57b018f8d2aeadfa981ff80cc0540f24230d0e51eb4e03d3686016a4552e03fc

Sharing

Copy URL Twitter E-mail

General

Target

57b018f8d2aeadfa981ff80cc0540f24230d0e51eb4e03d3686016a4552e03fc
Size

5.1MB
MD5

cf6dde529ccf6142a2f764d7ae0b76bf
SHA1

fa2e118954e58558161f1c1ceabcc02ae7d5a9ab
SHA256

57b018f8d2aeadfa981ff80cc0540f24230d0e51eb4e03d3686016a4552e03fc
SHA512

e10e7a640a378880b65686f01b98e506db0c2569458e1f914af03e51d16b2895fa792721a3a904c61884a090f0517037d59dd736cb9c883bde4f83efcfa38a90
SSDEEP

49152:q6aYKLvCaVc28dGyQM18oI/AonGIVFAkn/YFQ90o:YLFVc2co/kw5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57b018f8d2aeadfa981ff80cc0540f24230d0e51eb4e03d3686016a4552e03fc

Files

57b018f8d2aeadfa981ff80cc0540f24230d0e51eb4e03d3686016a4552e03fc
.exe windows x86

980ce2e20f97b6d8ef149bebdad60901

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileAttributesW
GetFileSizeEx
SetErrorMode
GetStartupInfoW
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitProcess
ExitThread
CreateThread
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
SystemTimeToFileTime
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
FatalAppExitA
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
FileTimeToSystemTime
lstrlenA
GetAtomNameW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentDirectoryW
GlobalFlags
GetModuleHandleA
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
CopyFileW
GlobalSize
MulDiv
InterlockedDecrement
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrlenW
GetCurrentProcessId
GlobalAddAtomW
SetThreadPriority
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GlobalAlloc
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FreeResource
FindResourceW
LoadResource
SizeofResource
SuspendThread
ResumeThread
SetCommBreak
ClearCommBreak
ReadFile
ClearCommError
WriteFile
FormatMessageW
LocalFree
WaitForMultipleObjects
InitializeCriticalSection
EnterCriticalSection
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
PurgeComm
LeaveCriticalSection
CreateFileW
GetLastError
CloseHandle
WideCharToMultiByte
Sleep
WaitForSingleObject
GetSystemTime
SetEvent
ResetEvent
CreateEventW
MultiByteToWideChar
FreeLibrary
QueryPerformanceCounter
LoadLibraryW

user32

SetWindowRgn
GetDialogBaseUnits
GetSysColorBrush
DestroyIcon
CharUpperW
UnregisterClassW
UnionRect
SetRect
GetDCEx
LockWindowUpdate
FillRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
DestroyCursor
SetCursorPos
RedrawWindow
ReleaseDC
GetDC
InflateRect
WaitMessage
LoadCursorW
WindowFromPoint
SetCapture
ClientToScreen
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetMenuBarInfo
ReleaseCapture
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
LoadMenuW
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
DrawIcon
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
ScrollWindowEx
SetFocus
ShowWindow
MoveWindow
UpdateWindow
EnableWindow
KillTimer
SendMessageW
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
MapVirtualKeyW
GetKeyNameTextW
SystemParametersInfoW
GetMenuItemInfoW
EndPaint
ShowOwnedPopups
SetCursor
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
MapWindowPoints
TabbedTextOutW
LoadBitmapW
GetSubMenu
SetMenuItemBitmaps
MessageBoxW
PostMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
GetWindowRect
SetTimer
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
SetWindowsHookExW
CallNextHookEx
GetMessageW
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetDesktopWindow
GetActiveWindow
SetScrollRange

gdi32

ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
SetWindowExtEx
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
GetTextMetricsW
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
CreateRectRgn
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreatePen
CreateBitmap
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
StretchDIBits
DeleteDC
CreateFontW
GetCharWidthW
DeleteObject
SelectObject
PatBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SelectClipPath

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyW
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegSetValueW
RegDeleteValueW
RegQueryValueW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

DragFinish
ExtractIconW
SHGetFileInfoW
DragQueryFileW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW
PathRemoveFileSpecW

ole32

StringFromGUID2
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromString
CoUninitialize
CoInitializeEx
CreateBindCtx

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate

Sections

.textbss
Size: - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 711KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

980ce2e20f97b6d8ef149bebdad60901

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.textbss Size: - Virtual size: 321KB

.text Size: 711KB - Virtual size: 710KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 2.6MB - Virtual size: 2.6MB

.idata Size: 15KB - Virtual size: 15KB

.didat Size: 1024B - Virtual size: 793B

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.textbss
Size: - Virtual size: 321KB

.text
Size: 711KB - Virtual size: 710KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 2.6MB - Virtual size: 2.6MB

.idata
Size: 15KB - Virtual size: 15KB

.didat
Size: 1024B - Virtual size: 793B

.rsrc
Size: 1.7MB - Virtual size: 1.7MB