cca6630574b30db8e33fd94e1c1a3f2f331c1b8fb19da51c594e355c2eac49a5

Sharing

Copy URL Twitter E-mail

General

Target

cca6630574b30db8e33fd94e1c1a3f2f331c1b8fb19da51c594e355c2eac49a5
Size

2.5MB
MD5

296df5a236b4f7be9fed7699557c1f14
SHA1

783665110340edcf63ffa71a782f3a9e899702d4
SHA256

cca6630574b30db8e33fd94e1c1a3f2f331c1b8fb19da51c594e355c2eac49a5
SHA512

fa031a6443231a453cf9524ff7bfab32b78b5ae6fff6e834ce49bd3522ef2c28baa44fa1bd12a908cde6f9a4bec0ade7eb095ec8b6e7f5abb4079ab337cec728
SSDEEP

49152:bIvm+lWXe7HBrYxay8w3MfnouwKDAlbKlXRA158cmXyQW0pfqNjImZpfC3hj+6ut:cm+l+KhrYG2MfnouwKDAUlhA1KcmrJqO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cca6630574b30db8e33fd94e1c1a3f2f331c1b8fb19da51c594e355c2eac49a5

Files

cca6630574b30db8e33fd94e1c1a3f2f331c1b8fb19da51c594e355c2eac49a5
.exe windows x86

2ca553e9c7ad0cff13474ce456ee01ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
LCMapStringW
LCMapStringA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
ExitProcess
GetFileType
SetStdHandle
HeapReAlloc
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
HeapFree
ExitThread
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
lstrcpyW
GetCurrentDirectoryW
SetErrorMode
GlobalFlags
lstrlenA
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
ReleaseMutex
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GetModuleHandleA
CopyFileW
GlobalSize
LocalFree
lstrlenW
MulDiv
LocalAlloc
GetVersionExW
FreeLibrary
FreeResource
CreateMutexW
SetLastError
GetModuleHandleW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
RemoveDirectoryW
SetFileAttributesW
CreateDirectoryW
GetFileAttributesW
QueryPerformanceCounter
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
GetFileSize
GetProcAddress
LoadLibraryW
GetLocalTime
OutputDebugStringW
FindClose
FindNextFileW
lstrcmpiW
FindFirstFileW
WriteFile
ReadFile
CreateFileW
DeleteFileW
GetLastError
MoveFileW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateThread
SetWaitableTimer
CreateWaitableTimerW
InterlockedDecrement
InterlockedIncrement
GetTickCount
WaitForMultipleObjects
CreateSemaphoreW
CreateEventW
CloseHandle
Sleep
SetEvent
ReleaseSemaphore
GetStringTypeA

user32

TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
CharUpperW
GetKeyNameTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
LoadMenuW
GetWindowThreadProcessId
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetMessageW
GetWindowTextW
IsWindowEnabled
OpenClipboard
BringWindowToTop
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
MoveWindow
MapVirtualKeyW
UpdateWindow
ReleaseCapture
SetCapture
GetWindowDC
OffsetRect
GetSysColor
DestroyMenu
TrackPopupMenu
CreatePopupMenu
GetLastActivePopup
RegisterDeviceNotificationW
DrawIcon
FindWindowW
PostMessageW
MessageBoxW
GetWindowRect
FrameRect
IsIconic
SetActiveWindow
SetForegroundWindow
AppendMenuW
GetSystemMenu
UnregisterDeviceNotification
LoadIconW
LoadImageW
SetLayeredWindowAttributes
GetDoubleClickTime
SystemParametersInfoW
GetForegroundWindow
SetTimer
SetRectEmpty
TrackMouseEvent
SetWindowLongW
GetWindowLongW
KillTimer
ReleaseDC
ShowOwnedPopups
InflateRect
GetMenuItemInfoW
WindowFromPoint
GetSysColorBrush
WaitMessage
DeleteMenu
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
IsWindow
GetSystemMetrics
SetWindowPos
SetCursor
LoadCursorW
ScreenToClient
PtInRect
FillRect
GetDC
ClientToScreen
SetFocus
DestroyAcceleratorTable
LoadAcceleratorsW
CreateAcceleratorTableW
NotifyWinEvent
SetParent
SetClassLongW
IsMenu
GetWindowTextLengthW
IsRectEmpty
SetRect
IsWindowVisible
CopyRect
GetClientRect
SetWindowRgn
EnableWindow
SendMessageW
InvalidateRect
GetFocus
GetCursorPos
GetParent
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatW
GetDlgCtrlID
DrawStateW
DestroyCursor
GetWindowRgn
CreateMenu
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
DestroyIcon
ShowWindow
CopyImage

gdi32

SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
GetObjectType
CreatePen
SetBkColor
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateRectRgnIndirect
PatBlt
GetTextExtentPoint32W
SetRectRgn
GetMapMode
DPtoLP
GetTextMetricsW
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetBkColor
Ellipse
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SaveDC
RestoreDC
CopyMetaFileW
GetDeviceCaps
RemoveFontResourceW
AddFontResourceW
CreateFontIndirectW
Polyline
Rectangle
CreatePolygonRgn
GetDIBits
RealizePalette
SelectPalette
GetStockObject
StretchBlt
DeleteDC
DeleteObject
ExtCreateRegion
SelectObject
CreateDIBSection
SetPixel
PtInRegion
CreateEllipticRgn
GetPixel
CreateFontW
GetObjectW
CombineRgn
CreateRectRgn
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyW
RegEnumKeyExW
RegCloseKey
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteExW
SHGetFileInfoW
SHAppBarMessage
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

StrStrIW
PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleDuplicateData
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemAlloc
ReleaseStgMedium
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
RegisterDragDrop
CoLockObjectExternal
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysFreeString
SysStringLen

urlmon

URLDownloadToFileW

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipFillRectangleI
GdipDrawImageRectI
GdiplusShutdown
GdiplusStartup
GdipBitmapGetPixel
GdipIsVisiblePathPointI
GdipAddPathLineI
GdipFillPath
GdipDrawPath
GdipDeletePath
GdipCreatePath
GdipCloneBitmapAreaI
GdipSetLinePresetBlend
GdipCreateLineBrushFromRect
GdipSetPenColor
GdipSetSolidFillColor
GdipDrawRectangle
GdipDeletePen
GdipCreatePen1
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRect
GdipCreateBitmapFromFile
GdipFillRectangle
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCreateHBITMAPFromBitmap
GdipDrawImageRect
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

hid

HidD_SetFeature
HidD_GetFeature
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_GetAttributes
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetProductString
HidP_GetSpecificButtonCaps
HidP_GetSpecificValueCaps

imm32

ImmGetVirtualKey
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

timeKillEvent
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
PlaySoundW

wininet

DeleteUrlCacheEntryW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 398KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ca553e9c7ad0cff13474ce456ee01ef

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

setupapi

hid

imm32

winmm

wininet

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 398KB - Virtual size: 397KB

.data Size: 29KB - Virtual size: 351KB

.rsrc Size: 97KB - Virtual size: 96KB

.reloc Size: 191KB - Virtual size: 191KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 398KB - Virtual size: 397KB

.data
Size: 29KB - Virtual size: 351KB

.rsrc
Size: 97KB - Virtual size: 96KB

.reloc
Size: 191KB - Virtual size: 191KB