d32fc9ad1e365ca2b97f0c4d60f8a1a96cabe16752c57df5dbc0226cadfd52c7

Sharing

Copy URL

Twitter E-mail

General

Target

d32fc9ad1e365ca2b97f0c4d60f8a1a96cabe16752c57df5dbc0226cadfd52c7
Size

733KB
MD5

3a313bbcac291e620f081406d38f072c
SHA1

30e2a35509865dc945bea7937b5c36ba611d65a1
SHA256

d32fc9ad1e365ca2b97f0c4d60f8a1a96cabe16752c57df5dbc0226cadfd52c7
SHA512

1ef7446ed78c3252cfd9dd6788f16295b3f96c6b607ae4a2cf1ea3261298cbf1b48ee44d78af99c8d774b311ab6ac4956b6bedb50e446e9fd0ad052645ee8011
SSDEEP

12288:TMu6EnBUxq539RqbSOOPRSy+rRoooWuGocKi3xOhznB7hvB:TMu6mB39R4Je6oooWuGVOhjFh5

Score

1^/10

Malware Config

Signatures

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_2

Files

d32fc9ad1e365ca2b97f0c4d60f8a1a96cabe16752c57df5dbc0226cadfd52c7
.exe windows x86

1552f5699ee94b4b68ed032f361278bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

WaitForSingleObject
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
lstrcmpiA
CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSizeEx
GetModuleFileNameA
SetFilePointerEx
GetCurrentProcess
ExitProcess
CopyFileA
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrlenA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
GetFileSize
lstrcpyA
lstrcatA
GetSystemDirectoryA
GetVersion
GetProcAddress
IsValidLocale
GetDateFormatA
GetTimeFormatA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetFilePointer
GetLocaleInfoW
GetExitCodeProcess
GetStringTypeA
LCMapStringW
LCMapStringA
OutputDebugStringW
OutputDebugStringA
VirtualAlloc
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
InterlockedExchange
FatalAppExitA
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsBadReadPtr
HeapValidate
DeleteCriticalSection
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
LeaveCriticalSection
CompareStringW
EnterCriticalSection
LoadLibraryW
SetConsoleCtrlHandler
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
VirtualQuery
GetProcessHeap
HeapAlloc
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetStdHandle
GetModuleHandleA
LoadLibraryExA
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
GetStringTypeW
ReadFile
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
MulDiv
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
CompareStringA
GetLocaleInfoA
GetFileType
WriteConsoleW
GetModuleFileNameW
WideCharToMultiByte
DebugBreak
RaiseException
IsDebuggerPresent

user32

DrawTextA
EndPaint
DefWindowProcA
EnableMenuItem
FillRect
PeekMessageA
DispatchMessageA
wvsprintfA
CharPrevA
MessageBoxIndirectA
GetDlgItemTextA
SetDlgItemTextA
GetSystemMetrics
CreatePopupMenu
AppendMenuA
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
IsWindowVisible
CallWindowProcA
LoadBitmapA
GetMessagePos
IsDlgButtonChecked
GetAsyncKeyState
CheckDlgButton
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
SetClassLongA
EndDialog
GetSystemMenu
CloseClipboard
GetWindowRect
ScreenToClient
SetWindowPos
IsWindowEnabled
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
BeginPaint
GetClientRect

gdi32

GetDeviceCaps
CreateBrushIndirect
DeleteObject
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
SetBkColor

advapi32

RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumValueA

shell32

SHGetSpecialFolderLocation
ShellExecuteA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.textbss
Size: - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 423KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1552f5699ee94b4b68ed032f361278bf

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.textbss Size: - Virtual size: 202KB

.text Size: 423KB - Virtual size: 422KB

.rdata Size: 89KB - Virtual size: 89KB

.data Size: 5KB - Virtual size: 4.3MB

.idata Size: 8KB - Virtual size: 7KB

.ndata Size: - Virtual size: 44KB

.rsrc Size: 162KB - Virtual size: 161KB

.reloc Size: 32KB - Virtual size: 31KB

.textbss
Size: - Virtual size: 202KB

.text
Size: 423KB - Virtual size: 422KB

.rdata
Size: 89KB - Virtual size: 89KB

.data
Size: 5KB - Virtual size: 4.3MB

.idata
Size: 8KB - Virtual size: 7KB

.ndata
Size: - Virtual size: 44KB

.rsrc
Size: 162KB - Virtual size: 161KB

.reloc
Size: 32KB - Virtual size: 31KB