0f6486bb0812c54e1861139a807662c59a8a32f308d20da0fb60005c614176b9N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0f6486bb0812c54e1861139a807662c59a8a32f308d20da0fb60005c614176b9N.exe
Size

288KB
MD5

e69b8e0132c610eb792a7c06e2f57140
SHA1

3bcbc0d4fea62946f69e543169a78a4679ddbb33
SHA256

0f6486bb0812c54e1861139a807662c59a8a32f308d20da0fb60005c614176b9
SHA512

53f39069571f0c209a56e54a53cc7f727177ff34fbd6dc5dffb47120a9d80f78aa7a4918ee483cfd6c113ff1805a021b5d071bb72f2e10a39ab0bea60c15bd43
SSDEEP

6144:m2F3rJqJCS2AZCmUe+6kIJFpabXHDoihSaK:XtJq0AC2kyFpYXH0ie

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f6486bb0812c54e1861139a807662c59a8a32f308d20da0fb60005c614176b9N.exe

Files

0f6486bb0812c54e1861139a807662c59a8a32f308d20da0fb60005c614176b9N.exe
.exe windows:5 windows x86 arch:x86

63f3c6332012e2b159d738f2a18bb213

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCapture
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetRectEmpty
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
LoadBitmapW
GetFocus
LoadCursorA
LoadIconA
SetWindowRgn
BringWindowToTop
WaitForInputIdle
SetClipboardData
SetWindowTextA
SetParent
InflateRect
DrawIcon
CreateWindowExA
ValidateRect
GetPropA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
GetWindowRgn
GetDlgItemTextW
AdjustWindowRect
FindWindowA
GetClassNameA
LoadStringA
EnumWindows
SetWindowsHookExA
MessageBoxIndirectW
DialogBoxParamW
PostMessageA
EnableScrollBar
CallWindowProcA
PeekMessageA
IsDialogMessageA
DispatchMessageA
SetWindowLongA
CreateDialogParamW
GetWindowLongA
GetWindowTextA
LoadImageA
SendMessageA
EnumDisplayMonitors
GetMonitorInfoA
KillTimer
SetTimer
CharNextW
PostThreadMessageW
CharUpperW
UnregisterClassW
LoadCursorW
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
DestroyMenu
ShowWindow
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
IsWindowUnicode
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
UnregisterClassA
GetWindowTextW
GetWindowTextLengthW
EnumThreadWindows
SendMessageW
EnableWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
RegisterClipboardFormatW
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
MessageBoxW
GetDesktopWindow
GetSystemMetrics
RemoveMenu
GetSystemMenu
IsIconic
GetClientRect
LoadIconW
PostMessageW
GetAsyncKeyState
ExitWindowsEx
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
EnableMenuItem
GetWindowRect
GetForegroundWindow
SetFocus
SetWindowPos
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
SetWindowTextW
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
PostQuitMessage
UnhookWindowsHookEx
CheckMenuItem
ModifyMenuW
GetParent

comdlg32

GetSaveFileNameA
PrintDlgA
GetFileTitleA
GetOpenFileNameA
CommDlgExtendedError
GetFileTitleW
ChooseColorA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetDesktopFolder
DragQueryFileA
DragAcceptFiles
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetFolderPathW
SHGetPathFromIDListW
SHCreateDirectoryExW
SHGetFolderLocation
CommandLineToArgvW
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
ShellExecuteExA

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateInstance
CoUninitialize
CoGetClassObject
CLSIDFromProgID
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
OleRun
StgOpenStorageOnILockBytes
CLSIDFromString
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoInitialize
CoRegisterMessageFilter

advapi32

AccessCheck
OpenThreadToken
AddAccessAllowedAce
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
RegQueryValueA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
InitializeAcl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
RevertToSelf
FreeSid
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
OpenProcessToken
SetSecurityDescriptorDacl
ImpersonateSelf
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

gdi32

LPtoDP
CreateDCA
GetTextAlign
CloseMetaFile
DeleteMetaFile
SetWindowOrgEx
CreatePolygonRgn
GetCurrentPositionEx
SetTextAlign
IntersectClipRect
SelectClipRgn
SetBkMode
TextOutA
GetSystemPaletteEntries
RemoveFontResourceA
AddFontResourceA
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetPixel
Polygon
GetWindowOrgEx
GdiFlush
CreatePen
GetTextExtentPointA
GetRegionData
ExtCreateRegion
CreatePalette
GetEnhMetaFileBits
SetEnhMetaFileBits
PlayEnhMetaFile
DeleteEnhMetaFile
CreateFontA
GetCharWidthA
DPtoLP
GetTextMetricsA
ExtTextOutA
PatBlt
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
StretchDIBits
SetDIBitsToDevice
RealizePalette
GetObjectA
SelectPalette
BitBlt
OffsetRgn
CombineRgn
CreateRectRgn
EqualRgn
SetMapMode
LineTo
MoveToEx
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetDeviceCaps
CreateSolidBrush
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
GetMapMode
GetTextExtentPoint32A
CreateFontIndirectA
Ellipse
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectW
ExtTextOutW
SaveDC
RestoreDC
SetRectRgn
EnumFontFamiliesExA

