208498f644531d5e43547fc96e7ff2a7c31864c62d52014ef73930ed94ae0070

Sharing

Copy URL Twitter E-mail

General

Target

208498f644531d5e43547fc96e7ff2a7c31864c62d52014ef73930ed94ae0070
Size

2.3MB
MD5

f542886eda2d0df56efbf1239e9f9531
SHA1

fdb049f82a076a81325b3721b00effed146c2cc0
SHA256

208498f644531d5e43547fc96e7ff2a7c31864c62d52014ef73930ed94ae0070
SHA512

feb1e4aea2eb92e90e42ae4ba233e14759a22a25af2e4c29f92a8bed5f54cbe2a89b6af5b19026b03aa4bd0ac01aa8d74723198c826c66a8ec06066c19d8bed4
SSDEEP

49152:cBbSkDmToDbKL+GlgIrRH2uiKmzTHVzvD7ecF7v6:EOkiTBfgIFH2uiKOT9icFG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
208498f644531d5e43547fc96e7ff2a7c31864c62d52014ef73930ed94ae0070

Files

208498f644531d5e43547fc96e7ff2a7c31864c62d52014ef73930ed94ae0070
.exe windows x86

6590b637923a11af42c9b25d443005fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
lstrcmpiA
GetProfileStringA
GetLastError
GlobalFree
GlobalUnlock
GlobalLock
TlsFree
GlobalAlloc
GlobalDeleteAtom
FindResourceA
GetModuleFileNameA
CloseHandle
CreateEventA
lstrlenA
SetThreadPriority
GetThreadPriority
ResumeThread
GlobalAddAtomA
GetProcAddress
SuspendThread
GlobalFindAtomA
GetModuleHandleA
lstrcpyA
GetVersion
GlobalGetAtomNameA
lstrcatA
FreeLibrary
LoadLibraryA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileAttributesA
lstrcpynA
GetTempFileNameA
GetFullPathNameA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
IsBadStringPtrW
IsBadStringPtrA
IsBadWritePtr
IsBadReadPtr
GetVersionExA
GetLocaleInfoW
SetEnvironmentVariableA
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
SetStdHandle
IsValidCodePage
IsValidLocale
GetStringTypeW
IsBadCodePtr
Sleep
SetUnhandledExceptionFilter
GetStringTypeA
SetConsoleCtrlHandler
LCMapStringW
CompareStringW
CompareStringA
HeapReAlloc
LCMapStringA
VirtualAlloc
VirtualFree
HeapAlloc
FatalAppExitA
HeapDestroy
HeapFree
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetFileType
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetSystemTime
SetHandleCount
GetLocalTime
GetStdHandle
GetTimeZoneInformation
GetACP
ExitThread
DebugBreak
RaiseException
TerminateProcess
CreateThread
HeapValidate
GetStartupInfoA
ExitProcess
GetCommandLineA
CopyFileA
RtlUnwind
lstrcpyW
lstrlenW
GlobalSize
GetTickCount
SetFileAttributesA
SetErrorMode
FormatMessageA
GetFileSize
SystemTimeToFileTime
LocalFileTimeToFileTime
GetVolumeInformationA
GetShortPathNameA
GetStringTypeExA
DeleteFileA
FindFirstFileA
FindClose
UnlockFile
MoveFileA
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
OutputDebugStringA
GetCurrentProcess
DuplicateHandle
GetCPInfo
GetThreadLocale
GetOEMCP
FileTimeToLocalFileTime
GetProfileIntA
VirtualProtect
GetCurrentDirectoryA
FileTimeToSystemTime
GetProcessVersion
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
GetCurrentThread
GlobalHandle
FreeResource
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
SizeofResource
GlobalFlags
SetLastError
MulDiv
GetCurrentThreadId
lstrcmpA
SetEvent
WaitForSingleObject
LoadResource

user32

wvsprintfA
MessageBeep
CopyAcceleratorTableA
CharNextA
DestroyIcon
GetAsyncKeyState
GetClipboardFormatNameA
LoadStringA
GetDialogBaseUnits
SetCursorPos
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
DestroyCursor
OemToCharA
CharToOemA
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
GetTabbedTextExtentA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
SubtractRect
UnionRect
InflateRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
DestroyMenu
LoadMenuA
LoadAcceleratorsA
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
DefWindowProcA
RegisterClipboardFormatA
CharUpperA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckDlgButton
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
MapDialogRect
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
IsChild
GetTopWindow
GetWindow
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
GetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
InSendMessage
IsClipboardFormatAvailable
WaitMessage
CreateWindowExA
GetClassNameA
CheckRadioButton
ShowOwnedPopups
IsWindowVisible
ValidateRgn
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
TabbedTextOutA
PostMessageA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
SendMessageA
SetCursor
PostQuitMessage
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
PeekMessageA
LoadIconA
MessageBoxA
GrayStringA
ScrollDC
GetWindowThreadProcessId
DefDlgProcA
IsWindowUnicode
UnregisterClassA

