461180b3ab1aded7ac33480bd5cf687a148d916be9a40f13110c43644db9471b

Sharing

Copy URL

Twitter E-mail

General

Target

461180b3ab1aded7ac33480bd5cf687a148d916be9a40f13110c43644db9471b
Size

2.7MB
MD5

d2e01a09a292bd4069ad14942a628bf2
SHA1

e32b7249f9e20e7305882bd6221aac0dee7a60c5
SHA256

461180b3ab1aded7ac33480bd5cf687a148d916be9a40f13110c43644db9471b
SHA512

c82b447ef5e5ea6f10188bd082cfae1674e4bb9c17218914b57673eddf042d643d5423a705d0318464a894252cab4f2cf4733660f1800cee00bb8bbcb084c66d
SSDEEP

49152:GRqJZYhFD5YhRkELN3T05OTgR97YF+ed:GRqJZY7aRkELNA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
461180b3ab1aded7ac33480bd5cf687a148d916be9a40f13110c43644db9471b

Files

461180b3ab1aded7ac33480bd5cf687a148d916be9a40f13110c43644db9471b
.exe windows x86

5db60a6c7a6d2ca8a321eaaca76ae20c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
GetStringTypeW
GetFileType
GetCurrentThread
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetACP
WriteFile
GetStdHandle
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
VirtualProtect
GetSystemInfo
InterlockedFlushSList
GetCPInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
OutputDebugStringA
CreateThread
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
LoadLibraryExW
VirtualQuery
MulDiv
lstrcmpW
GlobalUnlock
lstrcmpiW
InterlockedIncrement
FreeLibrary
GetModuleHandleW
GetCurrentProcessId
GlobalLock
GetProcAddress
FindResourceW
LoadResource
FindResourceExW
LoadLibraryW
GlobalAlloc
LockResource
MultiByteToWideChar
GetVersionExW
GetCurrentThreadId
LeaveCriticalSection
GetModuleFileNameW
InterlockedDecrement
lstrlenW
EnterCriticalSection
SetLastError
SizeofResource
GetProcessHeap
DeleteCriticalSection
HeapDestroy
CreateFileW
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapFree

user32

CallWindowProcW
PostMessageW
MonitorFromPoint
CheckMenuRadioItem
GetWindow
GetWindowRect
GetMenuItemID
GetMenu
GetFocus
DestroyWindow
InflateRect
GetDC
IsWindowVisible
SetWindowPos
MessageBoxW
MonitorFromWindow
GetMessagePos
LoadStringA
UnregisterClassW
GetWindowTextW
EnableWindow
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
InvalidateRect
LoadImageW
ReleaseCapture
DrawFrameControl
UpdateWindow
PtInRect
DialogBoxParamW
RegisterWindowMessageW
LoadMenuW
CharLowerW
GetKeyState
AdjustWindowRectEx
ModifyMenuW
DefWindowProcW
GetMenuItemInfoW
GetMessageW
GetWindowTextLengthW
GetWindowThreadProcessId
GetMenuItemCount
GetWindowLongW
FillRect
CreateWindowExW
DeleteMenu
ScreenToClient
SendMessageW
CallNextHookEx
EndDialog
GetSystemMetrics
SetWindowTextW
MessageBeep
CreatePopupMenu
RegisterClassExW
WindowFromPoint
LoadAcceleratorsW
LoadStringW
GetSubMenu
GetActiveWindow
GetParent
GetClassInfoExW
ShowWindow
IsWindow
InvalidateRgn
OffsetRect
GetCapture
DispatchMessageW
SetTimer
RedrawWindow
IsMenu
GetMonitorInfoW
GetDlgCtrlID
ClientToScreen
SetMenuItemInfoW
DestroyAcceleratorTable
PeekMessageW
IsChild
MapWindowPoints
TrackMouseEvent
FrameRect
SetMenuDefaultItem
MessageBoxA
GetSysColor
IsWindowEnabled
MoveWindow
SetMenu
UnhookWindowsHookEx
CreateAcceleratorTableW
LoadBitmapW
DestroyMenu
SetFocus
CharNextW
TranslateAcceleratorW
TranslateMessage
LoadCursorW
GetClassNameW
SetCapture
GetWindowDC
SetWindowsHookExW
SetCursor
SetRectEmpty
SetWindowLongW
TrackPopupMenuEx
RemoveMenu
GetClientRect
GetDlgItem
AppendMenuW
DrawTextW
SetRect
KillTimer
PostQuitMessage
GetDesktopWindow
GetSysColorBrush
EnableMenuItem
DrawEdge
SystemParametersInfoW

gdi32

SetBrushOrgEx
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
CreateCompatibleDC
PatBlt
SetWindowOrgEx
GetStockObject
GetDeviceCaps
CreatePatternBrush
DeleteDC
SetTextColor
SetBkMode
LineTo
CreatePen
OffsetWindowOrgEx
Rectangle
SetViewportOrgEx
GetCurrentObject
CreateFontIndirectW
CreateBitmap
CreateSolidBrush
DeleteObject
SetBkColor
MoveToEx
GetObjectW
Polygon

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
RegDeleteValueW

ole32

OleLockRunning
CLSIDFromString
CoTaskMemRealloc
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
CoInitialize
OleUninitialize
CoGetClassObject
CLSIDFromProgID

oleaut32

VariantInit
LoadTypeLi
OleCreateFontIndirect
SysAllocString
DispCallFunc
SysStringLen
SysAllocStringLen
VariantClear
VarUI4FromStr
SysFreeString
LoadRegTypeLi

comctl32

ImageList_DragEnter
ImageList_AddMasked
ImageList_Draw
ImageList_BeginDrag
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_GetImageCount
ord8
ImageList_Create
CreateStatusWindowW
ImageList_Destroy
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag

uxtheme

IsAppThemed
IsThemeActive

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5db60a6c7a6d2ca8a321eaaca76ae20c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

uxtheme

Sections

.text Size: 391KB - Virtual size: 390KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 2.1MB - Virtual size: 2.1MB

.gfids Size: 512B - Virtual size: 456B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 131KB - Virtual size: 130KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 391KB - Virtual size: 390KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 2.1MB - Virtual size: 2.1MB

.gfids
Size: 512B - Virtual size: 456B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 131KB - Virtual size: 130KB

.reloc
Size: 17KB - Virtual size: 17KB