57d71b24c8012da315f33147bae70fecf1091541b4aae86bb7eb75ece5b604aa

Sharing

Copy URL Twitter E-mail

General

Target

57d71b24c8012da315f33147bae70fecf1091541b4aae86bb7eb75ece5b604aa
Size

4.1MB
MD5

d5bf4ac2a2c68e1815578fd21c7a90ab
SHA1

cc1d1c83e295e89d26ca56192d7cbc8e017f4700
SHA256

57d71b24c8012da315f33147bae70fecf1091541b4aae86bb7eb75ece5b604aa
SHA512

005bcbcc7e44ca4bd71ab83d72d0de38e0ec1f6a62ac05db9a398926fa8743c95a90a16e6137bb0fa4915e62151c74f260ccfc5315734f7ca0632411c0eab72a
SSDEEP

98304:dBtPMCnOfnRihPJOGYaRK4CgmmxUEuHaGOyrFLOAkGkzdnEVomFHKnPu7Q:xQ6sGYldaGOyrFLOyomFHKnPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57d71b24c8012da315f33147bae70fecf1091541b4aae86bb7eb75ece5b604aa

Files

57d71b24c8012da315f33147bae70fecf1091541b4aae86bb7eb75ece5b604aa
.exe windows x86

bd37a1f14edbab51e990e77499287ca6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

hid

HidD_GetPreparsedData
HidD_GetHidGuid
HidD_SetFeature
HidD_GetFeature
HidD_GetAttributes
HidP_GetCaps
HidD_FreePreparsedData

pthreadvc2

pthread_mutex_unlock
pthread_create
pthread_mutex_destroy
pthread_mutex_lock
pthread_detach

kernel32

FindResourceExW
GetUserDefaultLCID
GetCommandLineW
ExitProcess
GetModuleHandleExW
IsDebuggerPresent
IsProcessorFeaturePresent
ExitThread
RtlUnwind
HeapQueryInformation
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
DuplicateHandle
GetConsoleCP
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableA
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
GetProfileIntW
SearchPathW
GetTempFileNameW
GetWindowsDirectoryW
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapDestroy
LeaveCriticalSection
RaiseException
GetLastError
GetConsoleMode
lstrcmpiW
GetVolumeInformationW
FindFirstFileW
GetCurrentDirectoryW
VerifyVersionInfoW
VerSetConditionMask
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadLocale
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalFlags
lstrcpyW
ResumeThread
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
lstrcmpA
GlobalSize
GlobalFree
FreeResource
GetModuleHandleW
GetModuleHandleA
SetLastError
TryEnterCriticalSection
VirtualLock
VirtualUnlock
AreFileApisANSI
LocalFree
DeleteFileW
GetVersionExA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
GetDiskFreeSpaceW
LockFileEx
GetTempPathW
FlushFileBuffers
CreateFileW
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
FormatMessageW
LoadLibraryW
GetSystemTimeAsFileTime
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
SystemTimeToFileTime
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
GetFullPathNameA
GetFullPathNameW
lstrcpyA
lstrlenA
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
GlobalUnlock
GlobalAlloc
GlobalLock
GetLocalTime
DeleteFileA
GetEnvironmentVariableA
WriteFile
CreateFileA
GetSystemTime
GetCurrentProcessId
FindNextFileA
FindClose
FindFirstFileA
GetSystemTimeAdjustment
GetWindowsDirectoryA
GetCurrentThread
QueryPerformanceCounter
GetCurrentProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetSystemDirectoryA
GetVersionExW
FormatMessageA
VirtualFree
GetProcAddress
FreeLibrary
MulDiv
GetTempPathA
CreateThread
CloseHandle
CreatePipe
GetStartupInfoW
ReadFile
OutputDebugStringW
CreateProcessW
GetModuleFileNameA
GetModuleFileNameW
CopyFileW
Sleep
GetTickCount
MultiByteToWideChar
OutputDebugStringA
GetCurrentThreadId
LockResource
SizeofResource
WideCharToMultiByte
InitializeCriticalSection
LoadResource
FindResourceW
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize

