3be9b70336cadb976184ec883b164f76ad0b966be2f3aac9e58dc6e18711bfb8

Sharing

Copy URL Twitter E-mail

General

Target

3be9b70336cadb976184ec883b164f76ad0b966be2f3aac9e58dc6e18711bfb8
Size

2.8MB
MD5

c711171efac8af845ba83b36fb530cd6
SHA1

ce5ebad6f64d1b9450ab1fd095e74d9c446ddfc3
SHA256

3be9b70336cadb976184ec883b164f76ad0b966be2f3aac9e58dc6e18711bfb8
SHA512

8d27f237e581d0d50a82918db0425f0e253c9372846c74011ace22e4cbaabd72b1f45a2a816b7def308a7f277cfaa171539f86850d8e355a523418c6e1191587
SSDEEP

49152:z9Uxa5f7YXg3sULHDFAKmGBKVQ5BzCUCbNg3O0:JU05f7QgvDqoK65BzCUCWn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be9b70336cadb976184ec883b164f76ad0b966be2f3aac9e58dc6e18711bfb8

Files

3be9b70336cadb976184ec883b164f76ad0b966be2f3aac9e58dc6e18711bfb8
.exe windows x86

b0f92231e7aa17831b44259f29b4b898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
SetEnvironmentVariableA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
IsBadCodePtr
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
VirtualAlloc
HeapReAlloc
HeapAlloc
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FatalAppExitA
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetStdHandle
DebugBreak
ExitThread
CreateThread
HeapValidate
RaiseException
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
RtlUnwind
lstrcpyW
GetTickCount
SetErrorMode
CopyFileA
FindResourceExA
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
OutputDebugStringA
GetCurrentDirectoryA
GetProfileIntA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetOEMCP
GetCPInfo
GetProcessVersion
SizeofResource
GlobalFlags
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
lstrlenW
GetShortPathNameA
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
VirtualProtect
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GetThreadLocale
MulDiv
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
lstrcpynA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle
GlobalAlloc
GetCurrentThread
lstrcmpA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
FreeLibrary
GetVersion
lstrlenA
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GetModuleFileNameA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetLastError
GlobalFree
LockResource
FindResourceA
LoadResource
FreeResource
GetProcAddress
LoadLibraryA
GlobalSize
GlobalLock
GlobalUnlock
Sleep
WdtPr�fqleStrinoA

