fa368fdf909d67c529821c4117e6df7e5cf7b61341d4281159af3e08c4935e6b

Sharing

Copy URL

Twitter E-mail

General

Target

fa368fdf909d67c529821c4117e6df7e5cf7b61341d4281159af3e08c4935e6b
Size

3.2MB
MD5

37e667ac7127d36577cb9fe4cb5d762e
SHA1

61752f125cd87f90031122dd1ffa2881cedb4039
SHA256

fa368fdf909d67c529821c4117e6df7e5cf7b61341d4281159af3e08c4935e6b
SHA512

943a28841a4eead6b36d3df147b877867ad3396e85ec78b6e6472db89b21f1a88542c53e8ebd8cc1a672bec8dca8e2c7a6a32f3f27e9ebc03894af5be9cc90a0
SSDEEP

98304:Hxu5rUkSmqlfKkbH5WCvyr+PCwFXr1KSxi/oj9ghi1RebMIg9Cbk/V8:HxuZUiKTvOQ1KSxaojDIg9Cbk/V8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa368fdf909d67c529821c4117e6df7e5cf7b61341d4281159af3e08c4935e6b

Files

fa368fdf909d67c529821c4117e6df7e5cf7b61341d4281159af3e08c4935e6b
.exe windows x86

2afc2fa464b7c9457109395f91fbf360

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
IsProcessorFeaturePresent
QueryPerformanceCounter
HeapAlloc
WriteConsoleW
CompareStringW
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
IsValidCodePage
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapQueryInformation
ExitThread
ExitProcess
GetFileType
SetStdHandle
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetNumberFormatA
GetWindowsDirectoryA
FindResourceExW
GetACP
GetOEMCP
GetCPInfo
VirtualProtect
GetTempPathA
SearchPathA
GetProfileIntA
GetTickCount
GetCurrentDirectoryA
SetErrorMode
GlobalFlags
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
MoveFileA
DeleteFileA
lstrcmpiA
GetStringTypeExA
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
LocalAlloc
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
ReplaceFileA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
GetModuleHandleW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
lstrcmpW
LoadLibraryW
GetCurrentProcessId
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetFileSize
FindResourceA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalReAlloc
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
FreeResource
GetCurrentThreadId
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
ActivateActCtx
DeactivateActCtx
GetModuleHandleA
WaitForSingleObject
ReleaseMutex
CreateMutexA
lstrcmpA
SetLastError
GlobalSize
lstrlenW
MultiByteToWideChar
MulDiv
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntA
GetPrivateProfileStringA
CopyFileA
SetUnhandledExceptionFilter
LocalFree
lstrlenA
FormatMessageA
GetVersion
WritePrivateProfileStringA
IsBadReadPtr
WriteFile
GetLocalTime
SetFilePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileInformationByHandle
CreateFileA
CloseHandle
CreateDirectoryA
CreateThread
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
FindClose
FindFirstFileA
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
GetProcessHeap
SetEnvironmentVariableA

user32

GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WinHelpA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetRect
DrawIconEx
GetSysColorBrush
DrawFocusRect
DrawEdge
GetSysColor
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
CharUpperBuffA
MapWindowPoints
SetParent
LockWindowUpdate
ValidateRect
BringWindowToTop
MonitorFromPoint
GetMonitorInfoA
CreatePopupMenu
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
GetDlgItem
CheckDlgButton
SystemParametersInfoA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
FillRect
DrawStateA
CopyImage
GetIconInfo
DestroyIcon
GetSystemMetrics
TranslateAcceleratorA
IsCharLowerA
GetClassLongA
GetWindowLongA
GetMenuItemInfoA
DrawFrameControl
IsRectEmpty
RegisterWindowMessageA
CharUpperA
SetFocus
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
IsIconic
IsZoomed
GetAsyncKeyState
SetCursor
MessageBeep
ReleaseCapture
LoadCursorA
LoadCursorW
WindowFromPoint
SetCapture
KillTimer
SetTimer
ScreenToClient
DeleteMenu
BeginDeferWindowPos
EndDeferWindowPos
IsChild
EqualRect
IntersectRect
OffsetRect
InflateRect
SetRectEmpty
PtInRect
DestroyAcceleratorTable
DestroyWindow
NotifyWinEvent
GetKeyState
GetTopWindow
GetCapture
IsWindowVisible
SetWindowRgn
PostMessageA
MapVirtualKeyA
GetKeyNameTextA
SetLastErrorEx
SendMessageA
LoadImageA
RedrawWindow
GetSystemMenu
ReleaseDC
GetDC
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemCount
RemoveMenu
ClientToScreen
SendDlgItemMessageA
GetMenuItemID
TrackPopupMenu
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
GetSubMenu
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
LoadMenuW
LoadIconW
LoadIconA
wsprintfA
GetWindow
UpdateWindow
InvalidateRect
GetWindowRect
EnableWindow
IsWindow
HideCaret
InvertRect
DestroyMenu
MapVirtualKeyExA
EnableMenuItem
GetClientRect
GetWindowRgn
DrawIcon
CreateMenu
GetDoubleClickTime
DestroyCursor
GetNextDlgGroupItem
MapDialogRect
UnregisterClassA
SubtractRect
TranslateMessage
EnumChildWindows
PostThreadMessageA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyIcon
FrameRect
SetCursorPos
SetClassLongA
GetMenuDefaultItem
RegisterClipboardFormatA
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyAcceleratorTableA
WaitMessage
IsClipboardFormatAvailable
RealChildWindowFromPoint
ShowOwnedPopups
IsMenu
GetMessageA
GetUpdateRect

gdi32

SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SetTextColor
SetRectRgn
DPtoLP
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
ExtFloodFill
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetWindowOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceA
SetPixelV
PatBlt
CreateRectRgnIndirect
CreateBitmap
RoundRect
CreateFontIndirectA
Rectangle
CreatePatternBrush
ExtTextOutA
Polygon
Ellipse
Polyline
GetTextColor
GetBkColor
CreatePolygonRgn
CreateEllipticRgn
CreateHatchBrush
CreateSolidBrush
CreateDIBSection
SetPixel
GetPixel
StretchBlt
CombineRgn
CreateRectRgn
GetStockObject
SelectPalette
RealizePalette
GetDIBits
SetBkColor
BitBlt
SetDIBColorTable
DeleteDC
GetObjectA
DeleteObject
GetTextMetricsA
GetTextExtentPoint32A
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateRoundRectRgn
GetObjectType
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreatePen

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteKeyA
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptSetKeyParam
CryptDecrypt
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExW
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
CryptDestroyKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCloseKey

shell32

SHBrowseForFolderA
SHAppBarMessage
DragFinish
DragQueryFileA
SHGetFileInfoA
ShellExecuteA
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFileExistsA
PathRemoveFileSpecW

ole32

OleLockRunning
CoCreateInstance
CoCreateGuid
CreateStreamOnHGlobal
OleDuplicateData
CoUninitialize
StringFromCLSID
CoInitialize
DoDragDrop
ReleaseStgMedium
CoInitializeEx
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleGetClipboard
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString

gdiplus

GdipFree
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
InternetReadFile
InternetCheckConnectionA
InternetOpenUrlA

winmm

timeGetTime
PlaySoundA

ws2_32

WSAStartup
recvfrom
WSAGetLastError
setsockopt
bind
socket
htons
WSACleanup

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2afc2fa464b7c9457109395f91fbf360

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

wininet

winmm

ws2_32

imm32

oleacc

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 313KB - Virtual size: 313KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 174KB - Virtual size: 173KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 313KB - Virtual size: 313KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 174KB - Virtual size: 173KB