user32

ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetRect
SetCursorPos
LoadImageW
SetParent
DestroyIcon
WaitMessage
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
WindowFromPoint
DeleteMenu
KillTimer
SetTimer
ReleaseCapture
GetAsyncKeyState
CharUpperW
IsZoomed
TrackMouseEvent
EnumDisplayMonitors
SetRectEmpty
SetLayeredWindowAttributes
CopyImage
LoadCursorW
RealChildWindowFromPoint
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
TranslateMessage
GetMessageW
SetWindowContextHelpId
DrawIconEx
IsRectEmpty
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
SetCursor
ShowOwnedPopups
PostQuitMessage
DrawStateW
IntersectRect
InflateRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
LoadMenuW
FrameRect
SetWindowTextW
SetDlgItemTextW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
UpdateWindow
TrackPopupMenu
GetMenu
GetKeyState
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
UnregisterClassW
UnregisterDeviceNotification
SendMessageW
MessageBoxW
RegisterDeviceNotificationW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessagePos
PeekMessageW
DispatchMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
UnhookWindowsHookEx
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
CreateDialogIndirectParamW
PostThreadMessageW
SubtractRect
IsClipboardFormatAvailable
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
HideCaret
InvertRect
DestroyWindow
MapVirtualKeyW
GetKeyNameTextW
CloseClipboard
GetSystemMenu
IsIconic
DestroyCursor
GetWindowRgn
IsDialogMessageW
PostMessageW
EnableWindow
CopyRect
IsWindow
OffsetRect
GetClientRect
GetParent
GetFocus
FillRect
GetWindowRect
SetForegroundWindow
GetDlgItem
MessageBoxA
CheckDlgButton
SetWindowPos
SetWindowLongW
ReleaseDC
InvalidateRect
GetDC
DrawEdge
SetFocus
MessageBeep
SetCapture
RegisterWindowMessageW
MapDialogRect
GetCursorPos
GetForegroundWindow
GetCapture
MoveWindow
GetMessageTime
SetMenu
ShowWindow
GetDesktopWindow
EndDialog
EnableMenuItem
GetWindowLongW
LoadIconW
CreateMenu
SetActiveWindow
GetWindowTextLengthW
SetClipboardData
GetSystemMetrics
OpenClipboard
EmptyClipboard
GetClipboardData
AppendMenuW
DrawIcon
GetIconInfo

gdi32

DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
Polyline
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
SetRectRgn
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetLayout
SetLayout
GetMapMode
CombineRgn
ScaleWindowExtEx
OffsetWindowOrgEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
CreateCompatibleBitmap
SetTextAlign
GetObjectW
CreatePen
CreateSolidBrush
SetROP2
GetSystemPaletteEntries
DeleteDC
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
SetTextColor
SetBkColor
CreateBitmap
CreateDCW
CopyMetaFileW
PatBlt
CreateRectRgnIndirect
GetTextMetricsW
GetDeviceCaps
DeleteObject
SelectObject
SetMapMode
BitBlt
CreateFontIndirectW
GetCurrentObject
CreateCompatibleDC
SetPolyFillMode

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW
RegOpenKeyExA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA

shell32

DragQueryFileW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
DragFinish
SHGetMalloc
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent

ole32

DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoDisconnectObject
CLSIDFromProgID
OleGetClipboard
CoInitialize
CoCreateGuid
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
CoRevokeClassObject
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
SysAllocString
SysStringLen
VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
SysFreeString
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

libeay32

ord2201
ord3836
ord333
ord2784
ord2747
ord3019
ord3873
ord3212
ord1795
ord315
ord298
ord3877
ord2572
ord363
ord964
ord258
ord464
ord257
ord3816
ord3844
ord259
ord256
ord965

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd37a1f14edbab51e990e77499287ca6

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

hid

pthreadvc2

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

libeay32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 445KB - Virtual size: 445KB

.data Size: 35KB - Virtual size: 69KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 148KB - Virtual size: 147KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 445KB - Virtual size: 445KB

.data
Size: 35KB - Virtual size: 69KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 148KB - Virtual size: 147KB