8fbfd1f3f3472636ceb7fa5b1e4b564f91d107d63a819ef121a052a8ea5f6223

Sharing

Copy URL Twitter E-mail

General

Target

8fbfd1f3f3472636ceb7fa5b1e4b564f91d107d63a819ef121a052a8ea5f6223
Size

4.0MB
MD5

7df3a685451fb699f1d223c85a905b9e
SHA1

896834e6ea668518180033a0da455f1bb61d723c
SHA256

8fbfd1f3f3472636ceb7fa5b1e4b564f91d107d63a819ef121a052a8ea5f6223
SHA512

43a6515472cc71f040be05eb92a112c52d7a6158bc79f3e016de00307e567c3c26641cb2366c21558ff1a19822d383db77faad4d0162cc8d35753fe6f8483d70
SSDEEP

98304:g1JOZKqA6PAB/CmpEjfOKVCWdf7LfLtXFLOAkGkzdnEVomFHKnPD:g1J0p4a9fJ7LfLtXFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fbfd1f3f3472636ceb7fa5b1e4b564f91d107d63a819ef121a052a8ea5f6223

Files

8fbfd1f3f3472636ceb7fa5b1e4b564f91d107d63a819ef121a052a8ea5f6223
.exe windows x86

3664ac8e83e2741ab942803fefc0546e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbc32

ord4
ord72
ord13
ord18
ord26
ord20
ord8
ord76
ord35
ord61
ord12
ord29
ord9
ord39
ord45
ord31
ord24
ord41
ord236
ord19
ord75

winmm

PlaySoundA

kernel32

VerSetConditionMask
VerifyVersionInfoA
GetACP
SetErrorMode
SearchPathA
VirtualProtect
GetWindowsDirectoryA
FindResourceExW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
ExitThread
GetCommandLineA
GetLocalTime
RtlUnwind
GetSystemInfo
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapQueryInformation
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetConsoleCP
GetConsoleMode
ReadConsoleW
GetStdHandle
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
SetFilePointerEx
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
OutputDebugStringW
SetEnvironmentVariableA
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
LocalReAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentDirectoryA
GlobalReAlloc
WideCharToMultiByte
SizeofResource
LockResource
lstrcpyA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFileTime
GetFileAttributesA
GetDiskFreeSpaceA
SetThreadPriority
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
SystemTimeToFileTime
FileTimeToSystemTime
GetVersionExA
GetProfileIntA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
lstrcmpA
GetCurrentProcessId
SetLastError
CopyFileA
GlobalSize
MultiByteToWideChar
OutputDebugStringA
LocalSize
lstrlenA
LocalAlloc
GetTempPathA
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
ReleaseSemaphore
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
CreateMutexA
OpenMutexA
InterlockedDecrement
InterlockedIncrement
ReadFile
GetOverlappedResult
WriteFile
LocalFree
FormatMessageA
SuspendThread
GetCommMask
ClearCommError
GetLastError
WaitCommEvent
PurgeComm
SetCommState
BuildCommDCBA
GetCommState
SetCommMask
SetCommTimeouts
SetupComm
CreateFileA
FreeResource
FindResourceA
GlobalAlloc
WaitForSingleObject
ResetEvent
SetEvent
WaitForMultipleObjects
CreateEventA
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
TryEnterCriticalSection
Sleep
CloseHandle
CreateThread
GetTickCount
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetModuleFileNameA
FindResourceW
LoadResource

