d2be74b100d5c0f3f7f44759b136125c1fb5b90de739e1eaf4420822a5aaa33d[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

d2be74b100d5c0f3f7f44759b136125c1fb5b90de739e1eaf4420822a5aaa33d.exe
Size

1.4MB
MD5

c36593f4b42b51d49c8d50f66c793456
SHA1

171daf57b9415ddf85d1832df1788581b3c6b73e
SHA256

d2be74b100d5c0f3f7f44759b136125c1fb5b90de739e1eaf4420822a5aaa33d
SHA512

79aff4fe6e92c6a15c0372a4c115a256186e0e9ee1b8c926bf55d1cc2cf9626be66ee60c67aea7a9b28883399a7180dc0f469e3e0c49f39a8ec121a41146c17c
SSDEEP

24576:zFiJgbowe6ssJQcAZvI4lyzTCiKC/XS8BGqcJOx0D3gQ+:z7ow4sKpqFSDJA0kn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d2be74b100d5c0f3f7f44759b136125c1fb5b90de739e1eaf4420822a5aaa33d.exe

Files

d2be74b100d5c0f3f7f44759b136125c1fb5b90de739e1eaf4420822a5aaa33d.exe
.exe windows:4 windows x86 arch:x86

316b5263cee8d59642467d39724052b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
CM_Locate_DevNodeA
CM_Remove_SubTree
CM_Get_Sibling
CM_Get_Parent
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

kernel32

TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
SetErrorMode
lstrlenW
GetCurrentDirectoryA
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
ExitThread
SetStdHandle
GetFileType
GetACP
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LocalReAlloc
IsBadCodePtr
InterlockedExchange
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsSetValue
GetProfileStringA
CreateDirectoryA
lstrcpyA
WritePrivateProfileStringA
GetSystemDefaultLangID
GetLastError
OutputDebugStringA
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
CreateFileA
ReadFile
WriteFile
Sleep
SetThreadPriority
CreateThread
CreateEventA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
ResetEvent
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
CopyFileA
GetLocalTime
DeleteFileA
GetFileAttributesA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
SizeofResource
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
lstrcmpA
MulDiv
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
FormatMessageA
SuspendThread
ResumeThread
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
FindResourceA
LoadResource
LocalFree
LocalAlloc
lstrlenA
GlobalFree
WideCharToMultiByte
GetSystemDirectoryA
GetDriveTypeA
GetModuleFileNameA
GetVersionExA
DeviceIoControl
GetExitCodeThread
TerminateThread
CreateProcessA
FreeLibrary
LoadLibraryA
IsBadReadPtr

user32

GetNextDlgGroupItem
MessageBeep
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
PostThreadMessageA
DestroyIcon
GetDialogBaseUnits
GetClassNameA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
DestroyMenu
IsClipboardFormatAvailable
WaitMessage
LoadStringA
WindowFromPoint
InflateRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMessageA
TranslateMessage
ValidateRect
OemToCharA
CharToOemA
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
SetRect
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetTimer
UnregisterClassA
HideCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
KillTimer
EnableWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
CharUpperA
GetWindowLongA
SetWindowLongA
ReleaseDC
CreateWindowExA
MessageBoxA
GetDesktopWindow
ScreenToClient
GetCursorPos
PostQuitMessage
LoadImageA
CopyAcceleratorTableA
CharNextA
DeleteMenu
GetWindowThreadProcessId
RemoveMenu
GetMenuStringA
InsertMenuA
GetSysColorBrush
GetScrollInfo
LoadCursorA
GetDlgItem
ShowWindow
SetWindowPos
SetFocus
GetDC
SetWindowTextA
SetWindowsHookExA
SetDlgItemTextA
UnhookWindowsHookEx
LoadIconA
IsIconic
SendMessageA
GetSysColor
GetSystemMetrics
CopyRect
FillRect
DrawFocusRect
RedrawWindow
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
GetFocus
GetParent
LoadBitmapA
SetCursor
IsWindow
OffsetRect
wsprintfA
GetKeyNameTextA
DestroyCaret
SetScrollPos
DragDetect
EnableScrollBar
SetScrollInfo
ReleaseCapture
GetKeyState
RegisterClipboardFormatA
EmptyClipboard
PtInRect
DrawTextA
SetCapture
CreateCaret
SetCaretPos
ShowCaret
DrawIcon
AppendMenuA
GetSystemMenu
PostMessageA

gdi32

RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SaveDC
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextMetricsA
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
LPtoDP
StartDocA
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SetBoundsRect
GetCharWidthA
GetTextExtentPoint32A
TextOutA
SelectObject
CreateFontA
CreateCompatibleBitmap
GetViewportOrgEx
SetViewportOrgEx
DeleteObject
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetStockObject
Rectangle
GetObjectA
CreateFontIndirectA
GetClipRgn
CreateDIBitmap
GetTextExtentPointA
CreatePen

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey
RegQueryValueA
RegDeleteKeyA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
ExtractIconA

comctl32

_TrackMouseEvent
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write

oledlg

ord8

ole32

CoTaskMemFree
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
OleRun
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
ReleaseStgMedium

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
LoadTypeLi
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor

wsock32

htons
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
shutdown
htonl
closesocket
bind
ioctlsocket
accept
getsockname
getpeername
ntohs
inet_addr
WSAGetLastError
WSASetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 1012KB - Virtual size: 1008KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 152KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

316b5263cee8d59642467d39724052b1

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 1012KB - Virtual size: 1008KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 152KB - Virtual size: 178KB

.sxdata Size: 4KB - Virtual size: 228B

.rsrc Size: 88KB - Virtual size: 88KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 1012KB - Virtual size: 1008KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 152KB - Virtual size: 178KB

.sxdata
Size: 4KB - Virtual size: 228B

.rsrc
Size: 88KB - Virtual size: 88KB

.rmnet
Size: 60KB - Virtual size: 60KB