244625d6fc6ac9b849765415cdae7b43512724b0df2dc252102772581c63005f

Sharing

Copy URL Twitter E-mail

General

Target

244625d6fc6ac9b849765415cdae7b43512724b0df2dc252102772581c63005f
Size

2.2MB
MD5

113ad1d55f78da5d9b07f86757a90678
SHA1

f715274a95e7d4660c76e567bd659c8bdc790064
SHA256

244625d6fc6ac9b849765415cdae7b43512724b0df2dc252102772581c63005f
SHA512

064ecc66b4b3ac25735ebc9a2113bcc6eed8729437b6ff215209e51b9d69b18c4a1528dec0d54f921940a6d406296af2276e7ead6cecb6df62512e59d79e1f85
SSDEEP

49152:6T29cU4L2mZ3ezEYdGWzv0eP0Ak3GWEJuP3o82:TSpAlWEJuPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
244625d6fc6ac9b849765415cdae7b43512724b0df2dc252102772581c63005f

Files

244625d6fc6ac9b849765415cdae7b43512724b0df2dc252102772581c63005f
.exe windows x64

60b921be397c7da23b26b1d64fcc5abc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleA
DeleteFileA
ReadFile
WriteFile
SetFilePointer
GlobalDeleteAtom
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
FreeResource
FindResourceA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpyA
GetVersionExA
GetCurrentProcessId
SetThreadPriority
ResumeThread
WaitForSingleObject
GlobalAddAtomA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
TlsGetValue
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GetFileAttributesExA
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetCurrentDirectoryA
GlobalFlags
SetErrorMode
GetACP
GetTempFileNameA
GetTempPathA
GetCPInfo
GetOEMCP
GetTickCount
GetProfileIntA
Sleep
SearchPathA
VirtualProtect
GetWindowsDirectoryA
GetNumberFormatA
FindResourceExW
GetUserDefaultLCID
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoW
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
CreateFileA
RtlPcToFileHeader
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
HeapSetInformation
GetVersion
HeapCreate
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetStdHandle
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsValidCodePage
GetLocaleInfoW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
LoadLibraryA
lstrcmpA
GetModuleHandleW
GetProcAddress
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
LoadLibraryW
DeactivateActCtx
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetLastError
SetLastError
MultiByteToWideChar
lstrlenA
lstrcmpiA
RaiseException
ExitProcess
WinExec
CreateDirectoryA
OpenProcess
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
FlushFileBuffers
FindResourceW

user32

ScrollWindow
MonitorFromWindow
GetMessagePos
GetMessageTime
SetWindowLongPtrA
GetWindowLongPtrA
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassLongPtrA
GetClassLongA
GetCapture
IsChild
WinHelpA
LoadIconA
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DeleteMenu
RealChildWindowFromPoint
SetTimer
KillTimer
CopyAcceleratorTableA
SetRect
IntersectRect
GetNextDlgGroupItem
MessageBeep
LoadMenuW
NotifyWinEvent
GetAsyncKeyState
IsZoomed
CreatePopupMenu
BringWindowToTop
LockWindowUpdate
SetParent
MonitorFromPoint
IsMenu
UnionRect
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageA
LoadImageW
DestroyIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetCursorPos
GetIconInfo
EnableScrollBar
CopyIcon
GetDoubleClickTime
SetClassLongPtrA
DestroyAcceleratorTable
GetUpdateRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
UpdateLayeredWindow
UnregisterClassA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
FrameRect
CharUpperBuffA
SubtractRect
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetKeyNameTextA
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
InvertRect
HideCaret
CreateMenu
DestroyCursor
GetWindowRgn
GetMenuItemInfoA
GetClassNameA
InvalidateRect
ShowOwnedPopups
SetCursor
GetMessageA
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
PtInRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
LoadCursorA
GetClassInfoA
DefWindowProcA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
DrawIconEx
GetSysColorBrush
RedrawWindow
IsWindowVisible
MapWindowPoints
GetWindowRect
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
FillRect
GetSysColor
OffsetRect
InflateRect
IsRectEmpty
DrawStateA
RegisterWindowMessageA
MapDialogRect
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
GetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindow
CharUpperA
PostQuitMessage
PostMessageA
GetDesktopWindow
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadIconW
GetSystemMenu
AppendMenuA
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
TranslateMessage
DestroyMenu
UpdateWindow

advapi32

GetLengthSid
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
SetTokenInformation
OpenProcessToken

ole32

RevokeDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
ReleaseStgMedium

oleaut32

VariantChangeType
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
SysAllocString
VariantClear
VariantInit
SystemTimeToVariantTime
VarBstrFromDate

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageRectI

winmm

PlaySoundA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

gdi32

PatBlt
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
CreateDIBitmap
GetStockObject
CreatePen
CreatePatternBrush
Polygon
Ellipse
Polyline
GetTextColor
GetBkColor
CombineRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateFontIndirectA
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
EnumFontFamiliesA
GetTextCharsetInfo
DeleteObject
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
CreateSolidBrush
CreateDCA
CopyMetaFileA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetDeviceCaps
GetTextFaceA
SetPixelV
GetWindowOrgEx
EnumFontFamiliesExA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
SetTextAlign
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
SelectPalette
GetObjectType
GetRgnBox
OffsetRgn
CreateRoundRectRgn
SetRectRgn
DPtoLP
CreateDIBSection
Rectangle
SetPixel
SetDIBColorTable
RealizePalette
StretchBlt
CreatePalette
GetPaletteEntries
GetLayout

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHAppBarMessage
DragFinish
DragQueryFileA
ShellExecuteA
SHGetDesktopFolder

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60b921be397c7da23b26b1d64fcc5abc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

winmm

wininet

oleacc

imm32

gdi32

winspool.drv

comdlg32

shell32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 528KB - Virtual size: 528KB

.data Size: 33KB - Virtual size: 82KB

.pdata Size: 76KB - Virtual size: 75KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 77KB - Virtual size: 76KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 528KB - Virtual size: 528KB

.data
Size: 33KB - Virtual size: 82KB

.pdata
Size: 76KB - Virtual size: 75KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 77KB - Virtual size: 76KB