818c887f5ad431449f4e4d5fb3610062edd7f793076131f023b0b7089ac27fe9

Sharing

Copy URL

Twitter E-mail

General

Target

818c887f5ad431449f4e4d5fb3610062edd7f793076131f023b0b7089ac27fe9
Size

1.2MB
MD5

5380d7c4dcddc77e211fbdb86d491d0b
SHA1

dbe1d78544b09cd9bde8e4f97ed7f5ddee006407
SHA256

818c887f5ad431449f4e4d5fb3610062edd7f793076131f023b0b7089ac27fe9
SHA512

baee1debbbb68704582fd221da2e94e9570e40c7399308eff86f00c22cd5cd2872be976a4b89cbe825115af8d693da754290598069666e1124126be31e1a0a78
SSDEEP

24576:6S9Am311nRpbnWGO9/sf8Oww80NnxJttA9whJ3s7etFQ5PiPvTUGy8pWy:PA211nRpbnWGOKf8h0N3tt1h7FQgnTUp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
818c887f5ad431449f4e4d5fb3610062edd7f793076131f023b0b7089ac27fe9

Files

818c887f5ad431449f4e4d5fb3610062edd7f793076131f023b0b7089ac27fe9
.exe windows x86

79f3f675a47b8a448ce13075925d7c60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
GetModuleHandleW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCurrentThreadId
GetProcessId
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
IsDebuggerPresent
GetVersionExW
GetNativeSystemInfo
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
RaiseException
CreateThread
GetModuleHandleExW
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
LoadLibraryW
SetEvent
ResetEvent
GetSystemInfo
GetSystemDirectoryW
GetWindowsDirectoryW
FindClose
FindNextFileW
FindFirstFileExW
FindFirstFileW
FlushFileBuffers
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
GetTickCount
QueryPerformanceFrequency
GetCurrentProcessId
GetModuleFileNameW
LocalFree
GetCommandLineW
CreateEventW
GetModuleHandleA
ExpandEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
ResumeThread
AssignProcessToJobObject
GetStdHandle
OpenProcess
DuplicateHandle
WaitForSingleObject
TerminateProcess
GetDiskFreeSpaceExW
GetCurrentThread
Sleep
CopyFileW
MoveFileExW
SetCurrentDirectoryW
GetCurrentDirectoryW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
CreateFileW
GetTempPathW
RemoveDirectoryW
WriteFile
GetCurrentProcess
ReadFile
CreateDirectoryW
ExitProcess
CloseHandle
CreateMutexA
VerifyVersionInfoW
VerSetConditionMask
GetUserDefaultUILanguage
FormatMessageA
SetThreadPriority
LoadLibraryExA
GetSystemWow64DirectoryW
GetSystemDirectoryA
DecodePointer
GetLocalTime
GetModuleFileNameA
SetFilePointer
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
InitializeCriticalSection
FlushInstructionCache
MulDiv
GetFullPathNameW
FreeResource
LoadResource
LockResource
SizeofResource
FindResourceW
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
DosDateTimeToFileTime
lstrcpyA
lstrcpyW
lstrlenA
GetProcessHeap
WriteConsoleW
DeviceIoControl
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
GetStringTypeW
EncodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
OutputDebugStringW
RtlUnwind
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
HeapReAlloc
ReadConsoleW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetDriveTypeW
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapSize
GetEnvironmentVariableW
WritePrivateProfileStringW
LoadLibraryExW
GetProcAddress
FreeLibrary
InitializeCriticalSectionAndSpinCount
SetLastError
GetLastError
SetThreadAffinityMask

