0720e9bb7ea13d2ce0cc9b4b4d700d8b6fe81a02af05906223f28d5bcf6b18f5

Sharing

Copy URL

Twitter E-mail

General

Target

0720e9bb7ea13d2ce0cc9b4b4d700d8b6fe81a02af05906223f28d5bcf6b18f5
Size

4.4MB
MD5

ce32f0829dfa8666426b2372f12db47d
SHA1

aae4544ca18288cd27075928cf6371e2105ff490
SHA256

0720e9bb7ea13d2ce0cc9b4b4d700d8b6fe81a02af05906223f28d5bcf6b18f5
SHA512

939e14db1cecf57c1403381f11b1d435b4b98c51833691a4b678ef4ed39c57ceb7860f59c4cf38e7284c0194da68ca40bdf9cb00c1aab0f9637f78943cbd4245
SSDEEP

98304:X1zI2gjQr1qyUpkgrltIQaP/iF0QXdf5b:X6m1qyBil8vQXh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0720e9bb7ea13d2ce0cc9b4b4d700d8b6fe81a02af05906223f28d5bcf6b18f5

Files

0720e9bb7ea13d2ce0cc9b4b4d700d8b6fe81a02af05906223f28d5bcf6b18f5
.exe windows:6 windows x86 arch:x86

a0bf562246091f817b5d0fff18cca1ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetUserDefaultUILanguage
GetLocaleInfoW
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
GetFileType
GetStdHandle
HeapQueryInformation
GetCommandLineA
GetModuleHandleExW
ExitProcess
RtlUnwind
OutputDebugStringW
GlobalFlags
IsProcessorFeaturePresent
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
GetPrivateProfileStringW
GetSystemDefaultUILanguage
lstrcmpA
GetVersionExW
CreateEventW
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
EncodePointer
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
LoadLibraryW
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
LeaveCriticalSection
GetPrivateProfileIntW
EnterCriticalSection
WritePrivateProfileStringW
CopyFileW
DeleteFileW
Sleep
GetCommandLineW
TerminateProcess
VirtualQueryEx
ReadProcessMemory
GetProcessId
MapViewOfFile
CreateFileMappingW
CreateThread
GetCurrentThread
UnmapViewOfFile
OpenFileMappingW
CreateFileW
DeviceIoControl
WriteFile
VirtualProtect
VirtualFreeEx
Module32NextW
CreateRemoteThread
GetModuleHandleW
VirtualAllocEx
GetProcAddress
Module32FirstW
CloseHandle
GetExitCodeThread
CreateToolhelp32Snapshot
OpenProcess
WaitForSingleObject
GetModuleFileNameW
WriteProcessMemory
VirtualQuery
WideCharToMultiByte
GetProcessHeap
GetCurrentProcessId
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
RaiseException
HeapReAlloc
LockResource
GetLastError
MultiByteToWideChar
HeapSize
GetCurrentThreadId
InitializeCriticalSectionEx
HeapFree
WriteConsoleW
QueryPerformanceCounter
SizeofResource

user32

SetDlgItemTextW
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetScrollPos
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
UpdateWindow
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
GetActiveWindow
CreateWindowExW
GetClassInfoExW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetMenuItemCount
GetWindowTextW
GetParent
SetWindowsHookExW
FindWindowW
GetMenuItemID
GetSubMenu
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetSystemMenu
GetSystemMetrics
DrawIcon
SetClassLongW
RedrawWindow
GetClientRect
IsIconic
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
ReleaseDC
ClientToScreen
CreateDialogIndirectParamW
EndDialog
GetCapture
GetNextDlgTabItem
EnumWindows
UnhookWindowsHookEx
UnregisterClassW
CallNextHookEx
SendMessageW
MessageBoxW
IsWindowVisible
GetWindowRect
GetLastActivePopup
GetWindowThreadProcessId
GetCursorPos
SetForegroundWindow
AppendMenuW
InsertMenuW
GetClassNameW
LoadIconW
DestroyMenu
IsWindow
ShowWindow
TrackPopupMenu
CreatePopupMenu
PostMessageW
RegisterClassW
GetClassInfoW
EnableWindow
ReleaseCapture
SetCursor
SetCapture
GetDesktopWindow
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
LoadCursorW
GetMenuCheckMarkDimensions
LoadBitmapW
CharUpperW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
GetSysColorBrush
PostQuitMessage
TranslateMessage
IsMenu
GetMessageW
WindowFromPoint
SetMenuItemInfoW

gdi32

DeleteObject
Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps
DeleteDC

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW
Shell_NotifyIconW

shlwapi

StrCpyW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFileExistsW

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantChangeType
VariantClear
VariantInit
SysFreeString

iphlpapi

GetAdaptersInfo

wininet

InternetReadFile
InternetOpenUrlW
InternetCloseHandle
HttpQueryInfoW
InternetOpenW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h!y
Size: 793KB - Virtual size: 793KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0bf562246091f817b5d0fff18cca1ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

iphlpapi

wininet

oleacc

Sections

.text Size: 295KB - Virtual size: 294KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 7KB - Virtual size: 18KB

.h!y Size: 793KB - Virtual size: 793KB

.reloc Size: 21KB - Virtual size: 21KB

.rsrc Size: 3.3MB - Virtual size: 3.3MB

.text
Size: 295KB - Virtual size: 294KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 7KB - Virtual size: 18KB

.h!y
Size: 793KB - Virtual size: 793KB

.reloc
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 3.3MB - Virtual size: 3.3MB