9fee8ae8463cb022de23ef36a1386d31ac0eaaf30cffa72a9282edf903cedabe

Sharing

Copy URL

Twitter E-mail

General

Target

9fee8ae8463cb022de23ef36a1386d31ac0eaaf30cffa72a9282edf903cedabe
Size

3.3MB
MD5

c4b002a785cb2db900f1d7016eb0da06
SHA1

83e26f735fa9848134d88fb05af59e20592a58a0
SHA256

9fee8ae8463cb022de23ef36a1386d31ac0eaaf30cffa72a9282edf903cedabe
SHA512

3489f53cc01c84c28a9a231961398fd4becf69ecf45f08e7e1d4b33e4c296b87081a087ecc2962bf59b086a42750ce915daa6b2e8f1fa7798ab38de3a47f150f
SSDEEP

98304:/O1WvuQ5X1NecYLngKpJSYP64Lu0Z1fseGVbL8oj9ghi1RebMIg9Cbk/V8:/O1MxniDE65aeGVbL8ojDIg9Cbk/V8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fee8ae8463cb022de23ef36a1386d31ac0eaaf30cffa72a9282edf903cedabe

Files

9fee8ae8463cb022de23ef36a1386d31ac0eaaf30cffa72a9282edf903cedabe
.exe windows x86

11c59fa722acfef563e450b2f667f3c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
IsProcessorFeaturePresent
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
HeapCreate
GetStdHandle
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
HeapQueryInformation
ExitProcess
HeapReAlloc
GetConsoleCP
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
WideCharToMultiByte
GetCommandLineA
SetStdHandle
GetTimeZoneInformation
ExitThread
GetFileType
PeekNamedPipe
GetFileInformationByHandle
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetNumberFormatA
GetWindowsDirectoryA
FindResourceExW
GetACP
GetOEMCP
GetCPInfo
VirtualProtect
GetTempPathA
SearchPathA
SetHandleCount
GetStringTypeW
VirtualQuery
GetProfileIntA
GetTickCount
GetCurrentDirectoryA
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GetDiskFreeSpaceA
GetTempFileNameA
ReplaceFileA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
GetModuleHandleW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
lstrcmpW
LoadLibraryW
GetCurrentProcessId
GetModuleFileNameW
ReleaseActCtx
LCMapStringW
CreateActCtxW
FindResourceA
InitializeCriticalSectionAndSpinCount
GlobalReAlloc
InterlockedExchange
FreeResource
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
UnlockFile
LockFile
ReadFile
ActivateActCtx
DeactivateActCtx
lstrcmpiA
GetThreadLocale
GetStringTypeExA
ReleaseMutex
CreateMutexA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
FindFirstFileA
FindNextFileA
FindClose
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrcmpA
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
FlushFileBuffers
TerminateProcess
FormatMessageA
GetSystemTimeAsFileTime
GetCurrentProcess
SetEndOfFile
GetVersion
SuspendThread
lstrlenA
WriteFile
SetFilePointer
GetLocalTime
CreateFileA
GetSystemInfo
CloseHandle
CreateIoCompletionPort
WaitForMultipleObjects
PostQueuedCompletionStatus
SetEvent
CreateEventA
GetQueuedCompletionStatus
WaitForSingleObject
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
DeleteCriticalSection
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CopyFileA
VirtualAlloc
VirtualFree
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
MoveFileA
CreateDirectoryA
CreateThread
GetLastError
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
GetDriveTypeW

