309a6ae543f9457c29ed6d4f083e5120853b22d224814ce7c588c150a23df144

Sharing

Copy URL Twitter E-mail

General

Target

309a6ae543f9457c29ed6d4f083e5120853b22d224814ce7c588c150a23df144
Size

1.8MB
MD5

86c2b0ebf20546d840c3ec20aec0230a
SHA1

7e2828ac158864d35a85e7e0e921f6c43446a851
SHA256

309a6ae543f9457c29ed6d4f083e5120853b22d224814ce7c588c150a23df144
SHA512

9ec7422d5a061d46940f53b18d168cc9dc46a39b623c8d85dfb86343548d4b21ead77c2e704e7224f54774b9fac54489437777ed01966692586e3028b0602a7e
SSDEEP

49152:7fZq18YkeakE8syhLNljGVayUJfDDhYuFnL1TWURHUbBwqlPM:ofLNQ/KXF6bB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
309a6ae543f9457c29ed6d4f083e5120853b22d224814ce7c588c150a23df144

Files

309a6ae543f9457c29ed6d4f083e5120853b22d224814ce7c588c150a23df144
.exe windows x86

ff486d70fd74c53f27878f5c2f3f9170

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

RaiseException
CreateThread
IsDebuggerPresent
LockFile
SetEndOfFile
UnlockFile
SetFilePointerEx
FlushFileBuffers
QueryPerformanceFrequency
SystemTimeToFileTime
GetModuleHandleW
GetSystemTimeAsFileTime
QueryPerformanceCounter
FindFirstFileW
FindFirstFileExW
FindNextFileW
FindClose
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetVersionExW
GetNativeSystemInfo
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
RegisterWaitForSingleObject
UnregisterWaitEx
GetModuleHandleExW
GetUserDefaultLangID
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
LoadLibraryW
SetEvent
ResetEvent
GetSystemInfo
GetSystemDirectoryW
GetWindowsDirectoryW
CreateFileMappingA
LockFileEx
GetSystemTime
AreFileApisANSI
CreateFileA
DeviceIoControl
WideCharToMultiByte
MultiByteToWideChar
LocalFree
GetCommandLineW
CreateProcessW
ResumeThread
AssignProcessToJobObject
GetStdHandle
OpenProcess
DuplicateHandle
TerminateProcess
MapViewOfFile
CreateFileMappingW
CopyFileW
MoveFileExW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileAttributesExW
SetFileAttributesW
UnmapViewOfFile
GetThreadPriority
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetFileAttributesW
GetTempPathW
RemoveDirectoryW
GetCurrentProcess
GetVolumeInformationW
ReadFile
CreateDirectoryW
GetTickCount
FormatMessageA
GetCurrentProcessId
DeleteFileW
CreateFileW
CreateEventW
OutputDebugStringA
WriteFile
GetModuleHandleA
Sleep
OpenEventW
WaitForSingleObject
ExitProcess
CloseHandle
CreateMutexW
LoadLibraryExW
GetProcAddress
FreeLibrary
InitializeCriticalSectionAndSpinCount
SetLastError
LoadLibraryExA
FormatMessageW
WaitForSingleObjectEx
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
InitializeCriticalSection
FlushInstructionCache
GetFullPathNameW
FreeResource
LoadResource
LockResource
SizeofResource
FindResourceW
MulDiv
GetLocalTime
GetVersionExA
LoadLibraryA
GlobalAlloc
GlobalLock
GlobalUnlock
SetFilePointer
DosDateTimeToFileTime
lstrcpyA
lstrcpyW
lstrlenA
GetFileSize
GetProcessHeap
GetSystemDirectoryA
GetSystemWow64DirectoryW
GetTickCount64
GetComputerNameW
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
UnregisterWait
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
RtlUnwind
GetConsoleCP
GetConsoleMode
GetFullPathNameA
SetStdHandle
GetFileType
ExitThread
HeapReAlloc
GetACP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
WriteConsoleW
GetDriveTypeW
ReadConsoleW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
HeapSize
GetEnvironmentVariableW
GetLastError
HeapCompact
DeleteFileA
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnlockFileEx
GetDiskFreeSpaceW
GetModuleFileNameW
ExpandEnvironmentStringsW

