467a445df15e847e5557c7467b033de3769ed798cf29fdffe87891732fce60d4

Sharing

Copy URL Twitter E-mail

General

Target

467a445df15e847e5557c7467b033de3769ed798cf29fdffe87891732fce60d4
Size

2.8MB
MD5

7505aeb5b6f47a8f2daa17087fdec900
SHA1

ee1d0bed590be29429075fd1dae25e2244d9dddc
SHA256

467a445df15e847e5557c7467b033de3769ed798cf29fdffe87891732fce60d4
SHA512

c2089f5287aab1375fd04ac58165127e6a4e8aac21514307eac5318b84b9622489adcb59628b72fd348eb7bd21129590aef2a39399b8f939a0190f478ad7b417
SSDEEP

49152:mRvzBN18wQ784C2cJ2kQ2CS2tFfsVsZ8aFzYqPDp/YyvYpJ016k4xIUn:mRvzBNBQ77C2cJ2kQ272LsVs+avtvY40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
467a445df15e847e5557c7467b033de3769ed798cf29fdffe87891732fce60d4

Files

467a445df15e847e5557c7467b033de3769ed798cf29fdffe87891732fce60d4
.exe windows x86

94107880186a6ee488d75f7f4b0c4a0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
MoveFileW
SetCurrentDirectoryW
RemoveDirectoryW
QueryDosDeviceW
SetEndOfFile
FlushFileBuffers
GetSystemTimeAsFileTime
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
SetFilePointer
FileTimeToLocalFileTime
GetUserDefaultLangID
GetComputerNameA
GetSystemDirectoryW
GetStdHandle
WaitForMultipleObjects
VirtualFree
VirtualAlloc
ReleaseSemaphore
ResetEvent
CreateSemaphoreW
lstrcpyW
lstrcatW
SetFileAttributesW
GlobalMemoryStatus
DeviceIoControl
CreateFileA
LoadLibraryA
OpenMutexW
OpenEventW
OpenSemaphoreW
GetCurrentProcessId
ExpandEnvironmentStringsW
CreateProcessW
SetUnhandledExceptionFilter
SetConsoleMode
ReadConsoleInputA
FindFirstFileA
GetTempPathW
GetFileAttributesW
CopyFileW
CreateDirectoryW
GetVersion
GlobalSize
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetFullPathNameA
GetDriveTypeA
GetCurrentDirectoryA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
HeapCreate
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
RtlUnwind
GetStartupInfoW
GetTimeZoneInformation
VirtualQuery
GetModuleHandleA
VirtualProtect
GetFileType
SetStdHandle
ExitThread
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetLogicalDriveStringsW
GetTempFileNameW
FindClose
GetSystemInfo
InterlockedCompareExchange
ProcessIdToSessionId
SystemTimeToFileTime
LocalFree
LocalAlloc
OpenProcess
WriteFile
GetTickCount
GetCurrentThread
SetThreadPriority
LoadLibraryExW
lstrcmpiW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetPrivateProfileStringW
DeleteCriticalSection
QueryPerformanceFrequency
CreateEventW
GetPrivateProfileIntW
MapViewOfFileEx
MapViewOfFile
CreateFileMappingW
CreateThread
UnmapViewOfFile
MoveFileExW
Sleep
GetDiskFreeSpaceExW
GetDriveTypeW
TerminateThread
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteFileW
RaiseException
SetLastError
FlushInstructionCache
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
lstrlenA
MultiByteToWideChar
GetWindowsDirectoryW
WideCharToMultiByte
lstrlenW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
CreateFileW
GetFileSize
GetProcAddress
ReadFile
GetCurrentThreadId
InitializeCriticalSection
GetFullPathNameW
GetExitCodeThread
GetVersionExW
FindResourceExW
OutputDebugStringW
GetLocalTime
GetSystemTime
SetEvent
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
WaitForSingleObject
FreeLibrary
LoadLibraryW
CloseHandle
GetLastError
GetCurrentProcess
GetModuleHandleW
FlushConsoleInputBuffer