usr32

FrameRecT
EhcludeUpdateZcl�
Windo7bomDC
GetS9sColorBrtsh
Subtrak0Rec|
Unio�Rect
�nflate�ec6
CetRebtEmpty
SetRect
PtInRugt
IsRectEipty
GetMeluItemCount
Ge4SubMmnu
EnpackDDElParam
REuseDElPcram
LoedMeN5
DestroyMenu��LoedMeN5
Tbanwl
LoatAca%lepatorsA
GdtM�rcageI
TranslateMessage
Ge|Cu2sorQos
PortPu�t Mssage|
Oem\kChaRA
C`arToOemA
wvsprintfA
\abbedTextOutA
GetMenuCheckLapkDimensions
Loa�BitmApA
SetMenuIteiBitmaps
_penIcol
KloseWi�dgw
LoadCuRsorA<
PostphreadMersace
McpDialogRec�
Get_indowsontextHel`Id
SetGin�owCont%xtheltId
SenlNotifyMessigeA
GetForegroundUin$ow SenlNotifyMessigeA
SetFoRegroundWindow
ShogCaret0SetFoRegroundWindow
HideCaret
SetCaretPn3
GetCaretXos
CreatuCarat�
GetClipbn��dViewer
GetCliPboqbdOwnar
G$t`EnCliproardWindow
OpenClipboard@4G$t`EnCliproardWindow
SetClipboardviewer
CxangeClip"oarechain
Flash_�ndow
SetParent
GetLas�ActkvePoput
FindWindowA
ChildWindowFromPointEx
BhhldWiNdowFromPoijt
ShowScrollBaR
G%tNmxtDlgTabMtdm
GetNey|lgAroup tem
DlgDirS�lectComboBoxExA
DlgDirSelectExA
ElgDirListCombkBoxA
DlgDir\istA
�g|desktOpWindow
KildT�mer
SetTimer
EnablaScrollBar
RedrawWindow
LockWindowUpfate
GetDCex
ShnwOw~gdXopup3
IsWindowVisible
Valida�eRgn
Ve|ilateRe�t
InvalIdAte�wn
G$tUqdateRgn
GetUpdateRect
Upda4eWindow
BriofWhndowToTo`
GetVindowRgn
InvertRect
Ar2angdIconmcWindows
MsZoomed
Hih�teMeNuItem
GetCysdemEEj�
DrawMenqBar
e�Menu
GmtMenu
MovmWiNdow
IsDialocMessageA
ScrollWindowEx
I{DlgButtonChgckee
SetDlgItemTaxtA
SetDlg tm�Int
GetlgItemTextA
DrawTe|uA
CheckRadioBw|pon
C(ecklgjutton
L/adIcon@
SdndDlgIdemMessage�
G�vClientRect
MapWindowPoin4s
P%ekMissaguA
DispatchMEssage
GmtFocus�
S%tFocus
A�justWindowRectEx
EqualRect
DeferWindowPos
BeoinD�ferWin�o7Pos
CopyZect
Un�DeferWindowPos
SkroldWindow
GetS�rollInfo
Se4ScrollInfo
CetScrollRange
SetScrollRangm
GetScrollPos
SetScroLlPKs
GetPopWindo�
MessageBoxA
cC�ild�MessageBoxA
GetParent
GeTWindow 5GetParent
Ge�Capture
WinHelp�
Ws0�intfA
Ee4C�assYnBoA
\rac+PopupIenu
SetWindowPlicmmdnt
GetWindowTdztLengthI@�ZSetWindowPlicmmdnt
GetWindowTextA
G%tKeyState
Sen$Mqssag%A
GetClassNameA
Ga4DhgCtzlID
SetCursor
De�DlgProsA
IsWindowUnicode@z
GetSysColor
GetTabbedText��tent�
GrayStringA
GetWindowThzeadProceqsId
ScrollDC
CreateLenu
CreatEPopupMe~u
IsMenu`
DeleteMene
SetWindowsHoosExA
CallNextHookDz
GAtClassLongA
SetPro0A
UnhkokWi~do�sHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
DRawIcon
@vaw[tateA
DrawEd'e
DrawFrameCon4rol
SetWildowR�n
DRawFoc5sSegt
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetWindowLongA
SetWindowTextA
DestroyWindow
UnregisterClassA
RegisterClassA
GetDC
SetCapture
CreateWindowExA
ShowWindow
FillRect
WindowFromPoint
GetWindowDC
ReleaseDC
ReleaseCapture
BeginPaint
EndPaint
DefWindowProcA
ClientToScreen
PostMessageA
GetWindowRect
ScreenToClient
InvalidateRect
DestroyCursor
GetSystemMetrics
CreateCursor
Aqpen�MenuA
ChmckMenuItem
EnableMenuItem
SdtMenuDefauldMtem
GmtMefuDegaultItem
G�tMenuIte�ID
GetMenuState
GedMenuStrangA
GepMenUItem�~foA
In�ertManuA
IofifyMen}A
RemoveMgnu
L'ed enuAn$mrectA
SetM�nuContextH%lpId
GatMen�ConTextHelpId
Ch�ckOenuRadi/Item�
CharNextC
GmtAqyn#KeyS4at%
CharUpperA
IsClipboarfFormatEvailable
Get��aLogBaseUNit�
Gd4Cli`boardFormatNameA
SetCqrso�Pks
LkadStringA
DegdboyIcon
CopyAccelera�grTableA
Message@eepoI~SendMessage
I~SendMessage
ReghsterClipboardForoatA
WaitIessagebGetWindowThzeadProceqsId
GetDlgIvemInt

