWideChar
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GetModuleHandleW
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
lstrlenW
GetCurrentThread
GetCurrentThreadId
GetSystemDirectoryA
LoadLibraryA
GetTickCount
GetCommandLineW
GetCommandLineA
WideCharToMultiByte
GetFileSize
SetFilePointer
CreatePipe
CreateProcessW
PeekNamedPipe
ReadFile
WriteFile
GetLogicalDrives
GetDriveTypeA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetComputerNameW
GetVersionExW
OpenProcess
TerminateProcess
CloseHandle
CreateFileW
SetFileTime
DeleteFileW
VirtualAlloc
CreateMutexW
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
CreateEventW
SetEvent
WaitForSingleObject
ResetEvent
CreateThread
GetFileType
Sleep

user32

RegisterClipboardFormatW
PostThreadMessageW
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextW
GetDlgCtrlID
DefWindowProcW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
InflateRect
SetForegroundWindow
SetWindowLongW
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
MessageBeep
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
LoadIconW
SendMessageW
AppendMenuW
GetSystemMenu
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
SetCursor
PostQuitMessage
PostMessageW
CharUpperW
InvalidateRect
GetForegroundWindow
EnableWindow
IsIconic
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DrawIcon
GetClientRect
GetSystemMetrics
SetRect
CopyAcceleratorTableW
CharNextW
GetSysColorBrush
PtInRect
GetClassNameW
CreateDialogIndirectParamW
GetNextDlgGroupItem
GetDesktopWindow
LoadCursorW
GrayStringW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
GetWindow
DrawTextW

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetMapMode
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile

winmm

timeGetTime

psapi

GetModuleFileNameExW
EnumProcesses
EnumProcessModules

iphlpapi

GetAdaptersInfo

ws2_32

getservbyport
ntohs
gethostbyaddr
getservbyname
htonl
WSASetLastError
inet_ntoa
bind
listen
accept
WSAStartup
closesocket
send
connect
socket
WSAGetLastError
gethostbyname
inet_addr
htons
gethostname
recv
select

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c7584bf537f00c8130b1e6db8d79418

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

winmm

psapi

iphlpapi

ws2_32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 10KB - Virtual size: 1.0MB

.rsrc Size: 31KB - Virtual size: 31KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 10KB - Virtual size: 1.0MB

.rsrc
Size: 31KB - Virtual size: 31KB

.shell
Size: 320KB - Virtual size: 320KB