cd8914b9d9fbe2cfbc3b36eb505ef81b7bbe5f5907909fa4780b38385542e6b9

Sharing

Copy URL

Twitter E-mail

General

Target

cd8914b9d9fbe2cfbc3b36eb505ef81b7bbe5f5907909fa4780b38385542e6b9
Size

5.4MB
MD5

0e2d185ce85bff8dd7d15c1249967026
SHA1

c58f5a0dc8039a23c30bc7153dc8f41384c87f1a
SHA256

cd8914b9d9fbe2cfbc3b36eb505ef81b7bbe5f5907909fa4780b38385542e6b9
SHA512

f2cea674344c71ecbbba7456c494111f4241c89b6b89820092c0728e04036c05ca2c50670da7378ca5a6f04234053f2f36d2591d3b635d1e8bdfc1014279a044
SSDEEP

98304:6WO3mXANXpGhRPZ60tJOP0W8WnwycLv490YNW9ifQXkozlnjTANqh4OiZrq1DfPQ:6Wqp4XIMv490WVlohT/h4O7NADtV6v+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd8914b9d9fbe2cfbc3b36eb505ef81b7bbe5f5907909fa4780b38385542e6b9

Files

cd8914b9d9fbe2cfbc3b36eb505ef81b7bbe5f5907909fa4780b38385542e6b9
.exe windows x86

49e41c231f71d92babf009cbdd27d19e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
CreateDirectoryW
MoveFileExW
GetFileAttributesExW
DeleteFileW
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
CreateEventW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
IsValidCodePage
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetFullPathNameW
GetDriveTypeW
GetCurrentDirectoryW
SetEnvironmentVariableW
FindNextFileW
FindFirstFileExW
GetModuleHandleExW
ExitThread
GetUserDefaultLCID
RtlUnwind
UnhandledExceptionFilter
WaitForSingleObjectEx
GetDateFormatW
GetStringTypeW
QueryPerformanceFrequency
LCMapStringEx
OutputDebugStringW
GetTempFileNameA
GetProfileIntA
SearchPathA
GetWindowsDirectoryA
FindResourceExW
SetErrorMode
GetTempPathA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FindNextFileA
FileTimeToLocalFileTime
GetThreadLocale
lstrcmpiA
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
DeleteFileA
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
SystemTimeToTzSpecificLocalTime
LocalAlloc
InitializeCriticalSectionAndSpinCount
SetThreadPriority
GetModuleFileNameA
GetCurrentProcessId
CopyFileA
LocalFree
GlobalSize
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
FindClose
FindFirstFileA
GetTickCount
GetFileSize
FileTimeToSystemTime
UnmapViewOfFile
SystemTimeToFileTime
CreateFileA
GetFileAttributesA
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
WriteFile
FormatMessageA
GetSystemInfo
GetVersionExA
GetVolumeInformationA
MulDiv
GlobalUnlock
CreateEventA
GlobalLock
ResetEvent
GlobalFree
GlobalAlloc
SetEvent
ResumeThread
FindResourceA
CreateDirectoryA
GetCurrentDirectoryA
CreateMutexA
GetLogicalDriveStringsA
SizeofResource
Process32Next
CreateToolhelp32Snapshot
OpenProcess
Process32First
TerminateThread
GetModuleHandleA
ExitProcess
GetCurrentProcess
CloseHandle
WaitForSingleObject
ReadFile
InitializeCriticalSection
OutputDebugStringA
GetProcAddress
LoadLibraryA
TerminateProcess
FreeLibraryAndExitThread
MultiByteToWideChar
Sleep
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
RaiseException
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
CreateThread
WriteConsoleW

user32

LoadCursorW
SetLayeredWindowAttributes
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
DrawIconEx
IsRectEmpty
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
TranslateMessage
GetMessageA
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
GetSystemMetrics
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
OffsetRect
SetRectEmpty
ClientToScreen
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
EnumDisplayMonitors
CheckDlgButton
SetDlgItemTextA
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
GetWindowRgn
EnableWindow
UnregisterClassA
SendMessageA
GetWindowTextW
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
NotifyWinEvent
DestroyCursor
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
DestroyIcon
LoadImageW
OpenClipboard
CloseClipboard
SetClipboardData
CharUpperA
GetWindowTextLengthA
GetWindowTextA
CopyImage
RealChildWindowFromPoint
GetAsyncKeyState
TrackMouseEvent
IsZoomed
GetSystemMenu
DeleteMenu
MessageBeep
GetCursorPos
ReleaseDC
ReleaseCapture
GetParent
GetDesktopWindow
KillTimer
LoadIconA
SetCursor
GetWindowDC
SetCapture
SetTimer
WindowFromPoint
LoadCursorA
GetWindowRect
GetClientRect
GetSubMenu
LoadMenuW
InvalidateRect
UpdateWindow
PostMessageA
FindWindowA
FindWindowExA
GetKeyState
MoveWindow
SetWindowPos
SetForegroundWindow
SetRect
GetSysColor
CopyRect
FillRect
GetDC
LoadIconW
wsprintfA
DrawStateA
GetClassNameA
LoadBitmapW
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
EmptyClipboard
LoadImageA
SetParent
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetDoubleClickTime
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
GetIconInfo
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetCapture
GetMenu
SetMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
CopyIcon
ModifyMenuA
DestroyAcceleratorTable
SetClassLongA
GetUpdateRect
WaitMessage
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
RegisterClipboardFormatA
CharUpperBuffA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
FrameRect
PostThreadMessageA
HideCaret
InvertRect
DrawIcon
SubtractRect
IsClipboardFormatAvailable
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
IntersectRect
RemovePropA
MessageBoxA

gdi32

CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateFontIndirectA
CreateBitmap
CombineRgn
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
GetMapMode
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
CreateDCA
CopyMetaFileA
SetTextColor
SetBkColor
GetObjectA
GetStockObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateSolidBrush
SelectObject
CreatePen
Rectangle
DeleteObject
SetROP2
GetTextExtentPoint32A
SelectPalette
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

DragFinish
DragQueryFileA
SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootA
PathIsUNCA
UrlUnescapeA
StrFormatKBSizeA
PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
PathRemoveFileSpecW

uxtheme

DrawThemeParentBackground
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateGuid
CoCreateInstance
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

VarBstrFromDate
VariantCopy
LoadTypeLi
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantChangeType
VariantClear
VariantInit
OleLoadPicture
SysFreeString
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
GetErrorInfo
OleCreateFontIndirect
SafeArrayDestroy

oledlg

ord8

gdiplus

GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipAlloc
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipCreateFromHDC

winmm

PlaySoundA

netapi32

Netbios

wininet

HttpQueryInfoA
HttpOpenRequestA
InternetOpenA
InternetCloseHandle
HttpSendRequestA
InternetConnectA
InternetReadFile
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenUrlA
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetQueryOptionA
InternetSetOptionA
InternetGetLastResponseInfoA
InternetSetStatusCallback

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmps0
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49e41c231f71d92babf009cbdd27d19e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

winmm

netapi32

wininet

oleacc

imm32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 431KB - Virtual size: 430KB

.data Size: 37KB - Virtual size: 270KB

.vmps0 Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 174KB - Virtual size: 174KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 431KB - Virtual size: 430KB

.data
Size: 37KB - Virtual size: 270KB

.vmps0
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 174KB - Virtual size: 174KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB