cf2d9ce9be8247d417bf6c1573d5cef68bf292eb542f1848020967b6f7bd9e87

Sharing

Copy URL

Twitter E-mail

General

Target

cf2d9ce9be8247d417bf6c1573d5cef68bf292eb542f1848020967b6f7bd9e87
Size

402KB
MD5

33ae02ba398f2aa67557b864d990b454
SHA1

3f660a56efcbeff1f76281bac8b46095e466ef92
SHA256

cf2d9ce9be8247d417bf6c1573d5cef68bf292eb542f1848020967b6f7bd9e87
SHA512

cea1e9fa338439dc8c26897a00a3b0b4dee16db768956ccfb85a9b4bd3f4d74b5ef7a5bad3df001de6ecd6f95655b46ef33992b0369fe8c7de554096e32d3895
SSDEEP

6144:Ug86OPHv4xhIYfyfKv90RLi4WbcKKw/NLQAaaRwtiXnhOBVMmMs6ylfPjT2MrfOL:iKZiKew4WAzWLY0wtiRIuy1tzOcA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf2d9ce9be8247d417bf6c1573d5cef68bf292eb542f1848020967b6f7bd9e87

Files

cf2d9ce9be8247d417bf6c1573d5cef68bf292eb542f1848020967b6f7bd9e87
.exe windows:6 windows x86 arch:x86

372d45fce03afb0a50f6002ff52fe6d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToTzSpecificLocalTime
GetTickCount64
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
CompareStringW
GetFileType
GetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitProcess
RtlUnwind
RaiseException
OutputDebugStringW
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
VirtualProtect
FileTimeToSystemTime
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
GetThreadLocale
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
FormatMessageA
MulDiv
LocalFree
GetCurrentProcessId
GlobalAddAtomA
GlobalUnlock
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindResourceA
GlobalFree
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
MultiByteToWideChar
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CloseHandle
WriteFile
IsValidCodePage
CreateFileA
WriteConsoleW

user32

GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollPos
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowDC
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetMenuItemID
GetSubMenu
CopyRect
GetSysColor
LoadIconW
GetSystemMenu
AppendMenuA
SendMessageA
DestroyMenu
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxA
SetCursor
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageA
InvalidateRect
ReleaseDC
DispatchMessageA
TranslateMessage
ClientToScreen
ShowWindow
MoveWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
UnregisterClassA
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
PostMessageA
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
SetWindowTextA
IsDialogMessageA
SetCapture
ReleaseCapture
LoadCursorA
RealChildWindowFromPoint
SetTimer
PostThreadMessageA
RegisterClipboardFormatA
KillTimer
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetMenuItemCount
CharUpperA

gdi32

DeleteObject
Escape
GetClipBox
GetStockObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectObject
SetMapMode
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SetTextColor
SetBkColor
GetDeviceCaps
ExtTextOutA
GetObjectA
DeleteDC
CreateBitmap

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathStripToRootA

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleUninitialize

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SysStringLen
SysAllocString
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantCopy
SystemTimeToVariantTime

oledlg

ord8

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

372d45fce03afb0a50f6002ff52fe6d8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

wininet

oleacc

Sections

.text Size: 266KB - Virtual size: 266KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 20KB - Virtual size: 20KB

.text
Size: 266KB - Virtual size: 266KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 20KB - Virtual size: 20KB