e2271022e34cc4d949008f8c2315c1160b403442958504431b3f38036f229d61N

Sharing

Copy URL

Twitter E-mail

General

Target

e2271022e34cc4d949008f8c2315c1160b403442958504431b3f38036f229d61N
Size

234KB
MD5

534e31a22e33c58a5ba811b89ce27230
SHA1

172bb292c90701d00de20c5d3248ed1d640ce5ca
SHA256

e2271022e34cc4d949008f8c2315c1160b403442958504431b3f38036f229d61
SHA512

e6e0d92d82d839418879dd1d8871700cb3502629165b140c78ee2c8a93f371f73aa315d155c7a734a6832c01d5de3909cec1f5d197de787ca9b53c3a2f43c506
SSDEEP

6144:oQ/VV/frgyT+LWXjdBV+UdvrEFp7hKp8/N/a:NVV/MyGWXjdBjvrEH734

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2271022e34cc4d949008f8c2315c1160b403442958504431b3f38036f229d61N

Files

e2271022e34cc4d949008f8c2315c1160b403442958504431b3f38036f229d61N
.exe windows:4 windows x86 arch:x86

98a092509a857ae89ee89314ec0f5a4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
SetFileAttributesA
FindFirstFileA
RemoveDirectoryA
GetFileAttributesA
CreateProcessA
GetVersionExA
GetPrivateProfileStringA
GetLocalTime
CreateDirectoryA
GlobalAlloc
WritePrivateProfileStringA
WaitForSingleObject
FreeResource
SetErrorMode
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
GlobalUnlock
GlobalFree
SizeofResource
_lcreat
_lwrite
_lclose
WinExec
OpenFile
lstrcpynA
FileTimeToLocalFileTime
MultiByteToWideChar
GetFileTime
_lread
FileTimeToDosDateTime
_llseek
_lopen
GetDriveTypeA
GetSystemDirectoryA
MulDiv
lstrcmpA
lstrcmpiA
lstrcpyA
GetModuleFileNameA
lstrlenA
CopyFileA
GetTempPathA
GetTempFileNameA
LockResource
FindResourceA
LoadResource
GlobalLock
GetPrivateProfileIntA
DeleteFileA
FindNextFileA
FindClose
FreeEnvironmentStringsW
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
ExitProcess
HeapDestroy
GetEnvironmentVariableA
ReadFile
SetFilePointer
WriteFile
GetStdHandle
SetHandleCount
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
MoveFileA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetOEMCP
GetCPInfo
GetACP

user32

UpdateWindow
RegisterClassA
LoadBitmapA
ShowWindow
LoadIconA
SetTimer
PeekMessageA
TranslateMessage
DdeUninitialize
GetSystemMetrics
SetWindowTextA
GetMessageA
ExitWindowsEx
GetSysColor
LoadCursorA
SetCursor
EnableWindow
IsWindowVisible
CreateDialogParamA
IsDialogMessageA
wsprintfA
PostMessageA
MessageBoxA
CreateWindowExA
EndPaint
PostQuitMessage
GetClientRect
BeginPaint
ReleaseDC
InvalidateRect
GetDC
DefWindowProcA
MoveWindow
GetWindowRect
SetDlgItemTextA
EndDialog
GetDlgItemTextA
SetRect
ScreenToClient
GetDlgItem
GetWindowTextA
SendDlgItemMessageA
SetFocus
OemToCharA
CharNextA
GetDialogBaseUnits
FillRect
DrawIcon
LoadStringA
GetParent
EnumChildWindows
FindWindowA
SendMessageA
DdeCreateDataHandle
DdeInitializeA
DdeConnect
DdeClientTransaction
DdeGetData
DdeDisconnect
DestroyWindow
DispatchMessageA
DialogBoxParamA
KillTimer
DdeFreeDataHandle
DdeCreateStringHandleA

gdi32

GetStockObject
TextOutA
SetTextColor
GetTextExtentPointA
CreateFontA
GetDeviceCaps
SetBkMode
BitBlt
CreateCompatibleDC
DeleteDC
CreateSolidBrush
SelectObject
PatBlt
SelectPalette
ExtTextOutA
RealizePalette
MoveToEx
CreatePen
SetBkColor
CreateFontIndirectA
StretchBlt
LineTo
CreateDIBitmap
CreatePalette
CreateCompatibleBitmap
DeleteObject
GetObjectA

comdlg32

GetOpenFileNameA

advapi32

RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
RegSetValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
DeleteService
ControlService
OpenServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98a092509a857ae89ee89314ec0f5a4c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 13KB - Virtual size: 15KB

.rsrc Size: 74KB - Virtual size: 73KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 13KB - Virtual size: 15KB

.rsrc
Size: 74KB - Virtual size: 73KB