10761d6cddb6ad8ab2930b038343d74f963d2429e228cdaf6f1a98dc225ada88

Sharing

Copy URL Twitter E-mail

General

Target

10761d6cddb6ad8ab2930b038343d74f963d2429e228cdaf6f1a98dc225ada88
Size

4.1MB
MD5

c3a19c65ce4b84be03c95493f273eb3b
SHA1

ef853ab8309a3c72757e5c77f1a08112cf5345fa
SHA256

10761d6cddb6ad8ab2930b038343d74f963d2429e228cdaf6f1a98dc225ada88
SHA512

0225953467e5e8f4bef7c3d1b18c434e0e2c97d6aab7c7d59fce8fdeb77251cc1812f726fa09b40d2ac5ede58468042cb86d991d95e97b4737274534c04ead97
SSDEEP

49152:CIlLu6FArp1jfSMnHhFhQIQvCEfhOgJ5AZTj65+VJWkJd5mflkW:PifSAQD5+fWAd52l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10761d6cddb6ad8ab2930b038343d74f963d2429e228cdaf6f1a98dc225ada88

Files

10761d6cddb6ad8ab2930b038343d74f963d2429e228cdaf6f1a98dc225ada88
.exe windows x86

480b33a34b3a263172a0bbc527d39cc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
InitializeCriticalSectionEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
SetEnvironmentVariableA
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
LCMapStringEx
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
lstrlenA
HeapAlloc
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
QueryPerformanceCounter
InitOnceExecuteOnce
GetProcessHeap
GetTimeZoneInformation
GetCurrentDirectoryW
IsValidCodePage
GetStartupInfoW
TerminateProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
SetStdHandle
WriteConsoleW
OutputDebugStringW
GetFileType
GetStdHandle
GetSystemTimeAsFileTime
ExitThread
CreateThread
VirtualQuery
SetThreadStackGuarantee
RtlUnwind
RaiseException
GetSystemInfo
HeapValidate
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
GetDriveTypeW
AreFileApisANSI
DecodePointer
EncodePointer
GetModuleHandleExW
Sleep
GetTickCount
SearchPathA
GetWindowsDirectoryA
GetTempFileNameA
GetTempPathA
GetUserDefaultUILanguage
FindResourceExW
GetCPInfo
GetOEMCP
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
GlobalFlags
GetACP
VerifyVersionInfoA
VerSetConditionMask
VirtualProtect
GetProfileIntA
FileTimeToSystemTime
InterlockedIncrement
GetAtomNameA
SetErrorMode
LocalReAlloc
OpenEventW
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
DeleteFileA
CreateFileA
WaitForSingleObject
SetEvent
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLocaleInfoEx
GetThreadPreferredUILanguages
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
RegisterApplicationRestart
RegisterApplicationRecoveryCallback
lstrcmpA
GetVersionExA
GetCurrentThread
InterlockedExchange
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
ResumeThread
SetThreadPriority
GetCurrentThreadId
FindResourceA
FreeResource
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetVersion
OutputDebugStringA
GetFileAttributesW
GetCurrentProcessId
GetLastError
MultiByteToWideChar
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FreeLibrary
SetLastError
ExitProcess
FindClose
FindNextFileA
FindFirstFileA
GetEnvironmentVariableA
GlobalMemoryStatusEx
InterlockedDecrement
CopyFileA
GetModuleFileNameA
OpenProcess
LoadLibraryA
GetProcAddress
WideCharToMultiByte
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
VirtualAlloc
lstrcpyA
FindResourceW
LoadResource
LockResource
SizeofResource
LocalAlloc

user32

SetScrollInfo
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
GetSysColor
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ScrollWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetFocus
NotifyWinEvent
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
GetWindow
GetTopWindow
SetParent
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
HideCaret
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
SetCapture
GetCapture
GetFocus
GetScrollInfo
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetCursorPos
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetClassNameA
MapDialogRect
IsWindow
LoadBitmapW
InvertRect
FrameRect
FillRect
DrawFocusRect
GetSysColorBrush
TabbedTextOutA
DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
CheckDlgButton
ChangeWindowMessageFilter
CloseClipboard
GetSystemMetrics
DispatchMessageA
PeekMessageA
InsertMenuItemA
SetMenuItemBitmaps
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendDlgItemMessageA
SetWindowTextA
IsDialogMessageA
PostQuitMessage
GetMessageA
TranslateMessage
SetCursor
CharUpperA
ReleaseCapture
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
DestroyIcon
LoadImageA
SendMessageA
RemoveMenu
WinHelpA
MonitorFromWindow
GetMonitorInfoA
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
OpenClipboard
SubtractRect
UnionRect
IntersectRect
InflateRect
SetRect
PostMessageA
WaitMessage
SetTimer
KillTimer
IsMenu
GetMenuStringA
SetClassLongA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
SetClipboardData
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CharUpperBuffA
OffsetRect
IsRectEmpty
CopyIcon
GetDoubleClickTime
GetIconInfo
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
DestroyCursor
GetComboBoxInfo
PtInRect
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
DrawIconEx
UnregisterClassA
CopyAcceleratorTableA
CharNextA
LoadAcceleratorsW
GetClipboardFormatNameA
CopyImage
MonitorFromPoint
UpdateLayeredWindow
MessageBeep
TrackMouseEvent
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
GetAsyncKeyState
SetRectEmpty
SystemParametersInfoA
MapVirtualKeyA
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam

gdi32

CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetMapMode
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsA
CreatePatternBrush
GetObjectA
TextOutA
ExtTextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
DeleteObject
SetBkColor
SetTextColor
DeleteDC
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBSection
EnumFontFamiliesExA
SetDIBColorTable
GetSystemPaletteEntries
CreatePen
CreatePalette
CreateHatchBrush
CreateFontIndirectA
CreateEllipticRgn
CreateCompatibleDC
CreateBitmap
CombineRgn
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetLengthSid
OpenProcessToken
SetThreadToken
OpenThreadToken
RevertToSelf

shell32

SHGetKnownFolderPath
SHCreateItemFromParsingName
DragFinish
DragQueryFileA
SHGetFileInfoA
ShellExecuteA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHAppBarMessage
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

EndBufferedPaint
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
BeginBufferedPaint
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit

dwmapi

DwmDefWindowProc
DwmSetWindowAttribute
DwmIsCompositionEnabled

ole32

OleUninitialize
OleLockRunning
CoCreateInstance
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoInitialize
StringFromGUID2
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleInitialize
CoInitializeSecurity
CoInitializeEx
CoRegisterMessageFilter
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
SysStringLen
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
SysAllocString
VariantClear
VariantInit

oledlg

ord8

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc

ws2_32

inet_addr
htonl
inet_ntoa
WSAStartup
socket
WSAAsyncSelect
WSAGetLastError
WSASetLastError
gethostbyname
sendto
select
recvfrom
bind
accept
WSACleanup
closesocket
recv
send
connect
htons
ntohl

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 578KB - Virtual size: 577KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

480b33a34b3a263172a0bbc527d39cc2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 504KB - Virtual size: 504KB

.data Size: 25KB - Virtual size: 56KB

.rsrc Size: 18KB - Virtual size: 20KB

.reloc Size: 578KB - Virtual size: 577KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 504KB - Virtual size: 504KB

.data
Size: 25KB - Virtual size: 56KB

.rsrc
Size: 18KB - Virtual size: 20KB

.reloc
Size: 578KB - Virtual size: 577KB