0e9cd15ccb6544acd6c9f95dd70a65160587d87ccfe9221428d4011c36c56875

Sharing

Copy URL

Twitter E-mail

General

Target

0e9cd15ccb6544acd6c9f95dd70a65160587d87ccfe9221428d4011c36c56875
Size

219KB
MD5

29352905742f6b98813fdaddd1441d8d
SHA1

ce441e8ee52ca672ffd4e81988a8c50c37ee13c6
SHA256

0e9cd15ccb6544acd6c9f95dd70a65160587d87ccfe9221428d4011c36c56875
SHA512

f5aaf6e0d793e3e051ef2a596860f66d0e38603c5d373736e068ad6df445494aa6ed466e6bc8ef3cd4afbff578159340cba49979585d854a7c3df1dbfb691f89
SSDEEP

6144:/2bEQe7HoQFAL976rDLt0QJu0QMjICG/6WGAL:wmLL6GrKQzQMjIJWM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e9cd15ccb6544acd6c9f95dd70a65160587d87ccfe9221428d4011c36c56875

Files

0e9cd15ccb6544acd6c9f95dd70a65160587d87ccfe9221428d4011c36c56875
.exe windows:5 windows x86 arch:x86

07dd94386c3e9fbebca5b10cd2fc5e95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW
GetVersion
lstrcmpiW
GetFileAttributesA
HeapAlloc
GetDriveTypeW
GetProcessHeap
GetDriveTypeA
lstrcmpiA
lstrcmpW
lstrcmpA
lstrcatW
WritePrivateProfileStringW
WriteFile
WideCharToMultiByte
UnmapViewOfFile
UnhandledExceptionFilter
TerminateProcess
SizeofResource
SetUnhandledExceptionFilter
CloseHandle
SetFilePointer
SetFileAttributesW
SetErrorMode
ReadFile
QueryPerformanceCounter
MultiByteToWideChar
MoveFileW
MoveFileExW
MapViewOfFile
LockResource
LocalUnlock
LocalLock
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryW
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemDefaultLCID
GetStartupInfoW
GetStartupInfoA
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
GetModuleHandleA
GetLongPathNameW
GetLastError
GetFileSize
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCommandLineW
GetACP
FormatMessageW
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExitProcess
DeleteFileW
CreateProcessW
CreateFileW
CreateFileMappingW
CreateDirectoryW
CopyFileW
GetCommandLineA

user32

UnionRect
UpdateWindow
WinHelpW
wsprintfW
wvsprintfW
EnableMenuItem
GetMenu
IsDlgButtonChecked
ShowWindow
DestroyWindow
GetDC
GetKeyState
DestroyIcon
LoadBitmapW
LoadIconA
SendMessageA
LoadBitmapA
TranslateMessage
ShowScrollBar
ShowCaret
SetWindowTextW
SetWindowPlacement
SetWindowLongW
SetWinEventHook
SetScrollInfo
SetRectEmpty
SetRect
SetPropW
SetMessageExtraInfo
SetForegroundWindow
SetFocus
SetDoubleClickTime
SetDlgItemTextW
SetCursor
SetClipboardData
SetCaretPos
SetCapture
SetActiveWindow
SendNotifyMessageW
SendMessageW
SendMessageTimeoutW
SendIMEMessageExA
ScreenToClient
ReleaseDC
ReleaseCapture
RegisterClipboardFormatW
RegisterClassExW
PtInRect
PostMessageW
PeekMessageW
OpenClipboard
OffsetRect
OemToCharA
MessageBeep
MapWindowPoints
MapVirtualKeyExA
LoadMenuW
LoadIconW
LoadCursorW
LoadCursorA
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageA
IsCharLowerW
InvertRect
InvalidateRect
IntersectRect
HiliteMenuItem
HideCaret
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetSystemMetrics
GetSysColor
GetParent
GetMessageA
GetMenuState
GetKeyboardLayoutNameW
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetDlgItemTextW
GetDlgItem
GetDialogBaseUnits
GetDesktopWindow
GetCursorPos
GetClipboardData
GetClientRect
GetClassInfoExW
GetCapture
GetAsyncKeyState
GetActiveWindow
FindWindowW
FillRect
EqualRect
EnumClipboardFormats
EndPaint
EndDialog
EnableWindow
EnableScrollBar
EmptyClipboard
DrawMenuBar
DrawIcon
DrawEdge
DispatchMessageW
DialogBoxParamW
DestroyMenu
DestroyCaret
DeleteMenu
DefWindowProcW
DdeQueryStringA
CreateWindowExW
CreateCaret
CopyRect
CloseClipboard
ClientToScreen
CharNextW
CharLowerBuffW
CallMsgFilterW
BeginPaint
AttachThreadInput
ActivateKeyboardLayout
PeekMessageA

gdi32

SelectObject
AddFontResourceA
CreateHalftonePalette
CreatePatternBrush
AbortPath
CreateCompatibleDC
SetBkMode
DeleteEnhMetaFile
CloseMetaFile
CreateMetaFileA
CreateMetaFileW
DeleteMetaFile
GdiFlush
CreateSolidBrush
SaveDC
CancelDC
DeleteColorSpace
GdiGetBatchLimit
BeginPath
AbortDoc
CloseEnhMetaFile
SetTextAlign
CloseFigure
AddFontResourceW
WidenPath
StartDocA
SetTextColor
SetPaletteEntries
SetMiterLimit
SetICMProfileW
SetDIBColorTable
RectInRegion
PolyPatBlt
PlgBlt
PATHOBJ_vEnumStart
MoveToEx
GetWinMetaFileBits
GetTextFaceAliasW
GetTextExtentExPointA
GetRandomRgn
GetPolyFillMode
GetNearestPaletteIndex
GetNearestColor
GetMiterLimit
GetGraphicsMode
GetGlyphOutlineA
GetGlyphOutline
GetEUDCTimeStampExW
GetColorAdjustment
GdiPlayPrivatePageEMF
GdiIsMetaFileDC
GdiEntry15
GdiConvertRegion
GdiConvertMetaFilePict
GdiConvertBitmapV5
EudcUnloadLinkW
EngEraseSurface
EngCreateSemaphore
CombineTransform
DeleteDC

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyW

shell32

WOWShellExecute
Shell_NotifyIconW
ShellHookProc
ShellExecuteEx
ShellExecuteA
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHGetSpecialFolderPathW
SHGetMalloc
SHGetIconOverlayIndexW
SHGetFileInfo
SHGetDesktopFolder
SHFreeNameMappings
SHFormatDrive
SHCreateDirectoryExA
SHChangeNotify
SHBrowseForFolderW
SHBindToParent
ExtractIconA
ExtractAssociatedIconW
ExtractAssociatedIconA
DragQueryPoint
DragQueryFile
DoEnvironmentSubstW
CommandLineToArgvW
DuplicateIcon

shlwapi

StrChrIA
StrCmpNIA
StrCmpNIW
StrRChrIA
StrRChrW
StrRStrIA
StrStrA

winmm

timeGetTime

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07dd94386c3e9fbebca5b10cd2fc5e95

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

winmm

Sections

.text Size: 205KB - Virtual size: 204KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 205KB - Virtual size: 204KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB