42b5151391c81beaa1af933886c1477b3dc8980ccd0608c6a14888f527ed0087

Sharing

Copy URL Twitter E-mail

General

Target

42b5151391c81beaa1af933886c1477b3dc8980ccd0608c6a14888f527ed0087
Size

5.1MB
MD5

805808d3691c6d3e5287fe37ec7db6be
SHA1

6b7bae68d6c2b237f907b7b4350e3ec0b2ca54df
SHA256

42b5151391c81beaa1af933886c1477b3dc8980ccd0608c6a14888f527ed0087
SHA512

2e51a3728587a88da72b6fb2e4a778acaf5328ef27d01d2c1c8f79a727e142b6984359f5ce99102ca7d623a11a73d955f8b0fc61e03a0cdd13c5892ca4d0ee5e
SSDEEP

98304:ZcQRrvcHAshqzrDLCcdxyrmMsnLCnNfQJeL7nVkm:ZDtemdxyrQnLCNVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42b5151391c81beaa1af933886c1477b3dc8980ccd0608c6a14888f527ed0087

Files

42b5151391c81beaa1af933886c1477b3dc8980ccd0608c6a14888f527ed0087
.exe windows x86

3845118fda27af04b98bd75eed240861

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlW
InternetReadFile
InternetConnectW
InternetWriteFile
HttpSendRequestExW
HttpOpenRequestW
HttpEndRequestW
InternetCloseHandle
InternetSetOptionW
InternetQueryOptionW
HttpQueryInfoW
InternetGetConnectedState

