9cc588b440fdb9d78e1dfc7411bdfaf7cf5543474f67b922f80be2e8d17fc75a

Sharing

Copy URL

Twitter E-mail

General

Target

9cc588b440fdb9d78e1dfc7411bdfaf7cf5543474f67b922f80be2e8d17fc75a
Size

3.1MB
MD5

caa200064cfcf68b93ee82b4df42abd8
SHA1

4d5a45fc57cd889c1c5d84712a33e27fc6545505
SHA256

9cc588b440fdb9d78e1dfc7411bdfaf7cf5543474f67b922f80be2e8d17fc75a
SHA512

bc8342675961e29e0bcbc24f9c3cb744147a102368ec64456bdaca2ce69a61c89742579574028632930dc840ae10ae98e1adc7f2139acd5cd56379e7225f4285
SSDEEP

49152:NX1Ma3JEquzO68pUHJLyUBLEr4k8zG1pXE1L0oUvvi:NX1x5ETAsLEzjXLoUv6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9cc588b440fdb9d78e1dfc7411bdfaf7cf5543474f67b922f80be2e8d17fc75a

Files

9cc588b440fdb9d78e1dfc7411bdfaf7cf5543474f67b922f80be2e8d17fc75a
.exe windows x86

76065a28b928a9ba180d17cfbb641ad4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntwdblib

ord11
ord69
ord17
ord76
ord66
ord25
ord55
ord70
ord48
ord71
ord58
ord36
ord93
ord9
ord20
ord41
ord53
ord30
ord14
ord31
ord149
ord51
ord43
ord150

kernel32

SetEndOfFile
GetFileType
WaitForSingleObject
CreateEventA
FreeLibrary
GetProcAddress
GetModuleHandleW
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
SizeofResource
LockResource
LoadResource
FindResourceW
SetLastError
DeactivateActCtx
GetLastError
LoadLibraryA
ActivateActCtx
CompareStringA
WideCharToMultiByte
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
MultiByteToWideChar
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
GetModuleHandleA
lstrlenA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
lstrcmpW
LoadLibraryW
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
MulDiv
GlobalFlags
LocalAlloc
LocalFree
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
lstrlenW
FormatMessageA
GlobalSize
CopyFileA
InterlockedIncrement
lstrcpyA
lstrcmpiA
LockFile
UnlockFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
RtlUnwind
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
ExitProcess
ExitThread
HeapQueryInformation
HeapSize
VirtualAlloc
SetStdHandle
SetEvent
IsProcessorFeaturePresent
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsValidCodePage
LCMapStringW
SetHandleCount
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetStringTypeW
CompareStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
RaiseException
GetSystemInfo
VirtualQuery
IsBadReadPtr
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetModuleFileNameA
GetLocalTime
GetTickCount
Sleep
CreateThread
GetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
TerminateThread
FileTimeToSystemTime
GetFileTime
ReadFile
WriteFile
CloseHandle
DeleteFileA
SetFilePointer
GetFileSize
FlushFileBuffers
CreateDirectoryA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree

user32

GetWindowDC
BeginPaint
EndPaint
DeleteMenu
InsertMenuA
RealChildWindowFromPoint
RemoveMenu
AppendMenuA
GetMenuStringA
InvalidateRect
SetTimer
KillTimer
SetRectEmpty
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
LoadCursorA
GetSysColorBrush
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperA
InflateRect
GetMenuItemInfoA
DestroyMenu
UnregisterClassA
IntersectRect
IsRectEmpty
OffsetRect
IsZoomed
SetWindowRgn
RedrawWindow
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
GetSystemMenu
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
ReleaseDC
GetNextDlgGroupItem
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
MapDialogRect
DestroyCursor
GetWindowRgn
FillRect
ShowWindow
MoveWindow
SetWindowTextA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
CopyImage
TabbedTextOutA
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
GetWindowLongA
SetWindowPos
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
PostMessageA
wsprintfA
GetSystemMetrics
LoadIconW
EnableWindow
GetClientRect
GetWindowRect
IsIconic
SendMessageA
DrawIcon
ShowScrollBar
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
IsDialogMessageA
GetCursorPos

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetFileInfoA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoCreateGuid
CoTaskMemFree
CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

comdlg32

GetFileTitleA

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

dbghelp

MiniDumpWriteDump

ws2_32

WSAEventSelect
closesocket
WSACreateEvent
WSACloseEvent
socket
WSAGetLastError
inet_addr
htons
send
setsockopt
inet_ntoa
gethostbyname
WSAStartup
ioctlsocket
listen
bind
htonl
accept
recv
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
shutdown
connect
WSACleanup

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipFree
GdipGetImageWidth
GdipDisposeImage
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageHeight
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

gdi32

SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
DPtoLP
GetViewportOrgEx
CombineRgn
SetRectRgn
GetTextExtentPoint32A
GetTextCharsetInfo
Rectangle
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
CreateDCA
CopyMetaFileA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
EnumFontFamiliesExA
LPtoDP
EnumFontFamiliesA
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
PatBlt
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
GetTextFaceA
SetPixelV

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

oleaut32

SysAllocString
VariantInit
VarBstrFromDate
VariantClear
VariantChangeType
SysStringLen
SystemTimeToVariantTime
SysAllocStringLen
VariantTimeToSystemTime
SysFreeString

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76065a28b928a9ba180d17cfbb641ad4

Headers

DLL Characteristics

File Characteristics

Imports

ntwdblib

kernel32

user32

shell32

ole32

comdlg32

msimg32

comctl32

shlwapi

dbghelp

ws2_32

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

oleaut32

advapi32

msvcrt

iphlpapi

psapi

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.sedata Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 13KB - Virtual size: 16KB

.rsrc Size: 68KB - Virtual size: 72KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.sedata
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 13KB - Virtual size: 16KB

.rsrc
Size: 68KB - Virtual size: 72KB

.sedata
Size: 4KB - Virtual size: 4KB