7fffc31fdddf873ba884a9f2e5fb8cb890fb31f7ded94c7bf5a086dbc434c905

Sharing

Copy URL Twitter E-mail

General

Target

7fffc31fdddf873ba884a9f2e5fb8cb890fb31f7ded94c7bf5a086dbc434c905
Size

1.8MB
MD5

4aa79267f82ed6caf336470a3d54cc7a
SHA1

86284fbd5559399aa33ce9a959da1531656bebe7
SHA256

7fffc31fdddf873ba884a9f2e5fb8cb890fb31f7ded94c7bf5a086dbc434c905
SHA512

93167af85baa894fb829ad91f7abb53acfae6144ebdfd5e7f32bf2fb36d9ab020335a01899423413d5565c78f2abbaf8e54dc2e34aa819fd43669df0c12c254d
SSDEEP

49152:AJljyX5lICx4Z8OmwpftadmFNa/79Cp68i+1fFQa8ZddK0wa27J/cRYB:cyX5lIp8OmetadmFNa/79CpA+FFQaBaa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fffc31fdddf873ba884a9f2e5fb8cb890fb31f7ded94c7bf5a086dbc434c905

Files

7fffc31fdddf873ba884a9f2e5fb8cb890fb31f7ded94c7bf5a086dbc434c905
.exe windows x86

e05be478114b75e01e7fb2cbc7e9b55f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
GetCurrentProcessId
FreeResource
FindResourceA
GlobalFree
WaitForSingleObject
lstrcmpW
LoadLibraryW
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
GetFileTime
GetTempFileNameA
GetFullPathNameA
MulDiv
lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetStringTypeExA
GetThreadLocale
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetACP
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
SetErrorMode
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetProfileIntA
Sleep
SearchPathA
FindResourceExW
RaiseException
GetModuleHandleA
EncodePointer
DecodePointer
ExitProcess
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
ExitThread
CreateThread
VirtualQuery
HeapReAlloc
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
IsProcessorFeaturePresent
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetStdHandle
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
WideCharToMultiByte
CompareStringA
ActivateActCtx
LoadLibraryA
DeactivateActCtx
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
GetProcAddress
FreeLibrary
RtlUnwind
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrlenA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateFileA
UnmapViewOfFile
FindFirstFileA
FindClose
GetLastError
GetSystemInfo
VirtualAlloc
VirtualProtect
InterlockedDecrement
InterlockedIncrement
lstrcpyA
OpenProcess
InitializeProcThreadAttributeList
GetProcessHeap
HeapAlloc
UpdateProcThreadAttribute
CreateProcessA
ResumeThread
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
GlobalUnlock
DeleteFileA
GetDriveTypeW

user32

SetParent
RealChildWindowFromPoint
KillTimer
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
LoadCursorA
GetSysColorBrush
CharUpperA
InflateRect
GetMenuItemInfoA
CharNextA
CopyAcceleratorTableA
SetRect
InvalidateRgn
SetCapture
GetNextDlgGroupItem
MessageBeep
LoadAcceleratorsW
LoadMenuW
GetKeyNameTextA
MapVirtualKeyA
UnionRect
WindowFromPoint
LockWindowUpdate
UnregisterClassA
SetWindowRgn
RedrawWindow
DestroyAcceleratorTable
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SetCursorPos
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DrawIcon
DestroyCursor
GetWindowRgn
GetSystemMenu
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
EnableWindow
PtInRect
GetWindowDC
IntersectRect
ReleaseDC
UpdateWindow
DeleteMenu
IsRectEmpty
IsZoomed
GetSystemMetrics
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
IsIconic
InsertMenuItemA
CreatePopupMenu
GetMessagePos
OffsetRect
BringWindowToTop
TranslateAcceleratorA
GetDC
SetRectEmpty
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetTimer
wsprintfA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ws2_32

socket
connect
closesocket
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
htonl
ntohl
getpeername
getsockopt
htons
gethostname
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
WSACleanup
WSAStartup
WSASetLastError
freeaddrinfo
__WSAFDIsSet

crypt32

CertFreeCertificateContext

wldap32

ord26
ord30
ord50
ord32
ord35
ord79
ord33
ord301
ord60
ord143
ord211
ord200
ord27
ord41
ord46
ord22

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCreateBitmapFromStream
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

BitBlt
GetPixel
PtVisible
RectVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
GetObjectA
SetPixelV
GetTextFaceA
SetBkColor
CreateBitmap
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
PatBlt
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateRectRgnIndirect
CreateDIBitmap
TextOutA
ExtTextOutA
Escape
SelectObject
GetTextExtentPoint32A
GetTextMetricsA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
SetTextColor

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

comdlg32

GetFileTitleA

advapi32

CryptGenRandom
CryptImportKey
CryptEncrypt
CryptDestroyKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash

shell32

SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
SHAddToRecentDocs
DragQueryFileA
DragFinish

ole32

CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoRevokeClassObject

oleaut32

VariantCopy
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VarBstrFromDate
SysFreeString
SysAllocString

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e05be478114b75e01e7fb2cbc7e9b55f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msimg32

comctl32

shlwapi

oledlg

ws2_32

crypt32

wldap32

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 320KB - Virtual size: 319KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 94KB - Virtual size: 96KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 320KB - Virtual size: 319KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 94KB - Virtual size: 96KB