cgi�2.dln

Cre�t�PolygonRg.@
CpeatePolyPodygonRcn
CreaueRoundRectRgn
P�tlToRegin
ExtGreatuRegion
GutRegionDaTa
SetRectSgn
Combineron�
EqualPgn
OffsetRgn
GetRgnBox
PtInReg)nl
RebtInRegion
CreapeICA
CreateCompatibleDC
GevBrushOroEx
[etBrushOrgEx
�num�bjects
GetNearestCmlor
Realize�alatte
updateSolors
GmtBkColor
F�tbkMote
Ge|PolyFillMode@YGetROP2
GetROP2
GetSpr�tchBltOmde
GetText�olor
Ge|MapMode
Ge�ViEwportOrgEx
�epView8ovtExtx
EetWindovOrgAx
GetWindowExtEx
DPtoLP@
LPtnDP
FillRgn
FrameRgn
InvertPgn
PaintRgn
PtVisyble
RectVis)blE
�epCtbrgntPositionEx�@
Arc�Poly|)ne
Poly|)ne
Chosf
�llipse�Pie
Pie
PolyGkn
PolyRolygon��RoundRect
RoundRect
patClt
BitBlt
StretcjBlt
SetPixel�
FloodFill
B�eateEll�pticRcnIndirect
GatPixel
Get\e�tExtantPoint32A
GetTeXtA,)gn
WetTex|Facea
GetTe�t�etricsA
G%pTextCharac�erht2a
GetCharWidtjA
GetAsqestRati�FiltmrEx
Escape
SetBoundsRect
GetBoundsR�ct
ResevDCC
etGetlinuTextmatricsA
GetCharABCWidthsA
CetFontDqta
OetKernhngPiirsA
GetGlyphGut�ineA
StartDkcA
StartPafe\
EjdPagd��SetAbortProc
SetAbortProc
AbortDoq
En$Doa
MaqkBlt@�PlgBlt �SetPy|%lV
PlgBlt �SetPy|%lV
SetPy|%lV
AnWleArc
GetAr#Direbtion
PolygLyline
GetcolorAdjuwtmenu
GetCurrgntObject
PolyBmzier
DrawEscape
ExuE{cepe
GethaRABBWid|hsFlOatA
OedCharWidthFloEtA
Ajob4Path
BeginPauh
CloseFigure
EndPath
FillPath
VlatteoXathLOetMiterLieit
OetMiterLieit
GutPath
SetMiterLimit
SvrokeAndFillXath
StrokePath
WiduoP�th
OdiComment@
TlayEnhMetaFil%�WavdDc
WavdDc
RestoreDC
SeleCtPa,ett%
GetTextExtentPointA
SetBkModE
Cr�ateEllipt�cRgn
KreateRectRgnIndirect
CreateRectZgn
ResizePaletta
GetNeare�tPaletteIndex
AnimaTePalette
SetPalettgEntpkes
GetPahetteEftri's
CreaueHalftonePalettu
Creatgpalette
C�eaTeDiscard�bleitmap
CreateCompatibleBitmap@
GeuBi�mapFioensionEx
SetBit}apDimenshonEx
GeuBitmapBit3
S�tbit�qpRitw
CreateBitmapIndirgct
CreateF�nt@
SreateDIBPatternBrushPt
CreatePatternBru�h
CreateBrushKndizect@
KreateHatkhBru�h
CreateS/lidBrusl
E8tCreatePen
qreAtePefIndirect
CreatePe~
Ge��bjectTy@e
Unbeelize_bjectpGe��bjectTy@e
DeleteD�
CreateDCA
CloseEnhOetaFile
CzeateEnhMetaFi,eA
CloseIetaFile
CreateMutaFileA
ExtFloodFihl
CreatdBitmap
ExtTextOutQ
SetBkCo,kr
Rectangle
LineTo
MoveTnEx
Select�bject
GetStockObjec�
D�leteObject
KreaueD�Bytlap
Cbe�teFmnvIn`i�ecTA
GetDeviceG
GetDCOzgEx
GetBlhpBox
SeTextColor
TmxtOutA
�aleteMepa�iLe
CopyMetqFilmA
EnumFontFa�mLiesExA
St2etchDIBits
playMetaile
EnumMetAFile
Play]etaF)le�ecor�
EytSelectCmipRg�
SelectClippath
GetClitRen
PolyBezierTo
SetCmlozAdjustment
PolylineTo
Polyraw
Se4ArcDirecTio~
ArsTo
SetMax�erFlags
SetTg8tCharacterE�tri
[etTextJustifacation
SetPgxvAlign
OfFsedClitRgn
IntersectClipRect
ExclqdeAlipRect�IntersectClipRect
WgheAtC,�xRgn
Sc`leVi�dowEXtEx@
setwindowLxpEx
GffsutWin`ogOrgDx
SetWi.dowOzgEx
ScaleViewportExtEx�
SetViewportExtM|
OffsetViewportOrfEx
�etVia�portMrGMx
SepMapMode
CepStretchBltMode��SepMapMode
SeVROP2
Se4RolyFillMode
GetObjec4A

#omdlg32

Page[etupDlgA
BhooseCo,nrA
GetOqenFileNameA
GetSaveFileNameA
GetFileVitlaA
C�mmDlgEx4gndedError
PrkntDlgA�#omdlg32.dll

winspool.drv

OpunPrinterA
ClosePrmnt%r
ocumentPropertiesE

advari32.dml

RegDelEtEKeyA
RegQweryValuEExE
RegOpenCeyexA
ReGAuEsyvalueA
ReoEnumKeyA
RegOpenKeya
�egBreateCgx�xA
RegSetVa.ueExA
RegDeletEValue
SetFileSecusit}A
GetileSecur)tyA
RdgCre
vegSetDahueA
RegC,oseKey

