d56bd415ae2cc3d890580a2e871892d92aa784869c4613647733d8ce4a5fc753

Sharing

Copy URL

Twitter E-mail

General

Target

d56bd415ae2cc3d890580a2e871892d92aa784869c4613647733d8ce4a5fc753
Size

305KB
MD5

84f5bdf0c1f4727a2068d34d220783e9
SHA1

adde07173b465f1db9b7d7f68a3adffeceae5d55
SHA256

d56bd415ae2cc3d890580a2e871892d92aa784869c4613647733d8ce4a5fc753
SHA512

96ebb9c982b82f1b200c068dfea44ab82379447cd60a1f5a0a53c259130fcdf2c1587608146b2b4d10235d4a88ad73b65279bd73b6bb50d641e09c6a22125f37
SSDEEP

6144:v2uO84xcMVRUS8Zbj5wJQkNt2zwBAaxJ8bXZQYcHJ:+RJIdlwJ9HmhrZiHJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d56bd415ae2cc3d890580a2e871892d92aa784869c4613647733d8ce4a5fc753

Files

d56bd415ae2cc3d890580a2e871892d92aa784869c4613647733d8ce4a5fc753
.exe windows:5 windows x86 arch:x86

5e0104c0dd69aae7e10c14c0c2928ab9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitializeSecurity
CoInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CoResumeClassObjects
CLSIDFromString
CoUninitialize
CLSIDFromProgID
OleRun
StringFromGUID2

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
ShellExecuteExW

advapi32

RegCloseKey
RegQueryValueExA
RegNotifyChangeKeyValue
RegCreateKeyExW
LookupPrivilegeValueW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyExA

user32

FlashWindow
GetParent
GetForegroundWindow
PeekMessageW
GetWindowThreadProcessId
GetWindowTextW
SendInput
GetClassInfoW
ReleaseDC
CallNextHookEx
BeginPaint
DispatchMessageW
SystemParametersInfoW
UnhookWindowsHookEx
PostQuitMessage
PostThreadMessageW
GetNextDlgTabItem
MapDialogRect
SetCursor
GetDC
GetClassInfoExW
ScreenToClient
GetFocus
ExitWindowsEx
CreateDialogParamW
GetWindowPlacement
GetTabbedTextExtentW
IsWindowVisible
SetFocus
GetClientRect
GetCursorPos
AttachThreadInput
SetWindowPos
GetWindowDC
GetClassNameW
GetWindow
RegisterClassW
DrawTextW
AppendMenuW
DialogBoxParamW
GetWindowLongW
SetWindowTextW
SetCapture
GetDlgItem
RedrawWindow
ShowWindow
IsWindowEnabled
InvalidateRect
IsRectEmpty
DestroyIcon
SetWindowPlacement
GetKeyState
GetWindowRect
SetWindowsHookExW
EmptyClipboard
IsWindow
IsIconic
SetWindowLongW
SetTimer
TabbedTextOutW
PtInRect
IsCharAlphaNumericW
CharUpperBuffW
GetActiveWindow
CallWindowProcW
SetMenuDefaultItem
GetMessageW
OffsetRect
LoadBitmapW
GetDesktopWindow
SetForegroundWindow
TranslateMessage
OpenClipboard
LoadImageW
CloseClipboard
UnregisterClassA
KillTimer
CharNextW
GetGUIThreadInfo
SendMessageW
SetClipboardData
GetCapture
UpdateWindow
IsDialogMessageW
GetSysColor
DrawFocusRect
SetRectEmpty
GetWindowTextLengthW
DrawStateW
MessageBoxW
GetSystemMenu
FindWindowExW
ReleaseCapture
MoveWindow
LoadCursorW
CreateWindowExW
EndPaint
RegisterClassExW
DestroyWindow
GetSystemMetrics
DrawIconEx
InflateRect
SetDlgItemTextW
RegisterWindowMessageW
PostMessageW
EnableWindow
SetParent
EndDialog
CopyRect
GetDlgCtrlID
DefWindowProcW
GetTopWindow
MapWindowPoints

