e3c6ccb2fe32b634ee8a95793a01723a2b4ce4b34322d027324916935b495f1fN

Sharing

Copy URL Twitter E-mail

General

Target

e3c6ccb2fe32b634ee8a95793a01723a2b4ce4b34322d027324916935b495f1fN
Size

948KB
MD5

2151c5766db5d96c6e18b34d659f01c0
SHA1

8c8bf08eb75bb2cff0bfff78ff756450b3800420
SHA256

e3c6ccb2fe32b634ee8a95793a01723a2b4ce4b34322d027324916935b495f1f
SHA512

525fa9a084b239aa207d0aa7b7ad4a8a6e675c44ad137fd7f6a5d447de7d6f14612cba83c0422974f9e8de97ac4667f38aa8b49beb05025ddcfcf223ba8d1519
SSDEEP

12288:M5XqoytM2syr8gAee7VKWGOi2H0TJy+YM:sXqoytM2syr5AeehKWtnG3X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3c6ccb2fe32b634ee8a95793a01723a2b4ce4b34322d027324916935b495f1fN

Files

e3c6ccb2fe32b634ee8a95793a01723a2b4ce4b34322d027324916935b495f1fN
.exe windows:4 windows x86 arch:x86

11900885ab7985199b411dde3f5ea08a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioSeek
mmioGetInfo
mmioClose
mmioSetInfo
mmioAdvance

ddraw

DirectDrawCreate

dsound

DirectSoundCreate

kernel32

GlobalFlags
GetCPInfo
GetOEMCP
SizeofResource
GetFileSize
TlsGetValue
GetFileTime
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
EnterCriticalSection
LocalReAlloc
GetSystemTime
GetLocalTime
HeapFree
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
CreateThread
ExitThread
TerminateProcess
HeapSize
HeapReAlloc
GetACP
TlsSetValue
RtlUnwind
GetTimeZoneInformation
TlsFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalReAlloc
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
LocalAlloc
GetProcessVersion
GetFullPathNameA
UnlockFile
GetVolumeInformationA
WriteFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
LocalFree
GetCurrentThread
SetLastError
GlobalLock
MulDiv
SetThreadPriority
CreateEventA
SuspendThread
WaitForSingleObject
ResumeThread
SetEvent
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
lstrcatA
InterlockedIncrement
GetVersion
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GetPrivateProfileStringA
GetProcAddress
WritePrivateProfileStringA
GlobalUnlock
LoadLibraryA
lstrcmpA
ReadFile
GlobalHandle
OutputDebugStringA
HeapDestroy
FindResourceA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
CreateMutexA
LoadResource
LockResource
OpenFileMappingA
ReleaseMutex
MapViewOfFile
GetSystemInfo
GetLastError
FindFirstFileA
FindClose
GetFileAttributesA
DeleteFileA
SetFilePointer
GetModuleHandleA
GetModuleFileNameA
CloseHandle
SetEndOfFile
UnmapViewOfFile
GetTempFileNameA
CreateFileMappingA
GetTempPathA
lstrcpyA
CreateFileA
lstrcpynA
Sleep
lstrlenA
GetTickCount
HeapCreate
VirtualFree
GetProfileStringA
FreeLibrary

user32

IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
EqualRect
AdjustWindowRectEx
SendDlgItemMessageA
UpdateWindow
MapWindowPoints
IsDialogMessageA
SetActiveWindow
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
ValidateRect
SetWindowTextA
BeginPaint
EndPaint
LoadStringA
CreateDialogIndirectParamA
EndDialog
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
GetDesktopWindow
DestroyMenu
LoadMenuA
ReuseDDElParam
GetWindowDC
BringWindowToTop
PostQuitMessage
ShowOwnedPopups
CharUpperA
GetSysColorBrush
GetDCEx
LockWindowUpdate
GetClassNameA
SetParent
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
SetMenu
GetWindowTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
GetSystemMetrics
DeferWindowPos
DefWindowProcA
UnpackDDElParam
GetKeyState
WindowFromPoint
IsChild
MessageBoxA
GetTopWindow
ShowCursor
ClientToScreen
OffsetRect
GetDC
ReleaseDC
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
IsIconic
ShowWindow
SetForegroundWindow
KillTimer
SetTimer
GrayStringA
DrawTextA
TabbedTextOutA
MessageBeep
GetCursorPos
PtInRect
GetNextDlgGroupItem
InflateRect
DrawFocusRect
DrawStateA
LoadImageA
GetIconInfo
GetClientRect
GetParent
GetFocus
ReleaseCapture
GetCapture
GetActiveWindow
SetCapture
SetFocus
GetWindowLongA
CopyRect
GetAsyncKeyState
SetWindowPos
InvalidateRect
SendMessageA
EnableWindow
ScreenToClient
SetRect
LoadBitmapA
GetSysColor
RedrawWindow
PostMessageA
SetCursor
IsWindow
GetWindowRect
SetWindowLongA
LoadCursorA
CopyIcon
DestroyCursor
WinHelpA
wsprintfA
GetDlgItem
GetClassInfoA
GetWindowTextLengthA
DestroyWindow
SetCursorPos
SystemParametersInfoA
PeekMessageA
GetDlgCtrlID
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

CreateDIBitmap
CreateBitmap
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetCurrentObject
GetStockObject
Rectangle
GetObjectA
CreateDCA
GetTextExtentPoint32A
Polygon
RectVisible
TextOutA
PtVisible
Escape
CreatePen
ExtTextOutA
GetDeviceCaps
DeleteDC
DeleteObject
RealizePalette
SelectPalette
CreateICA
GetSystemPaletteEntries
StretchBlt
CreatePalette
SetPixel
GetPixel
SelectObject
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetROP2
SetBkMode
SetMapMode
SetViewportOrgEx
GetTextExtentPointA
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SelectClipRgn
ScaleWindowExtEx
MoveToEx
IntersectClipRect
LineTo
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
PatBlt
SetRectRgn
CreateRectRgnIndirect
DPtoLP
CombineRgn
GetTextMetricsA
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ord17

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 712KB - Virtual size: 710KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11900885ab7985199b411dde3f5ea08a

Headers

File Characteristics

Imports

winmm

ddraw

dsound

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 180KB - Virtual size: 180KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 12KB - Virtual size: 129KB

.rsrc Size: 712KB - Virtual size: 710KB

.text
Size: 180KB - Virtual size: 180KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 12KB - Virtual size: 129KB

.rsrc
Size: 712KB - Virtual size: 710KB