user32

BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
GetCursorPos
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
ScreenToClient
GetClassNameW
LoadBitmapW
CreateIconFromResource
LoadImageW
GetMessageW
ClientToScreen
GetSysColor
GetSystemMetrics
MessageBoxW
IsWindowVisible
DrawTextW
SystemParametersInfoA
CharLowerBuffW
ReleaseDC
FillRect
InvertRect
DrawIconEx
OemToCharBuffW
CreateIconIndirect
wsprintfW
LoadCursorW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
MapWindowPoints
GetWindowRect
GetClientRect
GetDlgItem
SetWindowPos
CallWindowProcW
GetDC
UpdateWindow
ReleaseCapture
MonitorFromWindow
SetCapture
GetCapture
IsZoomed
IsIconic
SetLayeredWindowAttributes
TrackMouseEvent
ShowWindow
SendMessageW
DestroyWindow
PostMessageW
GetActiveWindow
PostQuitMessage
GetIconInfo
DestroyIcon
CharNextW
EqualRect
UnionRect
SetRect
SetCursor
GetKeyState
GetFocus
SetFocus
IsWindow
DestroyCursor
PtInRect
IsRectEmpty
OffsetRect
IntersectRect
InflateRect
CopyRect
KillTimer
GetMonitorInfoW
TranslateMessage
GetQueueStatus
CallMsgFilterW
MsgWaitForMultipleObjectsEx
DefWindowProcW
CreateWindowExW
UnregisterClassW
WaitMessage
RegisterClassExW
DispatchMessageW
SetTimer
PeekMessageW

advapi32

GetSidSubAuthorityCount
GetSidSubAuthority
LookupAccountNameW
GetSidIdentifierAuthority
GetUserNameW
AllocateAndInitializeSid
OpenProcessToken
FreeSid
CheckTokenMembership
GetTokenInformation
CreateProcessAsUserW
ConvertSidToStringSidW

ole32

StringFromGUID2
CoCreateGuid
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
CoUninitialize

shlwapi

StrStrIW
StrIsIntlEqualA
StrToIntExW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

msimg32

GradientFill
AlphaBlend

gdiplus

GdipDeleteGraphics
GdipGraphicsClear
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipGetImageEncodersSize
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetImageEncoders
GdipBitmapUnlockBits
GdipSaveImageToFile

gdi32

GetObjectW
StretchBlt
CreateCompatibleBitmap
SetViewportOrgEx
GetCurrentObject
GetViewportOrgEx
Arc
CombineRgn
CreateEllipticRgnIndirect
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
Ellipse
ExcludeClipRect
GetClipRgn
GetRgnBox
GetTextColor
GetTextExtentPoint32W
SetBkMode
OffsetRgn
Pie
PtInRegion
RectInRegion
RestoreDC
RoundRect
SaveDC
ExtSelectClipRgn
SetRectRgn
SetROP2
SetTextColor
GetWorldTransform
SetWorldTransform
CreateDIBSection
ExtCreatePen
Polyline
CreateDIBitmap
Rectangle
GetStockObject
GetClipBox
DeleteObject
CreateSolidBrush
CreateDCW
StretchDIBits
CreateFontIndirectW
SetGraphicsMode
GetDeviceCaps
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
EnumFontsW
CreateRoundRectRgn
BitBlt
IntersectClipRect

iphlpapi

GetAdaptersInfo

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff486d70fd74c53f27878f5c2f3f9170

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

advapi32

ole32

shlwapi

userenv

winmm

msimg32

gdiplus

gdi32

iphlpapi

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 214KB - Virtual size: 213KB

.data Size: 13KB - Virtual size: 91KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 49KB - Virtual size: 49KB

.rc Size: 203KB - Virtual size: 203KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 214KB - Virtual size: 213KB

.data
Size: 13KB - Virtual size: 91KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 49KB - Virtual size: 49KB

.rc
Size: 203KB - Virtual size: 203KB