11e18744bb660ef2d95cea7d2e1022b3801bf68cd0686fc048cab233e2eb7df1

Sharing

Copy URL Twitter E-mail

General

Target

11e18744bb660ef2d95cea7d2e1022b3801bf68cd0686fc048cab233e2eb7df1
Size

2.1MB
MD5

0658ee919b743d47f95467783c6e7794
SHA1

c9888bfd4ec3bfe34d03f3b27569641034491488
SHA256

11e18744bb660ef2d95cea7d2e1022b3801bf68cd0686fc048cab233e2eb7df1
SHA512

3075a45372ec397e4a3db0707a0efb214105b8a4ae383a29a5018be6c1eb92d489a17169db9bc6d24b209b1d4b163e9ef74528650dfcefab37c2b64b9edfa871
SSDEEP

49152:9uvVJXnp+OGRdNmXCiEEOK4ygFBxgohDnEpnLGMOZ7e9ndD+S1qyF0G:9ufpeRdNIvEEOKpxohDnEx/O7QndD+Sh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11e18744bb660ef2d95cea7d2e1022b3801bf68cd0686fc048cab233e2eb7df1

Files

11e18744bb660ef2d95cea7d2e1022b3801bf68cd0686fc048cab233e2eb7df1
.exe windows x86

3e69dea66fd16ab0b68df8d4e8e3fa2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
IsValidLocale
EnumSystemLocalesW
LCMapStringW
OutputDebugStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStdHandle
GetTimeZoneInformation
GetStringTypeW
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetFileType
SetStdHandle
HeapQueryInformation
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
FindResourceExW
VirtualProtect
GetUserDefaultLCID
GetTempFileNameA
GetTempPathA
GetProfileIntA
SearchPathA
GetWindowsDirectoryA
GetTickCount
SetErrorMode
VerifyVersionInfoA
VerSetConditionMask
GetCPInfo
GetOEMCP
lstrcpyA
GetACP
FileTimeToSystemTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
ResumeThread
SetThreadPriority
WaitForSingleObject
CloseHandle
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
InitializeCriticalSectionAndSpinCount
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
GlobalUnlock
WritePrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
FindResourceA
GlobalFree
FreeResource
SetLastError
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetVersionExA
GetCurrentThreadId
GetCurrentThread
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
FreeLibrary
MultiByteToWideChar
GetLastError
Sleep
GetPrivateProfileStringA
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte

user32

CreateMenu
SubtractRect
GetWindowRgn
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
OffsetRect
CharNextA
CharUpperA
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
LoadCursorA
WindowFromPoint
ReleaseCapture
SetCapture
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
InvalidateRect
DrawStateA
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyboardState
GetKeyState
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PtInRect
GetWindowRect
GetFocus
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetWindowThreadProcessId
GetDesktopWindow
GetWindowLongA
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
RegisterWindowMessageA
MapDialogRect
GetWindow
GetParent
SetWindowContextHelpId
SetWindowPos
WaitMessage
PeekMessageA
DispatchMessageA
PostQuitMessage
GetKeyboardLayout
ModifyMenuA
LockWindowUpdate
MessageBoxA
FindWindowA
GetLastActivePopup
CharUpperBuffA
SetParent
PostMessageA
UnregisterClassA
KillTimer
IsWindowVisible
CreatePopupMenu
GetCursorPos
DrawIcon
GetClientRect
GetSystemMetrics
LoadIconA
SetTimer
SendMessageA
AppendMenuA
GetSystemMenu
LoadIconW
EnableWindow
GetUpdateRect
GetComboBoxInfo
MapVirtualKeyExA
IsCharLowerA
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
GetNextDlgGroupItem
DestroyCursor
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
PostThreadMessageA
SetForegroundWindow
IsIconic
FrameRect
CopyIcon
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
GetDlgCtrlID
ToAsciiEx
SetClassLongA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
LoadImageA
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
EnumDisplayMonitors
SetLayeredWindowAttributes
DestroyIcon
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
SetRectEmpty
SetWindowRgn
LoadMenuW
GetAsyncKeyState
IsZoomed
TrackMouseEvent
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
IsClipboardFormatAvailable
GetCapture
MessageBeep
DrawMenuBar

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetTextMetricsA
DPtoLP
PatBlt
CombineRgn
GetMapMode
SetRectRgn
CreateRoundRectRgn
CreateCompatibleBitmap
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
RoundRect
EnumFontFamiliesExA
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceA
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetRgnBox
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

DragFinish
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
Shell_NotifyIconA
DragQueryFileA
SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

GetWindowTheme
GetThemeSysColor
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground

ole32

CoInitialize
CoCreateInstance
IsAccelerator
CLSIDFromString
CoCreateGuid
CoUninitialize
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleDuplicateData
ReleaseStgMedium
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
CreateStreamOnHGlobal
CLSIDFromProgID
DoDragDrop

oleaut32

SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
OleCreateFontIndirect
VariantCopy
VarBstrFromDate
VariantChangeType
VariantClear
SysAllocStringByteLen
VariantInit
SysAllocStringLen
SysFreeString

oledlg

ord8

gdiplus

GdipFree
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipAlloc
GdiplusShutdown

ws2_32

inet_addr
send
recv
accept
closesocket
listen
WSAAsyncSelect
bind
ntohs
socket
WSACleanup
WSAStartup
inet_ntoa
WSAGetLastError
gethostbyname
WSASetLastError

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundA

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e69dea66fd16ab0b68df8d4e8e3fa2a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

winmm

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 336KB - Virtual size: 336KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 168KB - Virtual size: 167KB

.reloc Size: 125KB - Virtual size: 124KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 336KB - Virtual size: 336KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 168KB - Virtual size: 167KB

.reloc
Size: 125KB - Virtual size: 124KB