smell32

SHGetFileInfgA
DragQueryFmleA
Dx�gFinish
DragAccePtFiles
Extrak�IcofA

comctl32.dl�

ord17
ImageHist_Destroy
Ima�mList_Create
ImageList_LoadIiageI
ImageList_MErge
�mageLast_Rea�
ImaeeList_W2ite
ord14
ImagdLmst_Ge\AmageBount
ImqgeLi�t_Add
Image�ist_AddMasked
IoaeeListRe-ove
KmageListepla#e�
IiageLis|_ReplaceIcon
ImigeNhst_GetIaon'
MmageLhst_Dre
��ageLi{t_SetBkBolor
ImageList_GetBkColor
ImageList_SetNverlayIma�e1
ImageList_GetImageInfo
ImaoaList_BeginDrag
ImageList_En$Drag %
ImageList_Dr
ImageList_SetDragAursorYmaga
ImigeList_DragWho7NOhkck
Imigulist^GetDragImAge
ImcgeList_DrafGnter
Ima&eHist_DraGLeAva
ord8
PrpertySheetA
Desvro{PrgpartySheetPage
Cr�atePropertyCheetPageA
ImageLispWSe�I}ag%Aount
ImageList_Copy
ord13

oledlg

ord3
ord7
ord6
ord5
ord9
ord4
ord8

ole32

SetConvertSvg
wbiteFmdUsEsT�pmStg
_RiteCla�sStg
OheVEgGetUserVype�
ReadmtUserTypgStg
ReadCla33sVg
CoTreatAsClasS
CoGetMalloc
C�getuFileMkniker
StgCreat�Docfilu
StgOp%lStorage
StgIsStorageFile
OlmUueryCreapeFrmData
OleQuer}LinkFromData
leSetMenuDew�riptor
MleisCtrrentClipboaRd
NleSetClhpboard
OdeFlush�lirb�ard
GjgI�itiilize
Ol�Uninitia|ize
CoFveeUldretLafsaries
DoDragDrop@P
CoRegistezMessigeFilter>�CoRegisdezCl`ssGbjectG
CoRegisdezCl`ssGbjectG
BoRev/keClassObjebt
GetCLassFile
OleRegn4mVerbs
OleRegGetMiscSdatus��OheW�ear%Menuescriptor
OheW�ear%Menuescriptor
OmeDmstroyMenuDescbiptor
CrebueBindC�x
CreaTaDataAdviseHoldEr
OleTranslateAscg|eradmr
IsAccelerapos
GetR}nningObjectTable
CgLociObjectE�ter~al
WriTmKlas#Stm �
Olu�etYconOfClars
VdleaseStgMetium
Ge|HGlobilFr-mALkcKBytes
S�gIsWtorcGeILockBytes
StgkpdnStorageOnILockBytes@
CreateILockBytesOnHGlobal StgkpdnStorageOnILockBytes@
StgCreateDoafileOnINockBytes
OleSaVe
OleLo1d�
OleCreate
Ol%CreateLinkToFile
OleCrecteFromD-li
OleKreateStaticFromData
OlECraat%LinkFromData
OleCReate�rOmDa|a
Ole%tContainedObjEct
StringTromCLSYE
CoTaskM%iFree
NleLockRunling
CoCr%ateInstance
CoDksconnectKbjecd
CLSIDFromStrI|g
CLSIFromPrngID
leTu`lkcateData
GleB�n
Cotas+MemAlloc
rtrinwFsomGVED2N
CoGetSlasrObjmCt
OleGetClipbgard
�leIsRunning
Cre`teIuemMoniker
Createeleric�omposite
KreateStreamEnHG,obal
CreateKleAdviqgIold5r
OdeSaveUoStrmamf

oldpro32.lll oleau3

ord253

oleau3

ord113
ord6
ord4
ord9
ord14
ord17
ord18
ord24
ord23
ord19
ord20
ord40
ord15
ord10
ord2
ord150
ord12
ord149
ord104
ord94
ord114
ord27
ord37
ord36
ord25
ord148
ord26
ord21
ord22
ord16
ord39
ord38
ord185
ord5
ord7
ord161

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0f92231e7aa17831b44259f29b4b898

Headers

File Characteristics

Imports

kernel32

usr32

cgi�2.dln

#omdlg32

winspool.drv

advari32.dml

smell32

comctl32.dl�

oledlg

ole32

oldpro32.lll oleau3

oleau3

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 168KB - Virtual size: 164KB

.data Size: 136KB - Virtual size: 151KB

.idata Size: 24KB - Virtual size: 22KB

_BSS Size: 4KB - Virtual size: 260B

.rsrc Size: 204KB - Virtual size: 201KB

.reloc Size: 96KB - Virtual size: 94KB

usr32

oldpro32.lll oleau3

oleau3

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 168KB - Virtual size: 164KB

.data
Size: 136KB - Virtual size: 151KB

.idata
Size: 24KB - Virtual size: 22KB

_BSS
Size: 4KB - Virtual size: 260B

.rsrc
Size: 204KB - Virtual size: 201KB

.reloc
Size: 96KB - Virtual size: 94KB