gdiplus

GdipFree
GdipSetLineTransform
GdipSetTextureTransform
GdipGetBrushType
GdipAlloc
GdipCombineRegionPath
GdipCreateRegionPath
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipAddPathBezierI
GdipAddPathArcI
GdipAddPathLineI
GdipSetStringFormatTrimming
GdipGetStringFormatLineAlign
GdipSetStringFormatLineAlign
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetStringFormatAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipGetFontSize
GdiplusStartup
GdipCombineRegionRegion
GdipGetFontStyle
GdipGetFamily
GdipSetCompositingMode
GdipCreateHBITMAPFromBitmap
GdipDeleteFont
GdipCreateFont
GdipGetLineSpacing
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipGetFamilyName
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipEndContainer
GdipBeginContainer2
GdipRestoreGraphics
GdipSaveGraphics
GdipGetClipBoundsI
GdipSetClipRegion
GdipSetClipRectI
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipFillPath
GdipFillEllipse
GdipFillRectangleI
GdipGraphicsClear
GdipDrawPath
GdipDrawRectangle
GdipDrawArcI
GdipDrawLine
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipMultiplyWorldTransform
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCloneBitmapArea
GdipGetImageGraphicsContext
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipGetLineTransform
GdipSetLineWrapMode
GdipSetLinePresetBlend
GdipCreateLineBrushI
GdipCreateSolidFill
GdipGetTextureTransform
GdipCreateTexture
GdipDeleteBrush
GdipCloneBrush
GdipTransformRegion
GdipDeleteRegion
GdipCloneRegion
GdipGetMatrixElements
GdipDeleteMatrix
GdipCreateMatrix2
GdipCreateMatrix
GdipGetPathWorldBounds
GdipAddPathString
ord1
GdipClosePathFigure
GdipDeletePath
GdipCreatePath
GdipCloneBitmapAreaI
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GetTimeFormatW
GetDateFormatW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
WaitForSingleObjectEx
RtlCaptureStackBackTrace
CreateTimerQueue
CreateSemaphoreW
GetStartupInfoW
TlsFree
UnhandledExceptionFilter
CompareStringW
RtlUnwind
ExitThread
GetCommandLineW
GetCPInfo
WriteConsoleW
GetFileType
GetStdHandle
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
GetSystemTimeAsFileTime
DuplicateHandle
EncodePointer
GetStringTypeW
AreFileApisANSI
SetConsoleCtrlHandler
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FatalAppExitA
ExitProcess
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetThreadTimes
FreeLibraryAndExitThread
SetProcessAffinityMask
ReleaseSemaphore
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
ReadConsoleW
SetStdHandle
WaitForMultipleObjectsEx
SetEnvironmentVariableA
GetThreadContext
HeapReAlloc
CreateMutexW
SetErrorMode
HeapAlloc
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapDestroy
RaiseException
GetLastError
SetLastError
HeapSize
DecodePointer
DeleteCriticalSection
ReleaseMutex
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
GetModuleHandleW
SetThreadContext
GetModuleFileNameW
GetProcAddress
MulDiv
LocalAlloc
LocalFree
GetCurrentProcess
GlobalLock
GlobalAlloc
LeaveCriticalSection
lstrcmpW
GlobalUnlock
FlushInstructionCache
EnterCriticalSection
GetCurrentThreadId
GetFileSize
FindResourceW
LoadResource
CreateProcessW
CreateDirectoryW
WaitForSingleObject
SizeofResource
ReadFile
CreateFileW
LockResource
CloseHandle
Sleep
FormatMessageW
GetLocalTime
CreateEventW
GetTickCount
DeleteFileW
SetEvent
ResetEvent
InitializeCriticalSection
GetDriveTypeW
EndUpdateResourceW
GetLogicalDrives
TerminateThread
CopyFileW
BeginUpdateResourceW
GetExitCodeThread
UpdateResourceW
GetDiskFreeSpaceExW
CreateThread
GetFullPathNameW
GetFileAttributesW
lstrlenW
GetTempPathW
GetLongPathNameW
RemoveDirectoryW
SetFileAttributesW
GetSystemDirectoryW
ExpandEnvironmentStringsW
OpenProcess
GetVersionExW
TerminateProcess
Process32FirstW
WaitForMultipleObjects
Process32NextW
CreateToolhelp32Snapshot
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GetSystemInfo
GetACP
lstrcatW
lstrcpyW
SearchPathW
FindFirstFileW
GetFileAttributesExW
GetShortPathNameW
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
GetFileTime
ResumeThread
FreeLibrary
GetExitCodeProcess
GetTempFileNameW
MoveFileExW
GetCurrentDirectoryW
MoveFileW
SetCurrentDirectoryW
GetWindowsDirectoryW
FindClose
FindNextFileW
SwitchToThread
TryEnterCriticalSection
OpenEventW
InterlockedExchangeAdd
GetComputerNameExW
SystemTimeToFileTime
InterlockedExchange
QueryDosDeviceW
OpenMutexW
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryA
GetLogicalDriveStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetFileSizeEx
GetVersion
GetCurrentThread
GlobalMemoryStatusEx
LoadLibraryExW
CreateWaitableTimerW
SetWaitableTimer
InterlockedCompareExchange
MapViewOfFileEx
VirtualProtect
GetModuleHandleExW
OutputDebugStringA
DisableThreadLibraryCalls
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleHandleA
HeapCreate
Thread32First
Thread32Next
OpenThread
SuspendThread
VirtualQuery
GetFullPathNameA
CreateFileA
HeapCompact
UnlockFile
FlushViewOfFile
LockFile
UnlockFileEx
FormatMessageA
GetFileAttributesA
HeapValidate
LockFileEx
CreateFileMappingA
GetDiskFreeSpaceA
GetVersionExA
GetTempPathA
GetSystemTime
DeleteFileA
DeviceIoControl
GetEnvironmentVariableW
FileTimeToDosDateTime
DosDateTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
LoadLibraryW
FreeResource

