22e12bfd3f640ae693f9494a8697b36266e936b7481b236c9c9fbb9da0deaf59

Sharing

Copy URL

Twitter E-mail

General

Target

22e12bfd3f640ae693f9494a8697b36266e936b7481b236c9c9fbb9da0deaf59
Size

335KB
MD5

928175aaccf82dc75a762bb66e110d1e
SHA1

f45d761711ee3a545936a5e449f80f551d091aa8
SHA256

22e12bfd3f640ae693f9494a8697b36266e936b7481b236c9c9fbb9da0deaf59
SHA512

113aa8b582495e0a7700a8e2a12319cd25f07123b6057c4df16c70ad7b395e2ab213635c6127b2cc7b36442d9f789a5bb37a7680f9043a5c8a714a91731436fa
SSDEEP

6144:ON7wszXoD/nn5MDUC4mWqd4ra1adyRJFXoK7xEfsIDOwGG8VflEERHIB9V:ON8sjoDxC4GaPkJ9F10qwGvHIB/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22e12bfd3f640ae693f9494a8697b36266e936b7481b236c9c9fbb9da0deaf59

Files

22e12bfd3f640ae693f9494a8697b36266e936b7481b236c9c9fbb9da0deaf59
.exe windows:5 windows x86 arch:x86

8bc516a78c5d70e26279827f8cd1798b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
Sleep
ExitProcess
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetErrorMode
GetModuleHandleW
GetCurrentProcess
SetFilePointer
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GlobalAlloc
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
MultiByteToWideChar
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
FreeResource
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
MulDiv
GetLastError
CreateEventA
WaitForSingleObject
LoadLibraryA
CreateNamedPipeA
ConnectNamedPipe
ReadFile
DisconnectNamedPipe
CloseHandle
WriteFileEx
GlobalFree
WriteFile
FlushFileBuffers
GetStdHandle
GetConsoleWindow
GetCurrentConsoleFont
VirtualAlloc
CreateToolhelp32Snapshot
FindResourceExA
GetEnvironmentVariableA
GetWindowsDirectoryA
CreateFileA
DeleteFileA
MoveFileExA
GetStartupInfoA
SetLastError
CreateProcessA
GetCurrentDirectoryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetEnvironmentStrings
RaiseException

user32

SetCursor
GetMessageA
TranslateMessage
ValidateRect
ReleaseDC
GrayStringA
DrawTextExA
TabbedTextOutA
ShowWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextA
GetLastActivePopup
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageA
GetSubMenu
GetMenuItemID
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
CallWindowProcA
PtInRect
SetWindowLongA
SetWindowPos
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
DrawTextExW
InvalidateRect
DestroyWindow
DefWindowProcA
LoadImageA
GetWindowLongA
GetWindowThreadProcessId
UnregisterClassA
LoadCursorA
CheckMenuRadioItem
SystemParametersInfoA
CreateMenu
CreatePopupMenu
SetCapture
GetSysColorBrush
SetMenu
TrackPopupMenu
DestroyMenu
GetCapture
ReleaseCapture
GetParent
SetRect
KillTimer
IsDlgButtonChecked
GetDialogBaseUnits
PostQuitMessage
DrawTextA
GetMenu
GetMenuItemInfoA
GetSystemMenu
AppendMenuA
SendDlgItemMessageA
ClientToScreen
RegisterClipboardFormatA
GetForegroundWindow
GetMenuItemCount
SetMenuItemInfoA
GetDlgItem
GetWindowTextLengthA
GetDlgItemTextA
GetCursorPos
SetCursorPos
WindowFromPoint
BeginPaint
EndPaint
GetDC
GetSystemMetrics
EnableWindow
LoadIconA
GetClientRect
IsIconic
SendMessageA
DrawIcon

gdi32

GetDeviceCaps
DeleteDC
PtVisible
RectVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
Rectangle
GetCurrentObject
GetObjectA
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
DeleteObject
SwapBuffers
GetPixel
GetTextAlign
SetTextAlign
SetWindowOrgEx
GetStockObject
CreateFontA
EnumFontFamiliesA
ExtTextOutA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CreateProcessAsUserA
SetKernelObjectSecurity

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetDataFromIDListA
SHBindToParent
SHParseDisplayName
SHGetDesktopFolder
SHEmptyRecycleBinA
SHGetFolderLocation
Shell_NotifyIconA
SHGetFolderPathA
SHQueryRecycleBinA

shlwapi

StrRetToBufW
PathFindExtensionA
PathFindFileNameA
StrRetToBufA

ws2_32

WSAStartup
WSASocketA

netapi32

NetAuditClear

ole32

CoTaskMemFree
CoInitialize
GetHGlobalFromStream
CreateStreamOnHGlobal

oleaut32

VariantClear
VariantChangeType
VariantInit

userenv

GetAppliedGPOListA
GetDefaultUserProfileDirectoryA

msi

ord64

odbc32

ord9

credui

CredUICmdLinePromptForCredentialsA
CredUIStoreSSOCredW

pdh

PdhExpandCounterPathA
PdhBrowseCountersA
PdhComputeCounterStatistics

gdiplus

GdipCreateSolidFill
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDisposeImage
GdipLoadImageFromFile
GdipDeleteGraphics
GdipCloneImage
GdipCreateFromHDC
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipFree
GdipDeleteBrush
GdipAlloc

opengl32

wglGetCurrentDC
glFinish

dbghelp

SymFunctionTableAccess
SymFromName
SymFromAddr

oleacc

LresultFromObject
CreateStdAccessibleObject

uxtheme

SetWindowTheme
OpenThemeData

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bc516a78c5d70e26279827f8cd1798b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ws2_32

netapi32

ole32

oleaut32

userenv

msi

odbc32

credui

pdh

gdiplus

opengl32

dbghelp

oleacc

uxtheme

Sections

.text Size: 194KB - Virtual size: 193KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 42KB - Virtual size: 42KB

.reloc Size: 33KB - Virtual size: 32KB

.text
Size: 194KB - Virtual size: 193KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 42KB - Virtual size: 42KB

.reloc
Size: 33KB - Virtual size: 32KB