user32

CharLowerW
RegisterWindowMessageW
PtInRect
SetCursor
CharUpperW
FindWindowExW
LoadImageW
DestroyIcon
DrawFrameControl
KillTimer
IntersectRect
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
CloseClipboard
GetClipboardData
OpenClipboard
UnregisterClassA
IsRectEmpty
InflateRect
UnionRect
PostMessageW
EqualRect
DrawTextW
GetWindowTextW
IsWindow
IsWindowVisible
SetForegroundWindow
LoadIconW
SetTimer
SystemParametersInfoW
DestroyWindow
CallWindowProcW
DrawIconEx
PostThreadMessageW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetDlgCtrlID
GetActiveWindow
GetDesktopWindow
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
GetForegroundWindow
SetWindowPos
AttachThreadInput
SetActiveWindow
GetFocus
IsChild
GetParent
IsDialogMessageW
ClientToScreen
OffsetRect
CopyRect
RegisterClassExW
GetWindow
GetWindowRect
GetWindowLongW
GetClientRect
MapWindowPoints
GetDlgItem
BeginPaint
EndPaint
MonitorFromWindow
GetMonitorInfoW
SetCapture
ReleaseCapture
GetCursorPos
SetFocus
GetNextDlgTabItem
ScreenToClient
MoveWindow
GetKeyState
WindowFromPoint
GetScrollPos
GetDC
ReleaseDC
ShowWindow
UpdateLayeredWindow
SetRect
InvalidateRect
SetWindowLongW
CreateWindowExW
DefWindowProcW
LoadBitmapW
CharNextW
UpdateWindow
BringWindowToTop
SendMessageW
SetRectEmpty
GetClassInfoExW
LoadCursorW
GetSystemMetrics
GetWindowTextLengthW
SetWindowRgn
SetWindowTextW

gdi32

CreateBitmap
StretchBlt
SetTextColor
GetRgnBox
CombineRgn
DeleteObject
SetWindowOrgEx
SetViewportOrgEx
ExtTextOutW
CreateCompatibleDC
GetTextExtentPoint32W
CreatePen
MoveToEx
LineTo
GetCurrentObject
TextOutW
GetTextColor
GetDIBits
CreateDCW
GetObjectW
DeleteDC
CreateCompatibleBitmap
SelectClipRgn
SetBkMode
RoundRect
GetClipRgn
RestoreDC
OffsetRgn
ExtSelectClipRgn
CreateRectRgn
GetViewportOrgEx
SaveDC
RectInRegion
CreateRoundRectRgn
CreateRectRgnIndirect
GetStockObject
CreateFontIndirectW
SetGraphicsMode
CreateDIBSection
Rectangle
SetWorldTransform
GetWorldTransform
SetStretchBltMode
BitBlt
GetWindowOrgEx
SetBkColor
GetTextMetricsW
CreateFontW
SelectObject

advapi32

SetTokenInformation
DuplicateTokenEx
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ReportEventA
DeregisterEventSource
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CreateProcessAsUserW
RegisterEventSourceA

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW

ole32

CoUninitialize
CoInitializeEx
CoCreateGuid
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoSetProxyBlanket

oleaut32

VarUI4FromStr
SysAllocStringLen
SysStringLen
VariantInit
VariantCopy
VariantClear
SysAllocString
SysFreeString

shlwapi

PathRemoveFileSpecW
PathIsDirectoryW
PathFindExtensionW
PathFindFileNameW
PathAppendW
StrToIntW
StrToIntA
PathFileExistsW
PathAddBackslashW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateSolidFill
GdipFillRectangleI
GdipCreatePen1
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipGetImagePixelFormat
GdipCloneBitmapArea
GdipImageRotateFlip
GdipDrawImagePointsRectI
GdipLoadImageFromStream
GdipFree
GdipDeleteFontFamily
GdipDeletePrivateFontCollection
GdipPrivateAddFontFile
GdipGetFontCollectionFamilyCount
GdipAlloc
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipDrawLinesI
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipCreateLineBrushI
GdiplusStartup
GdipCreateLineBrushFromRectWithAngleI
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipMeasureString
GdipFillRectangle
GdipDeleteFont
GdipCreateFont
GdipCreateFontFromLogfontW
GdipSetStringFormatLineAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipSetTextRenderingHint
GdipCloneImage
GdipLoadImageFromFile
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipSetInterpolationMode
GdipDrawImageRectI
GdipSetCompositingQuality
GdipGetImageGraphicsContext
GdipSetPixelOffsetMode
GdipGetFamily
GdipAddPathStringI
GdipGetFontSize
GdipFillPath
GdipGraphicsClear
GdipDrawImageI
GdipAddPathRectangleI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectRect
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetPenDashStyle
GdipAddPathPieI
GdipSetClipPath
GdipDrawImageRectRectI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipResetWorldTransform
GdipDrawPath
GdipClosePathFigure
GdipAddPathArcI
GdipDeletePath
GdipCreatePath
GdipDrawRectangleI
GdipDrawLine
GdipSetSmoothingMode
GdipSetPenMode
GdipSetPenStartCap
GdipSetPenEndCap
GdipDeletePen
GdipNewPrivateFontCollection

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

rasapi32

RasEnumConnectionsW

iphlpapi

IcmpSendEcho
IcmpCloseHandle
IcmpCreateFile
GetAdaptersInfo

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94107880186a6ee488d75f7f4b0c4a0b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

wtsapi32

psapi

version

rasapi32

iphlpapi

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 440KB - Virtual size: 437KB

.data Size: 68KB - Virtual size: 95KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 440KB - Virtual size: 437KB

.data
Size: 68KB - Virtual size: 95KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB