67d32715ef6fd98f1c39d07e21d3195470c55d2e4ac3ecadb60d855dac9da86b

Sharing

Copy URL Twitter E-mail

General

Target

67d32715ef6fd98f1c39d07e21d3195470c55d2e4ac3ecadb60d855dac9da86b
Size

1.9MB
MD5

2687b55ea491d0a905144d17be6ef618
SHA1

585e57594fab0ac241bf34a62a1998e6db81bb52
SHA256

67d32715ef6fd98f1c39d07e21d3195470c55d2e4ac3ecadb60d855dac9da86b
SHA512

cf637eeb039a39eb9369efc1aed6d73d30e31d3e1ba14e643bc210420c906998a6c740d58f0bc309cf4d8913c7ec2a3ed6db9f3b6243a0b8a51dad32b834ce1f
SSDEEP

49152:9G7+ULe+0MIy9rVXeOUtZzVPP/zL/JhrfqAM48nqyg+NregXt:9G7+U6+7Iy9rVuOUtbPP7LBlfqE8nqyP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67d32715ef6fd98f1c39d07e21d3195470c55d2e4ac3ecadb60d855dac9da86b

Files

67d32715ef6fd98f1c39d07e21d3195470c55d2e4ac3ecadb60d855dac9da86b
.exe windows x86

e1fcae6744954fa4bc1e3c563ea3b602

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
GetStringTypeW
GetProcessHeap
CompareStringEx
LCMapStringEx
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
InitOnceExecuteOnce
GetStdHandle
GetStartupInfoW
TerminateProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
GetFileType
SetStdHandle
ExitThread
CreateThread
HeapReAlloc
VirtualQuery
VirtualAlloc
GetSystemInfo
SetThreadStackGuarantee
RaiseException
HeapAlloc
HeapFree
GetCommandLineA
AreFileApisANSI
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
GetUserDefaultUILanguage
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
SetErrorMode
lstrcpyA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetCPInfo
GetOEMCP
FileTimeToSystemTime
InterlockedIncrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
GetACP
InterlockedDecrement
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLocaleInfoEx
GetThreadPreferredUILanguages
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
RegisterApplicationRestart
RegisterApplicationRecoveryCallback
GetVersionExA
GetCurrentThread
InterlockedExchange
GetModuleFileNameA
GetCurrentProcessId
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
WaitForSingleObject
SetEvent
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
FindResourceA
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetVersion
SetLastError
OutputDebugStringA
GetFileAttributesW
lstrcmpA
FreeLibrary
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
SetCommTimeouts
SetCommState
SetCommMask
PurgeComm
GetCommTimeouts
GetCommState
SetupComm
ClearCommError
GetTickCount
CloseHandle
CreateFileA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryA
GetProcAddress
GetLocalTime
Sleep
OutputDebugStringW
WriteFile
InitializeCriticalSectionEx

user32

SetRectEmpty
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
UnregisterClassA
LoadCursorW
WindowFromPoint
DestroyIcon
DeleteMenu
CharUpperA
CopyImage
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
WaitMessage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
ShowOwnedPopups
PostQuitMessage
MapVirtualKeyA
GetKeyNameTextA
IntersectRect
InflateRect
FillRect
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
GetMessageA
IsDialogMessageA
SetWindowTextA
IsDlgButtonChecked
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
InvertRect
ScrollWindow
ValidateRect
IsRectEmpty
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
SendDlgItemMessageA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetDesktopWindow
GetWindowLongA
SetActiveWindow
NotifyWinEvent
BringWindowToTop
EnableWindow
SendMessageA
SetTimer
KillTimer
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
PtInRect
OffsetRect
GetWindowRgn
SetWindowRgn
ReleaseCapture
SetCapture
LoadIconW
GetClientRect
DestroyCursor
MapDialogRect
CreateMenu
SubtractRect
TranslateAcceleratorA
GetUpdateRect
IsClipboardFormatAvailable
LoadAcceleratorsA
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
GetAsyncKeyState
EnableScrollBar
SetForegroundWindow
HideCaret
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
SetMenuDefaultItem
UpdateWindow
InvalidateRect
RedrawWindow
SetCursor
GetSysColor
SetDlgItemTextA
PostMessageA
GetParent
wsprintfA
IsIconic
GetSystemMetrics
GetSystemMenu
AppendMenuA
DrawIcon
CopyIcon
GetDoubleClickTime
ChangeWindowMessageFilter
SetClassLongA
LockWindowUpdate
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
SetParent
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
SetScrollPos
TranslateMDISysAccel

gdi32

DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
MoveToEx
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreatePatternBrush
DPtoLP
GetTextExtentPoint32A
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
CreateRoundRectRgn
RoundRect
FrameRgn
SetPixelV
ExtFloodFill
SetPaletteEntries
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
CreatePen
CreateHatchBrush
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
TextOutA
GetTextMetricsA
SetTextAlign
SetTextColor
SetBkMode
SelectObject
SelectClipRgn
PtInRegion
OffsetRgn
GetRgnBox
FillRgn
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
GetObjectA
GetStockObject
DeleteObject
SetRectRgn
CreateFontIndirectA
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetPathFromIDListA
SHBrowseForFolderA
SHCreateItemFromParsingName
SHGetFileInfoA
ShellExecuteA
SHAppBarMessage
SHGetKnownFolderPath
SHGetSpecialFolderLocation

shlwapi

StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

DrawThemeParentBackground
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
BeginBufferedPaint
EndBufferedPaint
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemePartSize
GetThemeSysColor
GetWindowTheme

dwmapi

DwmSetWindowAttribute
DwmDefWindowProc
DwmIsCompositionEnabled

ole32

CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
OleLockRunning
RevokeDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
RegisterDragDrop

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VarBstrFromDate
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

ftd2xx

ord1
ord2
ord3
ord4
ord6
ord15
ord17
ord18
ord29
ord31
ord33
ord70
ord72

ws2_32

sendto
socket
WSAStartup
WSACleanup
getsockname
getsockopt
ntohs
WSASetLastError
WSAGetLastError
getaddrinfo
freeaddrinfo
getnameinfo
accept
bind
closesocket
connect
htonl
htons
inet_addr
recv
recvfrom
select
WSAAsyncSelect
send

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDrawImageRectI
GdipSetInterpolationMode

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1fcae6744954fa4bc1e3c563ea3b602

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

ftd2xx

ws2_32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 301KB - Virtual size: 300KB

.data Size: 24KB - Virtual size: 56KB

.rsrc Size: 89KB - Virtual size: 88KB

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 301KB - Virtual size: 300KB

.data
Size: 24KB - Virtual size: 56KB

.rsrc
Size: 89KB - Virtual size: 88KB

.reloc
Size: 175KB - Virtual size: 175KB