ab5a679832e0fe516f36a96c024c5bc14b1f7b1b25c06c18d5ada6bf2b780391

Sharing

Copy URL

Twitter E-mail

General

Target

ab5a679832e0fe516f36a96c024c5bc14b1f7b1b25c06c18d5ada6bf2b780391
Size

3.2MB
MD5

eb20b35baffa529eeeb371bad657f46d
SHA1

41415a39c0b9fcc3214a425e4f7e3a1c9ef1503c
SHA256

ab5a679832e0fe516f36a96c024c5bc14b1f7b1b25c06c18d5ada6bf2b780391
SHA512

418944a93a30537245fec0d2579b959f37a544b6a2a5a36d90923a343d461da706bffea88068c29eb18b7c37972d1cb4b2e96a0985a074a437cbde48d836875b
SSDEEP

49152:FZEGJHo+dDhRYD3sbrRkP10lfTboSkmIDuxcAbwXNYPRZKwCpVJJJJDw3BG3UFPb:FZEMIsh3brR610pTboSkRobZZKwIw4k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab5a679832e0fe516f36a96c024c5bc14b1f7b1b25c06c18d5ada6bf2b780391

Files

ab5a679832e0fe516f36a96c024c5bc14b1f7b1b25c06c18d5ada6bf2b780391
.exe windows x86

d72be283c07675648ed24f500dd0e098

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutClose
waveOutOpen
waveInAddBuffer
mixerGetNumDevs
waveInUnprepareHeader
waveInReset
waveInStart
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader
waveInOpen
waveInClose
sndPlaySoundA
PlaySoundA
waveInPrepareHeader

wininet

InternetQueryDataAvailable
InternetQueryOptionA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

iphlpapi

SendARP

kernel32

WritePrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
SetErrorMode
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetCurrentThread
GetDiskFreeSpaceA
LocalFileTimeToFileTime
GetFileTime
LocalAlloc
IsBadWritePtr
SuspendThread
SetThreadPriority
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
GetThreadLocale
GetProfileIntA
SetLastError
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetExitCodeThread
WideCharToMultiByte
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
IsBadReadPtr
GetPrivateProfileStringA
TerminateThread
SetEvent
ResetEvent
MulDiv
CreateEventA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetVolumeInformationA
LocalFlags
GetSystemTime
GetComputerNameA
lstrcmpA
GetCurrentThreadId
CopyFileA
GetCommandLineA
CreateMutexA
ExitProcess
InterlockedDecrement
GetWindowsDirectoryA
SizeofResource
lstrcatA
lstrlenA
GetDriveTypeA
FindNextFileA
CreatePipe
GetStartupInfoA
CreateProcessA
ReadFile
FormatMessageA
LocalFree
GetTempFileNameA
MultiByteToWideChar
GlobalUnlock
GetTempPathA
IsDBCSLeadByte
GetFullPathNameA
FindFirstFileA
FindClose
GetFileInformationByHandle
GetFileAttributesA
SystemTimeToFileTime
lstrcpyA
GlobalAlloc
GlobalReAlloc
GlobalFree
LoadResource
LockResource
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalSize
GetSystemDirectoryA
WinExec
GetCurrentProcess
SetProcessWorkingSetSize
WaitForSingleObject
WriteFile
CreateDirectoryA
CreateFileA
SetFileAttributesA
SetFileTime
CloseHandle
DeleteFileA
ExitThread
GetTickCount
CreateThread
ResumeThread
GetLocalTime
GetVersionExA
Sleep
GetLastError
FindResourceA
WriteProfileStringA
GetProfileStringA
GetModuleFileNameA
GlobalLock
GetVersion
InterlockedExchange
GetTimeZoneInformation

