44e1f2f1be766276cea7d8a9e0c89ab2a56cdc2b430a94c638fc1d5b493589e6

Sharing

Copy URL

Twitter E-mail

General

Target

44e1f2f1be766276cea7d8a9e0c89ab2a56cdc2b430a94c638fc1d5b493589e6
Size

980KB
MD5

08d8462ad1846b0d214fa77690182669
SHA1

a798d2c5e13d25b702c83abac7846a48d4776d86
SHA256

44e1f2f1be766276cea7d8a9e0c89ab2a56cdc2b430a94c638fc1d5b493589e6
SHA512

ee7b3e9910e134a08513144d56519dcde8cc2a93ae065ec8d060c5c22e09f58c92fd91808184a0609e944a5402b4e11fded1cba07091975cd9c4b3ccc54bed0c
SSDEEP

12288:6WgHwLMoeYPdiZPIcMd+7FpSlbDoccS4QkNmS:aZPIrdwsbEbQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
44e1f2f1be766276cea7d8a9e0c89ab2a56cdc2b430a94c638fc1d5b493589e6

Files

44e1f2f1be766276cea7d8a9e0c89ab2a56cdc2b430a94c638fc1d5b493589e6
.exe windows:4 windows x86 arch:x86

1e22617c0d4af0c2fa8bbf4941ec1357

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
CreateFileA
LocalFileTimeToFileTime
SetFileAttributesA
SetErrorMode
GetTickCount
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
HeapSize
GetACP
GetConsoleCP
GetConsoleMode
Sleep
SetHandleCount
GetVolumeInformationA
GetFileType
LCMapStringA
LCMapStringW
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
SetEnvironmentVariableA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
SystemTimeToFileTime
GetThreadLocale
GetAtomNameA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GetModuleFileNameA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
CopyFileA
GlobalSize
FormatMessageA
LocalFree
MulDiv
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
FreeResource
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
ExitProcess
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
MultiByteToWideChar
InterlockedExchange
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetStdHandle
SizeofResource

user32

ValidateRect
GetMessageA
ShowOwnedPopups
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
UnionRect
SetRect
WindowFromPoint
GetDCEx
LockWindowUpdate
UnregisterClassA
DestroyIcon
GetDialogBaseUnits
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
GetSystemMenu
DeleteMenu
IsRectEmpty
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
PostQuitMessage
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetDC
ReleaseDC
GetWindowRect
IsZoomed
GetSystemMetrics
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetClassNameA
GetSysColor
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetFocus
EqualRect
SetWindowLongA
GetDlgCtrlID
GetMenu
LoadIconA
PeekMessageA
GetCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
SendMessageA
LoadBitmapA
GetSubMenu
LoadMenuA
ScreenToClient
SetTimer
KillTimer
SetCapture
IsIconic
InsertMenuItemA
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
MapVirtualKeyA
GetKeyNameTextA
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetScrollPos
SetParent
OpenClipboard
LoadCursorA
EnableWindow
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursor
GetKeyState
GetCursorPos
ReleaseCapture
MessageBeep
GetClipboardData
SetCursorPos
DispatchMessageA
TranslateMessage
CharLowerA
CharLowerW
CharUpperA
CharUpperW
CreateWindowExA
InSendMessage
UpdateWindow
IsDlgButtonChecked
CheckRadioButton
GetDlgItem
SendDlgItemMessageA
GetClientRect
TranslateAcceleratorA
IsWindow
GetWindowLongA
ShowWindow
GetWindow
GetTopWindow

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
OffsetViewportOrgEx
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetObjectType
GetObjectA
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
StretchDIBits
DeleteDC
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetClipRgn

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

ExtractIconA
DragAcceptFiles
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
DragQueryFileA
DragFinish

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoCreateInstance
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleDuplicateData
OleFlushClipboard

oleaut32

VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
LoadTypeLi
SysAllocStringLen

Sections

.text
Size: 656KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e22617c0d4af0c2fa8bbf4941ec1357

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 656KB - Virtual size: 653KB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 20KB - Virtual size: 32KB

.idata Size: 20KB - Virtual size: 16KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 132KB - Virtual size: 130KB

.text
Size: 656KB - Virtual size: 653KB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 20KB - Virtual size: 32KB

.idata
Size: 20KB - Virtual size: 16KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 132KB - Virtual size: 130KB