gdi32

GetObjectA
SetTextColor
GetClipBox
GetDCOrgEx
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreateBitmap
GetTextExtentPointA
GetRgnBox
PtInRegion
OffsetRgn
CreateDCA
CreateICA
RectInRegion
GetDeviceCaps
GetBrushOrgEx
CreateCompatibleDC
EnumObjects
SelectObject
SetBrushOrgEx
RealizePalette
UpdateColors
GetNearestColor
GetBkMode
GetPolyFillMode
GetBkColor
GetStretchBltMode
GetTextColor
GetROP2
GetViewportOrgEx
GetViewportExtEx
GetMapMode
GetWindowExtEx
DPtoLP
GetWindowOrgEx
FillRgn
FrameRgn
LPtoDP
PaintRgn
PtVisible
InvertRgn
GetCurrentPositionEx
Arc
RectVisible
Chord
Ellipse
Polyline
Polygon
PolyPolygon
Pie
RoundRect
PatBlt
Rectangle
StretchBlt
GetPixel
BitBlt
GetObjectType
SetPixel
UnrealizeObject
ExtFloodFill
TextOutA
FloodFill
GetTextAlign
GetTextFaceA
GetTextExtentPoint32A
GetTextCharacterExtra
GetCharWidthA
GetTextMetricsA
Escape
SetBoundsRect
GetAspectRatioFilterEx
ResetDCA
GetOutlineTextMetricsA
GetBoundsRect
GetFontData
GetKerningPairsA
GetCharABCWidthsA
StartDocA
StartPage
GetGlyphOutlineA
SetAbortProc
AbortDoc
EndPage
MaskBlt
PlgBlt
EndDoc
AngleArc
GetArcDirection
SetPixelV
GetColorAdjustment
GetCurrentObject
PolyPolyline
DrawEscape
ExtEscape
PolyBezier
GetCharWidthFloatA
AbortPath
GetCharABCWidthsFloatA
CloseFigure
EndPath
BeginPath
FlattenPath
GetMiterLimit
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateSolidBrush
CreateHatchBrush
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
GetStockObject
ExtCreatePen
OffsetWindowOrgEx
SetWindowExtEx
SetWindowOrgEx
SelectClipRgn
SetBkColor
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
EqualRgn
CreatePenIndirect
PolylineTo
SetColorAdjustment
PolyDraw
FillPath
CreatePen
DeleteObject
GetClipRgn
PolyBezierTo
ExtSelectClipRgn
PlayMetaFileRecord
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
ScaleViewportExtEx
SetArcDirection
DeleteMetaFile
SelectClipPath
CreateDIBitmap
PlayMetaFile
StretchDIBits
CopyMetaFileA
EnumMetaFile

comdlg32

GetFileTitleA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
PageSetupDlgA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
SetFileSecurityA
RegCreateKeyExA
RegQueryValueA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegSetValueA

shell32

SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles

comctl32

ImageList_Replace
ImageList_Read
ImageList_Write
ImageList_SetBkColor
ord17
ord8
ord13
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ord14
ImageList_GetImageCount
ImageList_Add
ImageList_AddMasked
ImageList_Remove
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
ImageList_SetImageCount
ImageList_Copy
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord3
ord7
ord6
ord5
ord9
ord4
ord8

ole32

CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleLockRunning
CreateStreamOnHGlobal
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
CreateFileMoniker
GetClassFile
OleLoad
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleRegEnumVerbs
OleCreate
OleSave
CreateGenericComposite
CreateOleAdviseHolder
OleRegGetMiscStatus
OleIsCurrentClipboard
ReadFmtUserTypeStg
GetRunningObjectTable
CoLockObjectExternal
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateItemMoniker
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleSetClipboard
OleDestroyMenuDescriptor
CreateDataAdviseHolder
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
OleTranslateAccelerator
OleCreateMenuDescriptor
IsAccelerator

olepro32

ord253

oleaut32

VarBstrFromCy
SysFreeString
LoadTypeLi
SysStringLen
DosDateTimeToVariantTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
SafeArrayGetUBound
VarCyFromStr
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreate
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6590b637923a11af42c9b25d443005fe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 144KB - Virtual size: 144KB

.data Size: 76KB - Virtual size: 94KB

.idata Size: 24KB - Virtual size: 24KB

.rsrc Size: 36KB - Virtual size: 33KB

.reloc Size: 84KB - Virtual size: 82KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 144KB - Virtual size: 144KB

.data
Size: 76KB - Virtual size: 94KB

.idata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 36KB - Virtual size: 33KB

.reloc
Size: 84KB - Virtual size: 82KB