user32

GetDCEx
CharNextA
CharUpperA
ValidateRect
LoadStringA
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
WaitMessage
CopyAcceleratorTableA
GetNextDlgGroupItem
LockWindowUpdate
SetParent
SendDlgItemMessageA
MapWindowPoints
SetFocus
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
SetScrollPos
GetTopWindow
WinHelpA
RegisterClassA
GetWindowTextLengthA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetWindow
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
DeleteMenu
GetAsyncKeyState
SetWindowPos
TrackMouseEvent
CreatePopupMenu
EnableMenuItem
CheckMenuItem
RegisterClipboardFormatA
SetMenu
PostThreadMessageA
SetWindowRgn
ClipCursor
HideCaret
GetSysColorBrush
GetClassInfoA
DestroyWindow
CreateWindowExA
DefWindowProcA
keybd_event
mouse_event
GetWindowDC
GetLastInputInfo
GetWindowTextA
GetClassNameA
FindWindowExA
EnumWindows
SetClassLongA
EndPaint
RegisterWindowMessageA
GetSystemMenu
UnregisterHotKey
RegisterHotKey
FindWindowA
CopyImage
CopyIcon
IsWindow
GetCursor
AdjustWindowRectEx
UnionRect
DrawEdge
IntersectRect
ChildWindowFromPoint
GetMessagePos
GetMessageA
GetDlgCtrlID
DrawFrameControl
ScrollDC
GetDC
ReleaseDC
AppendMenuA
GetMenuState
GetTabbedTextExtentA
GetIconInfo
TrackPopupMenuEx
ClientToScreen
WindowFromPoint
GetNextDlgTabItem
DestroyMenu
MessageBeep
SetWindowLongA
GetKeyState
SetCursorPos
GetMenuItemCount
GetMenuItemID
ScreenToClient
PostMessageA
GetFocus
FlashWindow
IsZoomed
ShowWindow
GetForegroundWindow
SetForegroundWindow
GetWindowThreadProcessId
PeekMessageA
TranslateMessage
DispatchMessageA
IsClipboardFormatAvailable
GetClipboardData
LoadMenuA
GetSubMenu
ModifyMenuA
KillTimer
DrawIconEx
DestroyIcon
IsWindowVisible
UpdateWindow
GetDesktopWindow
SetRectEmpty
SystemParametersInfoA
SetTimer
wsprintfA
InvalidateRgn
GetCursorPos
IsRectEmpty
MessageBoxA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsIconic
DrawIcon
GetWindowRect
SetRect
LoadIconA
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowLongA
CopyRect
FrameRect
InflateRect
FillRect
GetSysColor
OffsetRect
DrawStateA
DrawFocusRect
BeginPaint
wvsprintfA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MoveWindow
SetWindowTextA
IsDialogMessageA
TrackPopupMenu
GetActiveWindow
GetCapture
SetCapture
PtInRect
ReleaseCapture
LoadImageA
RedrawWindow
DestroyCursor
LoadBitmapA
SetCursor
GetMenu
ShowScrollBar
InvalidateRect
GetParent
GetSystemMetrics
GetClientRect
LoadCursorA
SendMessageA
EnableWindow
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
UnregisterClassA
IsChild

gdi32

PatBlt
PolyBezier
ExtFloodFill
CreateRoundRectRgn
CreateEllipticRgn
MoveToEx
LineTo
FillRgn
GetDCOrgEx
SaveDC
RestoreDC
SetBkMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
DPtoLP
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
GetTextCharsetInfo
GetViewportExtEx
GetWindowExtEx
SetRectRgn
UnrealizeObject
SetPixel
GetTextColor
GetCurrentObject
CreateSolidBrush
GetClipBox
SelectPalette
GetDIBits
CreateHalftonePalette
GetDIBColorTable
CreatePalette
GetBkColor
RealizePalette
CreateBitmap
SetBkColor
SetTextColor
EnumFontFamiliesA
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
CreateDIBitmap
PtInRegion
CreatePolygonRgn
FrameRgn
CreatePatternBrush
Ellipse
Polygon
CreatePen
RoundRect
CreateFontA
CreateFontIndirectA
CreateRectRgnIndirect
CombineRgn
GetTextMetricsA
GetTextExtentPoint32A
GetDeviceCaps
GetStockObject
Rectangle
GetPixel
CreateDCA
DeleteDC
CreateRectRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SelectObject
GetObjectA
StretchBlt
LPtoDP
DeleteObject
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetMapMode

comdlg32

GetOpenFileNameA
ChooseColorA
GetFileTitleA
GetSaveFileNameA
ChooseFontA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegRestoreKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSaveKeyA
GetUserNameA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
SetFileSecurityA
GetFileSecurityA
RegCloseKey

shell32

SHChangeNotify
SHGetSpecialFolderLocation
Shell_NotifyIconA
ExtractIconA
ShellExecuteExA
SHFileOperationA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_Remove
_TrackMouseEvent
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord8

ole32

CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize
CoCreateInstance
OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
CoCreateGuid

olepro32

ord251
ord253

oleaut32

SysAllocStringByteLen
SysAllocString
VariantCopy
SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
VariantTimeToSystemTime
SysStringLen

wsock32

inet_ntoa
WSASetLastError
getpeername
connect
htonl
ioctlsocket
inet_addr
send
select
recv
closesocket
WSAGetLastError
ntohl
gethostbyname
gethostname
htons
accept
setsockopt
listen
bind
socket
WSAStartup
WSACleanup
WSAAsyncSelect
sendto
recvfrom

msimg32

GradientFill

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d72be283c07675648ed24f500dd0e098

Headers

File Characteristics

Imports

winmm

wininet

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

msimg32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 312KB - Virtual size: 308KB

.data Size: 100KB - Virtual size: 135KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 312KB - Virtual size: 308KB

.data
Size: 100KB - Virtual size: 135KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB