cab60e2106ce9f89e5ec0c8c82e01173f28ff054bd43a34e36f91f1ff29f9921

Sharing

Copy URL

Twitter E-mail

General

Target

cab60e2106ce9f89e5ec0c8c82e01173f28ff054bd43a34e36f91f1ff29f9921
Size

3.8MB
MD5

5d5d0d5d7a2471e5f8b85d6fac540550
SHA1

7d83a96a1ff3ef32db83bc582c99a2e80abba3d4
SHA256

cab60e2106ce9f89e5ec0c8c82e01173f28ff054bd43a34e36f91f1ff29f9921
SHA512

e00baec3a5b57648799bb7ae20f580ef1368afb03a56c78dc9a96a333468695008d6e078bdf717c11f2ca5a735df53ef6787d52b122e506ecdbd19c56fbfb7a7
SSDEEP

98304:erllI/JGouBHXx+A0BDBilCoxk0vcUFLOAkGkzdnEVomFHKnPGF:ePI/JyN5xk0vcUFLOyomFHKnPGF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cab60e2106ce9f89e5ec0c8c82e01173f28ff054bd43a34e36f91f1ff29f9921

Files

cab60e2106ce9f89e5ec0c8c82e01173f28ff054bd43a34e36f91f1ff29f9921
.exe windows x86

0cd54199edc91707ca022c7d1fde90fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htons
inet_pton
closesocket
WSAStartup
send
socket
connect
recv

kernel32

TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
SwitchToThread
GetUserDefaultLCID
GetTempFileNameW
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
SearchPathW
GetProfileIntW
SetUnhandledExceptionFilter
FindResourceExW
GetTempPathW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
SetStdHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
LCMapStringW
DeleteFileW
GetFileSize
GetFileAttributesW
CreateFileW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnhandledExceptionFilter
GetCPInfo
GetTickCount
GetStringTypeW
OutputDebugStringW
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
FileTimeToSystemTime
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
WritePrivateProfileStringW
lstrcmpA
GetCommandLineA
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
GetVersionExW
GetCurrentThread
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
GetCurrentProcessId
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetThreadLocale
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
GetPrivateProfileIntW
GetCommandLineW
GetCurrentDirectoryW
FindResourceW
LoadResource
LockResource
GetPrivateProfileStringW
SizeofResource
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
WideCharToMultiByte
GetLastError
MultiByteToWideChar
FindClose
FindNextFileW
FindFirstFileW
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetFileType
GetStdHandle
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GetSystemTimeAsFileTime

user32

InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
SubtractRect
GetKeyNameTextW
RegisterClipboardFormatW
CreateAcceleratorTableW
LoadAcceleratorsW
MapVirtualKeyW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetNextDlgGroupItem
UpdateLayeredWindow
WaitMessage
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
UnionRect
SetCursorPos
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
LoadMenuW
KillTimer
SetTimer
CharUpperW
IsZoomed
TrackMouseEvent
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
ReleaseCapture
SetCapture
GetAsyncKeyState
CopyImage
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
InvalidateRect
EnumDisplayMonitors
SystemParametersInfoW
LoadCursorW
SetRectEmpty
SetLayeredWindowAttributes
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
MapDialogRect
SetWindowContextHelpId
ClientToScreen
GetDesktopWindow
GetNextDlgTabItem
UnpackDDElParam
CreateDialogIndirectParamW
SetCursor
ShowOwnedPopups
PostQuitMessage
DrawIconEx
IsRectEmpty
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawStateW
DrawFrameControl
DrawEdge
GetActiveWindow
TranslateMessage
GetMessageW
GetWindowThreadProcessId
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
OffsetRect
CharNextW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetParent
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
ReuseDDElParam
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetWindowRgn
SetScrollPos
ScrollWindow
DestroyCursor
InvertRect
HideCaret
CreateMenu
GetComboBoxInfo
EndDialog
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetSystemMenu
PostMessageW
GetWindowRect
SendMessageW
GetSystemMetrics
DrawIcon
BringWindowToTop
LoadIconW
GetClientRect
AppendMenuW
SetForegroundWindow
IsIconic
GetCursorPos
EnableWindow
UnregisterClassW
RealChildWindowFromPoint

gdi32

MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
GetMapMode
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
SelectObject
ExtSelectClipRgn
SelectClipRgn
SelectPalette
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetTextColor
SetBkColor
RoundRect
DeleteDC
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateCompatibleDC
BitBlt
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
CreateDCW
CopyMetaFileW
CreateBitmap
GetTextColor
GetStockObject
GetDeviceCaps
GetBkColor
GetObjectW
SetBkMode

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileW
ShellExecuteW
SHGetFileInfoW
CommandLineToArgvW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW
PathFindFileNameW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
OpenThemeData
CloseThemeData
GetWindowTheme
DrawThemeText
IsAppThemed
DrawThemeParentBackground
GetCurrentThemeName
GetThemeColor
DrawThemeBackground

ole32

CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleGetClipboard
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoTaskMemAlloc
CoCreateInstance
CoInitialize
RevokeDragDrop
OleLockRunning
CoInitializeEx
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
CoTaskMemFree

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
VariantChangeType
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
SysFreeString
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDeleteGraphics

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cd54199edc91707ca022c7d1fde90fc

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 431KB - Virtual size: 430KB

.data Size: 25KB - Virtual size: 52KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 150KB - Virtual size: 150KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 431KB - Virtual size: 430KB

.data
Size: 25KB - Virtual size: 52KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 150KB - Virtual size: 150KB