user32

DrawMenuBar
DefMDIChildProcA
DefFrameProcA
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyIcon
FrameRect
SetCursorPos
SetClassLongA
GetMenuDefaultItem
RegisterClipboardFormatA
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyAcceleratorTableA
WaitMessage
IsClipboardFormatAvailable
RealChildWindowFromPoint
ShowOwnedPopups
GetMessageA
TranslateMessage
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WinHelpA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetRect
DrawIconEx
GetSysColorBrush
DrawFocusRect
DrawEdge
GetSysColor
TranslateMDISysAccel
GetLastActivePopup
MessageBoxA
CharUpperBuffA
MapWindowPoints
SetParent
LockWindowUpdate
ValidateRect
BringWindowToTop
MonitorFromPoint
GetMonitorInfoA
CreatePopupMenu
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
SystemParametersInfoA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
FillRect
DrawStateA
CopyImage
GetIconInfo
DestroyIcon
DestroyMenu
IsMenu
GetClassLongA
GetWindowLongA
GetMenuItemInfoA
DrawFrameControl
IsRectEmpty
RegisterWindowMessageA
SetFocus
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
IsIconic
IsZoomed
GetAsyncKeyState
SetCursor
MessageBeep
ReleaseCapture
LoadCursorA
LoadCursorW
WindowFromPoint
SetCapture
KillTimer
ScreenToClient
DeleteMenu
BeginDeferWindowPos
EndDeferWindowPos
IsChild
EqualRect
IntersectRect
OffsetRect
InflateRect
SetRectEmpty
PtInRect
DestroyAcceleratorTable
PostThreadMessageA
EnumChildWindows
GetUpdateRect
SubtractRect
UnregisterClassA
MapDialogRect
GetNextDlgGroupItem
DestroyCursor
GetDoubleClickTime
CreateMenu
DrawIcon
GetWindowRgn
IsCharLowerA
DestroyWindow
NotifyWinEvent
GetKeyState
GetTopWindow
GetCapture
IsWindowVisible
SetWindowRgn
PostMessageA
MapVirtualKeyA
GetKeyNameTextA
HideCaret
InvertRect
GetWindowThreadProcessId
MapVirtualKeyExA
ReleaseDC
GetDC
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
CheckMenuItem
CharUpperA
GetSystemMetrics
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemCount
RemoveMenu
ClientToScreen
SetTimer
GetMenuItemID
TrackPopupMenu
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
GetSubMenu
LoadMenuW
LoadIconW
LoadIconA
IsWindow
GetWindow
UpdateWindow
InvalidateRect
GetWindowRect
EnableWindow
GetClientRect
EnableMenuItem
GetSystemMenu
RedrawWindow
LoadImageA
wsprintfA
SendMessageA
SetLastErrorEx
GetClassInfoA

gdi32

ExtSelectClipRgn
GetObjectType
SetRectRgn
DPtoLP
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
ExtFloodFill
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetWindowOrgEx
ScaleWindowExtEx
PtInRegion
SetWindowExtEx
FrameRgn
GetBoundsRect
GetViewportOrgEx
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceA
SetPixelV
SetPolyFillMode
SetBkMode
RestoreDC
LPtoDP
SetROP2
SaveDC
SetTextColor
CreateFontIndirectA
RoundRect
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
FillRgn
GetDeviceCaps
Rectangle
CreatePatternBrush
ExtTextOutA
Polygon
Ellipse
Polyline
GetTextColor
GetBkColor
CreatePolygonRgn
CreateEllipticRgn
CreateHatchBrush
CreateSolidBrush
CreateDIBSection
SetPixel
GetPixel
StretchBlt
CombineRgn
CreateRectRgn
GetStockObject
SelectPalette
RealizePalette
GetDIBits
SetBkColor
BitBlt
SetDIBColorTable
DeleteDC
GetObjectA
DeleteObject
GetTextMetricsA
GetTextExtentPoint32A
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateRoundRectRgn
CreatePen
PatBlt
CreateRectRgnIndirect
CreateBitmap
CreateDCA
CopyMetaFileA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptSetKeyParam
CryptDecrypt
RegEnumValueA
RegEnumKeyExA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
CryptDestroyKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetFileInfoA
SHAppBarMessage
DragFinish
DragQueryFileA
ShellExecuteA
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecW

ole32

StringFromCLSID
OleTranslateAccelerator
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
CoCreateGuid
CoCreateInstance
OleLockRunning
CoUninitialize
CoInitialize
DoDragDrop
CoInitializeEx
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleGetClipboard
CoTaskMemFree

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipFree
GdipAlloc

ws2_32

WSACleanup
setsockopt
accept
ioctlsocket
shutdown
recvfrom
select
recv
inet_ntop
inet_pton
send
WSARecv
WSAIoctl
listen
bind
WSASocketA
WSAStartup
inet_ntoa
ntohs
WSACloseEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAEventSelect
inet_addr
htons
freeaddrinfo
WSAGetLastError
connect
getaddrinfo
socket
closesocket
WSACreateEvent

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11c59fa722acfef563e450b2f667f3c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

ws2_32

imm32

oleacc

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 333KB - Virtual size: 333KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 333KB - Virtual size: 333KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 180KB - Virtual size: 180KB