user32

ShowOwnedPopups
GetWindowPlacement
SetWindowPlacement
DeferWindowPos
BringWindowToTop
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextW
GetDlgItemTextW
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
SendDlgItemMessageW
GetNextDlgGroupItem
GetNextDlgTabItem
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
SetTimer
KillTimer
IsWindowUnicode
IsWindowEnabled
GetMenu
SetMenu
HiliteMenuItem
DrawMenuBar
GetSystemMenu
UpdateWindow
SetActiveWindow
GetDCEx
GetWindowDC
GetUpdateRect
GetUpdateRgn
SetWindowRgn
GetWindowRgn
ValidateRect
ValidateRgn
LockWindowUpdate
ScrollWindow
ScrollWindowEx
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
EnableScrollBar
AdjustWindowRectEx
SetWindowContextHelpId
GetWindowContextHelpId
CreateCaret
HideCaret
ShowCaret
ChildWindowFromPoint
ChildWindowFromPointEx
GetWindowWord
SetWindowWord
SetParent
GetTopWindow
IsDialogMessageW
DlgDirListW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirSelectComboBoxExW
SetScrollInfo
GetScrollInfo
ArrangeIconicWindows
WinHelpW
SetCursor
GetCursorPos
IntersectRect
OffsetRect
EqualRect
EnumChildWindows
TrackMouseEvent
GetKeyState
GetClassLongW
FlashWindow
PtInRect
UnionRect
MsgWaitForMultipleObjects
LoadBitmapW
LoadImageW
SetRectEmpty
UpdateLayeredWindow
SetRect
SetCaretPos
GetKeyboardState
ToAscii
GetCaretBlinkTime
GetSystemMetrics
DrawIconEx
GetIconInfo
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
EnumThreadWindows
LoadStringW
GetAncestor
GetAsyncKeyState
GetPropW
SetPropW
RemovePropW
wsprintfW
EndPaint
ClientToScreen
DestroyWindow
GetWindowTextLengthW
DestroyAcceleratorTable
ScreenToClient
GetWindowRect
CharNextW
RegisterWindowMessageW
FillRect
IsChild
SetCapture
PostMessageW
GetFocus
GetParent
InvalidateRgn
LoadCursorW
GetClientRect
CreateAcceleratorTableW
SetFocus
BeginPaint
GetClassInfoExW
RegisterClassExW
InvalidateRect
GetWindowLongW
GetWindowTextW
GetClassNameW
GetDlgItem
SetWindowLongW
RedrawWindow
GetSysColor
SetWindowPos
IsWindow
CreateWindowExW
ReleaseCapture
SendMessageW
SetWindowTextW
CallWindowProcW
DefWindowProcW
CopyRect
GetWindow
MoveWindow
GetDC
ReleaseDC
UnregisterClassW
GetDesktopWindow
MessageBoxW
ShowWindowAsync
SendNotifyMessageW
IsRectEmpty
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
IsIconic
IsZoomed
GetLastActivePopup
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
SystemParametersInfoW
MonitorFromWindow
FindWindowExW
IsWindowVisible
MapWindowPoints
EnableWindow
GetDlgCtrlID
GetMonitorInfoW
GetWindowThreadProcessId
GetShellWindow
LoadIconW
EndDialog
ShowWindow
DialogBoxParamW
GetActiveWindow

gdi32

ExtTextOutW
GetDIBits
CreatePolygonRgn
SetBkColor
CreateRectRgnIndirect
SetWorldTransform
SetGraphicsMode
EnumFontsW
SetViewportOrgEx
GetRgnBox
CreateFontIndirectW
CreateDCW
CreateDIBSection
PtInRegion
CreateRoundRectRgn
GetClipBox
SetTextColor
GetObjectW
GetStockObject
CreateSolidBrush
GetDeviceCaps
BitBlt
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

OpenThreadToken
RegQueryValueExW
LookupAccountSidW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
CheckTokenMembership
GetUserNameW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
CreateProcessAsUserW
SetTokenInformation
DuplicateTokenEx
GetLengthSid
RegOpenKeyExW

shell32

SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
DragAcceptFiles
SHGetFileInfoW
SHGetFolderLocation
SHGetMalloc
SHGetFolderPathW
SHChangeNotify
SHFileOperationW
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteExW
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoTaskMemRealloc
StringFromGUID2
OleUninitialize
OleInitialize
CoCreateInstance
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoCreateGuid
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree

oleaut32

SysAllocStringLen
OleCreateFontIndirect
LoadRegTypeLi
VarUI4FromStr
VariantInit
LoadTypeLi
VariantClear
DispCallFunc
SysAllocString
SysStringLen
GetErrorInfo
VariantChangeType
SetErrorInfo
CreateErrorInfo
SysFreeString

shlwapi

PathFindFileNameW
StrDupW
PathAppendW
StrToIntA
ord12
SHAutoComplete

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

sensapi

IsNetworkAlive

imm32

ImmGetContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmReleaseContext

winmm

timeGetTime

psapi

GetMappedFileNameW

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 710KB - Virtual size: 709KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 387KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3845118fda27af04b98bd75eed240861

Headers

DLL Characteristics

File Characteristics

Imports

wininet

gdiplus

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

urlmon

sensapi

imm32

winmm

psapi

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 710KB - Virtual size: 709KB

.data Size: 37KB - Virtual size: 65KB

.rsrc Size: 387KB - Virtual size: 387KB

.reloc Size: 192KB - Virtual size: 191KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 710KB - Virtual size: 709KB

.data
Size: 37KB - Virtual size: 65KB

.rsrc
Size: 387KB - Virtual size: 387KB

.reloc
Size: 192KB - Virtual size: 191KB