kernel32

FatalAppExitW
WaitForSingleObject
LocalFree
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
DeleteFileW
GetDriveTypeW
lstrcmpW
GetDateFormatW
IsProcessorFeaturePresent
HeapSize
SetWaitableTimer
TerminateThread
HeapDestroy
lstrcmpiW
FreeLibrary
MulDiv
HeapFree
OpenEventW
lstrlenW
FindFirstFileW
WaitForMultipleObjects
CreateEventW
CreateThread
WideCharToMultiByte
GetModuleHandleW
ResumeThread
GetThreadLocale
GlobalUnlock
EnterCriticalSection
VirtualAlloc
GetACP
FindNextFileW
GetTimeFormatW
FlushInstructionCache
LeaveCriticalSection
GetCurrentThreadId
lstrcpynW
LoadLibraryExW
GetCommandLineW
SetLastError
GlobalLock
GetNumberFormatW
RaiseException
GlobalFree
LockResource
GetUserDefaultLCID
VirtualFree
FormatMessageW
lstrcpyW
lstrlenA
FindResourceExW
GetSystemTimeAsFileTime
FindClose
UnhandledExceptionFilter
FindResourceW
GlobalAlloc
SizeofResource
DeleteCriticalSection
GetProcessHeap
HeapAlloc
CloseHandle
LoadResource
LocalAlloc
HeapReAlloc
IsDebuggerPresent
GetUserDefaultLangID
CreateWaitableTimerW
GetStartupInfoW
VirtualAllocEx

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
GetErrorInfo
LoadRegTypeLi
VariantClear
SafeArrayRedim
SysAllocStringLen
DispCallFunc
SysAllocString
SysStringLen
SafeArrayDestroy
VarBstrCmp
VariantInit
VariantCopyInd
SafeArrayUnaccessData
SysFreeString
SystemTimeToVariantTime
SafeArrayGetVartype
SysAllocStringByteLen
SafeArrayCopy
VariantTimeToSystemTime
SafeArrayGetDim
SafeArrayUnlock
SysStringByteLen
LoadTypeLi
SafeArrayAccessData
SafeArrayLock

userenv

UnloadUserProfile

gdi32

SelectObject
GetTextExtentExPointW
SetViewportOrgEx
PtInRegion
CreateRectRgn
CreatePen
CreateFontIndirectW
GetStockObject
GetBkColor
SetTextColor
DeleteObject
CreateSolidBrush
SetTextAlign
RoundRect
TextOutW
CreateCompatibleDC
SelectClipRgn
CreateCompatibleBitmap
DeleteDC
GetTextExtentPoint32W
CreateRectRgnIndirect
GetObjectW
ExtCreatePen
GetDeviceCaps
CombineRgn
SetBkMode
BitBlt
GetTextMetricsW
GetClipRgn
Polygon
ExtTextOutW
GetObjectType
SetBkColor
SetROP2

comctl32

ImageList_Destroy
_TrackMouseEvent
ImageList_AddMasked
ImageList_Create
ImageList_Draw
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetIcon
ImageList_GetImageCount

shlwapi

StrChrW
PathAddExtensionW
StrRetToStrW
ColorAdjustLuma
PathAppendW
PathCompactPathExW
PathSetDlgItemPathW
PathRemoveFileSpecW

msimg32

TransparentBlt
AlphaBlend
GradientFill

esent

JetCreateIndex
JetGetLS
JetSetColumns
JetCreateTableColumnIndex2
ese
JetEnumerateColumns
JetAttachDatabaseWithStreaming
JetGetIndexInfo
JetGotoSecondaryIndexBookmark
JetGetSecondaryIndexBookmark
JetRestore
JetOpenTempTable3
JetSetCurrentIndex4

kbdda

KbdLayerDescriptor

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 930KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e0104c0dd69aae7e10c14c0c2928ab9

Headers

File Characteristics

Imports

ole32

shell32

advapi32

user32

kernel32

oleaut32

userenv

gdi32

comctl32

shlwapi

msimg32

esent

kbdda

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 275KB - Virtual size: 930KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 275KB - Virtual size: 930KB

.rsrc
Size: 2KB - Virtual size: 2KB