user32

BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
GetCursorPos
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
ScreenToClient
GetClassNameW
EnableMenuItem
ClientToScreen
GetSysColor
LoadBitmapW
CreateIconFromResource
LoadImageW
EnableWindow
IsWindowEnabled
SetActiveWindow
GetDesktopWindow
GetMessageW
GetSystemMetrics
IsWindowVisible
DrawTextW
SystemParametersInfoA
CharLowerBuffW
IsMenu
CreatePopupMenu
DestroyMenu
ReleaseDC
AppendMenuW
TrackPopupMenu
GetMenuInfo
SetMenuInfo
GetMenuItemInfoW
SetForegroundWindow
SetMenuContextHelpId
FillRect
InvertRect
DrawIconEx
OemToCharBuffW
CreateIconIndirect
MapWindowPoints
GetWindowRect
GetClientRect
GetDlgItem
SetWindowPos
CallWindowProcW
GetDC
UpdateWindow
ReleaseCapture
SetCapture
GetCapture
IsZoomed
IsIconic
SetLayeredWindowAttributes
AnimateWindow
GetWindowLongW
TrackMouseEvent
GetIconInfo
DestroyIcon
CharNextW
EqualRect
UnionRect
SetRect
SetCursor
GetKeyState
GetFocus
SetFocus
IsWindow
DestroyCursor
PtInRect
IsRectEmpty
OffsetRect
IntersectRect
InflateRect
CopyRect
GetMonitorInfoW
MonitorFromWindow
LoadCursorW
wsprintfW
ShowWindow
SendMessageW
MessageBoxW
PostMessageW
GetWindow
GetParent
SetWindowLongW
GetMenuItemCount
GetActiveWindow
PostQuitMessage
KillTimer
DefWindowProcW
DestroyWindow
CreateWindowExW
UnregisterClassW
WaitMessage
RegisterClassExW
DispatchMessageW
SetTimer
PeekMessageW
MsgWaitForMultipleObjectsEx
CallMsgFilterW
GetQueueStatus
TranslateMessage

advapi32

ControlService
EnumServicesStatusW
RegOpenCurrentUser
CreateServiceW
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
ChangeServiceConfig2W
DeleteService
QueryServiceConfigW
ChangeServiceConfigW
QueryServiceConfig2W
OpenServiceW
AllocateAndInitializeSid
OpenProcessToken
FreeSid
CheckTokenMembership
GetTokenInformation
GetUserNameW
CreateProcessAsUserW
RegQueryInfoKeyW
SystemFunction036
StartServiceW

ole32

CoTaskMemAlloc
StringFromGUID2
PropVariantClear
CoSetProxyBlanket
CoCreateGuid
CreateStreamOnHGlobal
IIDFromString
CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoInitializeSecurity
CoUninitialize

shlwapi

StrIsIntlEqualW
ord176
StrToIntExW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod

imm32

ImmAssociateContext
ImmReleaseContext
ImmGetContext

msimg32

GradientFill
AlphaBlend

gdiplus

GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDrawImageRectI
GdipAlloc
GdipGraphicsClear
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageWidth
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext

iphlpapi

GetAdaptersInfo

gdi32

CreateCompatibleBitmap
SetViewportOrgEx
GetCurrentObject
GetViewportOrgEx
Arc
CombineRgn
CreateEllipticRgnIndirect
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
Ellipse
ExcludeClipRect
GetClipRgn
GetRgnBox
GetTextColor
StretchBlt
IntersectClipRect
OffsetRgn
Pie
PtInRegion
RectInRegion
RestoreDC
RoundRect
SaveDC
ExtSelectClipRgn
SetRectRgn
SetROP2
SetTextColor
GetWorldTransform
SetWorldTransform
CreateDIBSection
ExtCreatePen
Polyline
GetObjectW
SetBkMode
Rectangle
GetStockObject
CreateDIBitmap
CreateDCW
StretchDIBits
DeleteObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
EnumFontsW
SetGraphicsMode
GetDeviceCaps
CreateRoundRectRgn
BitBlt
GetTextExtentPoint32W

oleaut32

SysAllocString
SysFreeString
VariantClear

Sections

.text
Size: 886KB - Virtual size: 886KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79f3f675a47b8a448ce13075925d7c60

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shlwapi

userenv

winmm

imm32

msimg32

gdiplus

iphlpapi

gdi32

oleaut32

Sections

.text Size: 886KB - Virtual size: 886KB

.rdata Size: 189KB - Virtual size: 188KB

.data Size: 11KB - Virtual size: 97KB

.gfids Size: 1KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 42KB - Virtual size: 42KB

.text
Size: 886KB - Virtual size: 886KB

.rdata
Size: 189KB - Virtual size: 188KB

.data
Size: 11KB - Virtual size: 97KB

.gfids
Size: 1KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 42KB - Virtual size: 42KB