ee86b8c2880ed6f23dcd9d2c1ffb2ee9f31d2dfea96a86d9037d59a770edab0a

Sharing

Copy URL

Twitter E-mail

General

Target

ee86b8c2880ed6f23dcd9d2c1ffb2ee9f31d2dfea96a86d9037d59a770edab0a
Size

528KB
MD5

5ef1dc3ec3d62aa3b9939058949ca6b3
SHA1

9427a9ee4ceef33189808fb69b4baf72b89f3d43
SHA256

ee86b8c2880ed6f23dcd9d2c1ffb2ee9f31d2dfea96a86d9037d59a770edab0a
SHA512

a46bb946e8be2c2a2c211b09ad9ad2d5f47092b4242199200a102f6ac09b96964a80a98f74f2cef67096146329509becf50f7631d39f1c6c7d6c6c07cf496d50
SSDEEP

12288:dvkseK2hAdmt2HWzlJ+mFzdf2Y0GIs5Oi/BpHetBL8p19Pzb7u:xuOmYWzlJ+SduM95OiZpa4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee86b8c2880ed6f23dcd9d2c1ffb2ee9f31d2dfea96a86d9037d59a770edab0a

Files

ee86b8c2880ed6f23dcd9d2c1ffb2ee9f31d2dfea96a86d9037d59a770edab0a
.dll windows:4 windows x86 arch:x86

17f942b5f5e4301d5bc1566810c34c02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
GetCommandLineA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetUserDefaultLCID
WideCharToMultiByte
MultiByteToWideChar
CreateFileA
WriteFile
lstrlenA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetCurrentProcess
GetTickCount
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
LocalAlloc
CreateDirectoryA
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
SetErrorMode
lstrcatA
lstrcpyA
lstrcpynA
GetVersion
MulDiv
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
SetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
FreeLibrary
LoadLibraryA
GetProcessVersion
SetFilePointer
FlushFileBuffers
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapSize
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
GetModuleFileNameA
Sleep
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
TerminateProcess
OpenProcess
GetLastError
RtlZeroMemory
WTSGetActiveConsoleSessionId
SetWaitableTimer
CreateWaitableTimerA
lstrcpyn
GetProcAddress
GetModuleHandleA
Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
LocalFree
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
UpdateWindow
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
PostThreadMessageA
DestroyMenu
CreateDialogIndirectParamA
EndDialog
SendDlgItemMessageA
GetDlgItem
GetWindowPlacement
GrayStringA
SystemParametersInfoA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
RegisterClipboardFormatA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
GetWindowLongA
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
SetForegroundWindow
SetActiveWindow
GetActiveWindow
IsWindow
GetForegroundWindow
IsWindowEnabled
GetParent
EnableWindow
MsgWaitForMultipleObjects
MessageBoxA
wsprintfA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
DrawTextA
IsIconic
SetWindowLongA
IsDialogMessageA
GetNextDlgTabItem

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkColor
GetObjectA
GetStockObject
GetDeviceCaps
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
CreateBitmap

comdlg32

GetFileTitleA

advapi32

CreateProcessAsUserA
AdjustTokenPrivileges
SetTokenInformation
DuplicateTokenEx
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun
CoUninitialize
CoInitialize
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

oleaut32

VariantInit
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SysFreeString
VarR8FromCy
VarR8FromBool
VariantChangeType
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VariantCopy
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetSetOptionA

shlwapi

PathFileExistsA

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

oledlg

ord8

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comctl32

ord17

shell32

SHGetSpecialFolderPathA

Exports

Exports

ChromeUpdate
RegisterUserNotifyInterface

Sections

.text
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Btc0
Size: - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Btc1
Size: 516KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17f942b5f5e4301d5bc1566810c34c02

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

wininet

shlwapi

wtsapi32

userenv

oledlg

winspool.drv

comctl32

shell32

Exports

Exports

Sections

.text Size: - Virtual size: 148KB

.rdata Size: - Virtual size: 20KB

.data Size: - Virtual size: 117KB

.Btc0 Size: - Virtual size: 343KB

.Btc1 Size: 516KB - Virtual size: 513KB

.reloc Size: 4KB - Virtual size: 232B

.rsrc Size: 4KB - Virtual size: 716B

.text
Size: - Virtual size: 148KB

.rdata
Size: - Virtual size: 20KB

.data
Size: - Virtual size: 117KB

.Btc0
Size: - Virtual size: 343KB

.Btc1
Size: 516KB - Virtual size: 513KB

.reloc
Size: 4KB - Virtual size: 232B

.rsrc
Size: 4KB - Virtual size: 716B