281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80

Sharing

Copy URL

Twitter E-mail

General

Target

281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80
Size

452KB
MD5

e0c0ee2ac2bcc635fd784da1d6d7b88c
SHA1

b07800b7d5cfc70b78c0f2ad6e56b18966f78f0c
SHA256

281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80
SHA512

cf59446cb09e6e5b7f896473f2de7f997f759d38528a499559e31a0e50505b383839ba8853d3287b2defe6b1b7264f7625ebd43ce86d818a247b44161bca914e
SSDEEP

6144:+pD2qZxTRbeOvPuYQM6ILqruCjlpB+IszeczxGwsyc7I27iWgSbF:1oxT5nXzYQqrjzBvieEIiWhh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80

Files

281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80
.exe windows:4 windows x86 arch:x86

9bf212961c9fa504dd08453eaa094bd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
HeapCreate
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapDestroy
GetACP
HeapSize
GetProfileStringA
LocalAlloc
TerminateProcess
GetFileType
SetStdHandle
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapFree
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapAlloc
RtlUnwind
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
CopyFileA
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringA
GetCurrentThread
GetProfileIntA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GlobalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
lstrcmpA
GlobalFree
GetLastError
SetLastError
GetModuleFileNameA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcpynA
Sleep
GetTickCount
MulDiv
GlobalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
GetVersionExA
InterlockedDecrement
FormatMessageA
lstrlenA
GetStringTypeW

user32

CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
GetSysColorBrush
GetDesktopWindow
DestroyMenu
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
CharUpperA
RegisterClipboardFormatA
EndPaint
BeginPaint
GetWindowDC
EndDialog
CreateDialogIndirectParamA
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollPos
GetTopWindow
MessageBoxA
IsChild
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
GetWindowPlacement
GetPropA
RemovePropA
CallWindowProcA
SetWindowRgn
SetPropA
IsZoomed
GetWindowRgn
wsprintfA
SendMessageA
EnableWindow
LoadCursorA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SetCursor
BeginDeferWindowPos
EndDeferWindowPos
EqualRect
DeferWindowPos
GetClassNameA
CopyIcon
MessageBeep
SetWindowLongA
IsIconic
DrawIcon
GetSystemMenu
AppendMenuA
GetDlgItem
LoadIconA
GetWindowRect
GetWindowLongA
PostThreadMessageA
GetScrollRange
DrawStateA
OffsetRect
DrawFocusRect
PeekMessageA
GetActiveWindow
RedrawWindow
LoadImageA
DestroyCursor
ClientToScreen
WindowFromPoint
IsRectEmpty
IsWindowVisible
InvalidateRect
GetKeyState
SystemParametersInfoA
ReleaseDC
GetDC
DrawTextA
DrawEdge
InflateRect
FrameRect
FillRect
GetSysColor
SetRect
IsWindow
DefWindowProcA
GetClassInfoA
GetParent
IntersectRect
KillTimer
GetClientRect
ScreenToClient
GetCursorPos
TabbedTextOutA
GrayStringA
IsClipboardFormatAvailable
GetSystemMetrics
GetMessagePos
GetFocus
PostMessageA
InvertRect
PtInRect
SetTimer
ClipCursor
SetCapture
ReleaseCapture
GetCapture
GetDoubleClickTime
CopyRect
GetLastActivePopup
MoveWindow

gdi32

ExtSelectClipRgn
GetViewportExtEx
CreateSolidBrush
GetMapMode
CopyMetaFileA
GetTextColor
LPtoDP
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetWindowExtEx
CreateFontIndirectA
SaveDC
GetClipBox
CreateRectRgnIndirect
CombineRgn
DPtoLP
CreateRectRgn
OffsetRgn
SetRectRgn
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
GetStockObject
SelectObject
DeleteObject
PatBlt
CreateFontA
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetBkColor
BitBlt
GetDeviceCaps
GetTextMetricsA
GetTextExtentPointA
CreateDIBitmap
GetCurrentObject
GetTextExtentPoint32A
RestoreDC

comdlg32

GetFileTitleA
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

shell32

ShellExecuteA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoTaskMemAlloc
OleDuplicateData
CLSIDFromString
CLSIDFromProgID
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoCreateInstance
OleRun
CoRegisterMessageFilter
CoGetClassObject
CoRevokeClassObject
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoLockObjectExternal

olepro32

ord253

oleaut32

VariantCopy
VariantClear
VariantInit
SysFreeString
SysAllocString
VariantChangeType
SysAllocStringByteLen
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
GetErrorInfo

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bf212961c9fa504dd08453eaa094bd5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 80KB - Virtual size: 79KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 80KB - Virtual size: 79KB