comctl32

ImageList_Destroy

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

PathAddBackslashW
PathIsRootW
PathFileExistsW
PathIsUNCW
PathGetCharTypeW
PathFindExtensionW
PathIsFileSpecW
PathQuoteSpacesW
SHCreateStreamOnFileW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
PathMakePrettyW
PathStripPathW
PathStripToRootW
PathIsRelativeW
PathRemoveBackslashW

winspool.drv

DocumentPropertiesA
OpenPrinterA
DocumentPropertiesW
OpenPrinterW
ClosePrinter

kernel32

FreeConsole
GetFileAttributesExW
lstrcatW
FormatMessageW
GetVersionExW
GetCurrentThread
GetCurrentProcess
LocalAlloc
LocalFree
GetThreadLocale
SizeofResource
GetTempFileNameW
Process32FirstW
OpenProcess
Process32NextW
Thread32First
Thread32Next
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
GetUserDefaultLangID
SetLastError
ReleaseMutex
GetModuleFileNameW
LoadLibraryW
FindResourceExW
LoadResource
LockResource
GetUserDefaultLCID
FreeLibrary
FindFirstFileW
FindNextFileW
FindClose
GetLogicalDriveStringsA
GetDriveTypeA
GetFileSize
ReadFile
GetTempPathW
GetCurrentDirectoryW
lstrcpyW
SetErrorMode
GetVolumeInformationW
SetCurrentDirectoryW
SetFileAttributesW
GetConsoleWindow
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceExW
lstrlenW
GetProcAddress
GetCommandLineW
GetStdHandle
GlobalMemoryStatusEx
IsProcessorFeaturePresent
GetSystemInfo
GetSystemWindowsDirectoryW
GetLogicalDriveStringsW
MultiByteToWideChar
GetACP
WideCharToMultiByte
CreateMutexW
GetLastError
WaitForSingleObject
GetSystemTime
WriteFile
FlushFileBuffers
CopyFileW
CreateFileW
GetFileSizeEx
CloseHandle
GetShortPathNameW
CreateSemaphoreA
ReleaseSemaphore
SetEnvironmentVariableW
GetCurrentDirectoryA
GetProcessHeap
GetProfileStringA
CreateProcessA
lstrcpyA
lstrcatA
GetSystemDirectoryA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
TerminateThread
FormatMessageA
GlobalSize
LocalUnlock
LocalLock
GlobalMemoryStatus
Process32Next
Process32First
CreateDirectoryA
CreateDirectoryW
GetTickCount
RemoveDirectoryW
GlobalUnlock
GlobalLock
FindResourceW
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SetFilePointerEx
SetFilePointer
MulDiv
GlobalAlloc
GlobalFree
GetModuleHandleW
GlobalDeleteAtom
lstrcmpW
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
GetVersion
CreateMutexA
GetStringTypeExA
GetLogicalDrives
QueryPerformanceFrequency
CreateEventA
PulseEvent
OutputDebugStringA
GetFullPathNameA
LockFileEx
GetTempPathA
GetFileAttributesA
DeleteFileA
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
Sleep
GetOEMCP
GetCPInfo
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
HeapSize
VirtualQuery
VirtualAlloc
VirtualProtect
CreateThread
ExitThread
ExitProcess
GetSystemTimeAsFileTime
GetFileType
SetStdHandle
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
ConvertDefaultLocale
HeapAlloc
HeapFree
GetFileTime
FileTimeToLocalFileTime
lstrlenA
FileTimeToSystemTime
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
MoveFileW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetModuleHandleA
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
RaiseException
WritePrivateProfileStringW
GetCurrentProcessId
GlobalAddAtomW
ResumeThread
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
DeleteFileW
GetWindowsDirectoryA
OpenMutexA
GlobalAddAtomA
lstrcmpiA
SetEvent
WaitForMultipleObjects
SetPriorityClass
GlobalGetAtomNameA
CopyFileA
FindResourceA
SetThreadPriority
VirtualLock
GlobalFindAtomA
lstrcpynA
FindFirstFileA
GetVolumeInformationA
SuspendThread
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
FindNextFileA
GetProcessVersion
GetLocalTime
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 29KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63f3c6332012e2b159d738f2a18bb213

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

gdi32

comctl32

version

shlwapi

winspool.drv

kernel32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 29KB - Virtual size: 55KB

.rsrc Size: 124KB - Virtual size: 124KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 29KB - Virtual size: 55KB

.rsrc
Size: 124KB - Virtual size: 124KB