user32

GetWindowRgn
DestroyCursor
SystemParametersInfoA
LoadCursorW
SetWindowRgn
DrawIcon
IsZoomed
TranslateMessage
GetMessageA
CharUpperA
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
SetRectEmpty
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
IsIconic
IsClipboardFormatAvailable
MapVirtualKeyA
GetKeyNameTextA
GetActiveWindow
CreateDialogIndirectParamA
DrawStateA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassLongA
SetWindowLongA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
CopyAcceleratorTableA
SetFocus
MapVirtualKeyExA
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
IsWindowEnabled
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
SetParent
IsChild
GetFocus
GetNextDlgTabItem
GetDesktopWindow
GetSystemMetrics
UnregisterClassA
EndDialog
FindWindowExA
PostQuitMessage
FrameRect
GetClassNameA
DrawTextA
WindowFromDC
CopyRect
SetRect
GetSysColor
GetWindowRect
SetScrollPos
ReleaseDC
GetDC
MapWindowPoints
IsWindowVisible
LoadCursorA
SetCursor
KillTimer
UpdateWindow
EnableWindow
GetTabbedTextExtentW
SetMenuDefaultItem
GetMenuDefaultItem
SetTimer
SendMessageA
MessageBoxA
ReleaseCapture
IsWindow
GetParent
PostMessageA
SetCapture
InvalidateRect
EqualRect
FillRect
IntersectRect
OffsetRect
IsRectEmpty
PtInRect
ScreenToClient
IsCharLowerA
InvertRect
HideCaret
GetDoubleClickTime
SubtractRect
GetComboBoxInfo
CopyIcon
GetUpdateRect
GetIconInfo
GetNextDlgGroupItem
InvalidateRgn
CharNextA
GetCursorPos
InflateRect
GetClientRect
EnumChildWindows
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
SetCursorPos
GetDlgCtrlID
CreateMenu
EnumDisplayMonitors
SetLayeredWindowAttributes
RealChildWindowFromPoint
ModifyMenuA
CharUpperBuffA
DrawIconEx
DrawFocusRect
GetSysColorBrush
DrawEdge
LockWindowUpdate
EnableScrollBar
UpdateLayeredWindow
UnionRect
DrawMenuBar
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetMenuItemInfoA
IsMenu
DrawFrameControl
DeleteMenu
GetSystemMenu
TrackMouseEvent
NotifyWinEvent
SetClassLongA
DestroyAcceleratorTable
GetAsyncKeyState
WindowFromPoint
ShowOwnedPopups
WaitMessage
PostThreadMessageA
LoadMenuW
LoadAcceleratorsW
MonitorFromPoint
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
MessageBeep
TranslateMDISysAccel
DefMDIChildProcA
GetKeyState
DefFrameProcA
CopyImage

gdi32

SetTextColor
GetStockObject
GetMapMode
SetBkMode
SelectClipRgn
GetBkColor
GetCurrentObject
GetBitmapBits
SetBitmapBits
CreateFontIndirectA
CopyMetaFileA
CreateDCA
CreateBitmap
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetBkColor
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
StartDocA
MoveToEx
TextOutA
ExtTextOutA
CreateRoundRectRgn
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
GetCharWidthA
StretchDIBits
CreateEllipticRgn
CreateDIBSection
LPtoDP
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
Rectangle
GetDIBits
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
GetTextFaceA
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
EnumFontFamiliesExA
SetPixelV
GetDeviceCaps
DeleteDC
SetBitmapDimensionEx
DeleteObject
SelectObject
GetBitmapDimensionEx
CreateFontA
Ellipse
BitBlt
PolyPolygon
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
GetTextExtentPoint32A
SetViewportExtEx
CreatePen

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
GetJobA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
GetFileSecurityA
SetFileSecurityA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegCloseKey
RegEnumValueA
RegOpenKeyExA

shell32

SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetFileInfoA
SHAppBarMessage
ExtractIconA
SHAddToRecentDocs
SHGetDesktopFolder
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetWindowTheme
GetThemeSysColor
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeText
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

ole32

CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleDuplicateData
ReleaseStgMedium
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleGetClipboard
CoUninitialize
CoInitializeEx
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoCreateGuid
CoInitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
OleLockRunning
CoDisconnectObject
CLSIDFromProgID

oleaut32

SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysStringLen
SafeArrayDestroy
SysFreeString
VariantCopy
VarBstrFromDate
LoadTypeLi
SysAllocString
OleCreateFontIndirect
VarUdateFromDate
OleLoadPicture
VariantTimeToSystemTime
SystemTimeToVariantTime

oledlg

ord8

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageI

ws2_32

accept
connect
recv
send
bind
htonl
recvfrom
getsockname
ntohs
htons
sendto
ioctlsocket
WSAGetLastError
socket
closesocket
shutdown
WSACleanup
inet_ntoa
gethostbyname
gethostname
WSAStartup
listen

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3664ac8e83e2741ab942803fefc0546e

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 472KB - Virtual size: 471KB

.data Size: 40KB - Virtual size: 99KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 168KB - Virtual size: 167KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 472KB - Virtual size: 471KB

.data
Size: 40KB - Virtual size: 99KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 168KB - Virtual size: 167KB