ea9121c54a3498e74e064eb0766f97bf26a023d21bea3578df68462d5d53deb6

Sharing

Copy URL

Twitter E-mail

General

Target

ea9121c54a3498e74e064eb0766f97bf26a023d21bea3578df68462d5d53deb6
Size

577KB
MD5

d4eb7c37e6314bf3ec18f7085af9b0e7
SHA1

5e0a600e372761d0125f91c92311d135473b6f85
SHA256

ea9121c54a3498e74e064eb0766f97bf26a023d21bea3578df68462d5d53deb6
SHA512

cd8230adb7543dcda51947360c144eb1699a485f8bb2404410941a25208103935f739e55e77c6df2c0be71dd38b1fdf0b8d2b980a2891f5f597a9353675f471d
SSDEEP

12288:OdarWJIXriBtzwXVH+wYe6dFS7Zz5yJBUPENwPs:I/3BtzwlH+wYegFSaJiPEN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
ea9121c54a3498e74e064eb0766f97bf26a023d21bea3578df68462d5d53deb6

Files

ea9121c54a3498e74e064eb0766f97bf26a023d21bea3578df68462d5d53deb6
.exe windows:5 windows x86 arch:x86

aa8f86d3a461e3bb5c2c345ae14ca631

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetACP
GetStdHandle
HeapCreate
GetCurrentProcess
VirtualFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
ExitProcess
Sleep
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
RaiseException
RtlUnwind
SetErrorMode
GetModuleHandleW
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
WritePrivateProfileStringA
InterlockedDecrement
GetModuleFileNameW
GetTickCount
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FormatMessageA
LocalFree
lstrlenA
GlobalGetAtomNameA
GlobalFindAtomA
MultiByteToWideChar
lstrcmpW
FreeResource
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetLastError
SetLastError
GetModuleHandleA
GetVersionExA
GlobalLock
GlobalUnlock
MulDiv
GlobalAlloc
GlobalReAlloc
GlobalFree
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
LoadLibraryA
CreateDirectoryA
VirtualAlloc
GetProcAddress

user32

EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
SetForegroundWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetDlgCtrlID
GetMenu
SetWindowPos
IsIconic
GetWindowPlacement
GetWindow
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
UpdateWindow
EnableWindow
GetClientRect
GetSysColorBrush
GetMessageA
GetActiveWindow
IsWindowVisible
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
UnregisterClassA
GetTopWindow
ReleaseDC
GetDC
GetSysColor
SystemParametersInfoA
DispatchMessageA
TranslateMessage
CopyRect
InflateRect
OffsetRect
UnionRect
SendMessageA
PostMessageA
GetParent
LoadCursorA
DefWindowProcA
GetClassInfoA
GetSystemMetrics
IsWindow
RegisterClipboardFormatA
GetKeyState
PtInRect
GetWindowRect
ClientToScreen
SetActiveWindow
GetCapture
CallWindowProcA
SetWindowLongA
GetMessagePos

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
SetMapMode
RestoreDC
SaveDC
GetObjectA
DeleteObject
SelectObject
DeleteDC
DPtoLP
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectA
Rectangle
CreateHatchBrush
GetTextExtentPoint32A
CreatePen
CreateBitmap
GetStockObject
GetDeviceCaps

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa8f86d3a461e3bb5c2c345ae14ca631

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

.text Size: 209KB - Virtual size: 208KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 11KB - Virtual size: 26KB

.rsrc Size: 249KB - Virtual size: 249KB

.reloc Size: 53KB - Virtual size: 53KB

.text
Size: 209KB - Virtual size: 208KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 11KB - Virtual size: 26KB

.rsrc
Size: 249KB - Virtual size: 249KB

.reloc
Size: 53KB - Virtual size: 53KB