b48bb43a2e953100cf112210fd3a784d200a4c60e4c95885dab28bc97364503c

Sharing

Copy URL Twitter E-mail

General

Target

b48bb43a2e953100cf112210fd3a784d200a4c60e4c95885dab28bc97364503c
Size

6.0MB
MD5

657a22204118f672715a1eee9c6e2f65
SHA1

ef236c7c637aa05bea6d4e813f851fe3c735f209
SHA256

b48bb43a2e953100cf112210fd3a784d200a4c60e4c95885dab28bc97364503c
SHA512

f2ce2b769f04ad11c484eca062e4820caf4e1ef4af36f414ffc40cc0364254d64564affdc53b4df653ddeef707bb87a24c99900ee34173ee59e1ee9f008123e5
SSDEEP

98304:OOosTQw4N+muw4zXgZ7Dz1GHTWyLFcrB:OfsTQwCuwyHTWyZcrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b48bb43a2e953100cf112210fd3a784d200a4c60e4c95885dab28bc97364503c

Files

b48bb43a2e953100cf112210fd3a784d200a4c60e4c95885dab28bc97364503c
.exe windows x86

bbe90e40db8aa47de815c98e6607395f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipLoadImageFromFile
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawRectangleI
GdipDeletePen
GdipDrawImageRectI
GdipGetImageThumbnail
GdipDrawImageRect
GdipGetPenWidth
GdipCreateBitmapFromHICON
GdipCreatePen1
GdipAlloc
GdipFree
GdiplusStartup
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdipGetImageHeight

imagehlp

MakeSureDirectoryPathExists

shell32

SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
ShellExecuteA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA

kernel32

GetThreadLocale
FileTimeToLocalFileTime
FindNextFileA
SystemTimeToTzSpecificLocalTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GetFileSize
LocalAlloc
LocalReAlloc
VerSetConditionMask
VerifyVersionInfoA
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
GetCurrentDirectoryA
GetFileAttributesA
GetFileAttributesExA
GetFileTime
SetErrorMode
GetUserDefaultLCID
FindResourceExW
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
FindFirstFileA
FindClose
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
SetThreadPriority
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
GetCurrentProcess
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
SetLastError
CopyFileA
FormatMessageA
LocalFree
GlobalSize
DosDateTimeToFileTime
SetFilePointerEx
GetFileSizeEx
WriteFile
FlushFileBuffers
SetFileTime
CreateDirectoryA
ReleaseMutex
CreateMutexA
CompareFileTime
lstrcmpiA
TerminateThread
lstrlenA
GetTempFileNameA
GetVolumeInformationA
FileTimeToSystemTime
CreateFileW
DeviceIoControl
ReadFile
SetFilePointer
CreateFileA
LoadLibraryA
SetFileAttributesA
GetProcAddress
GetTempPathA
FreeLibrary
DeleteFileA
MultiByteToWideChar
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
lstrcpyA
Sleep
lstrcpynA
GetTickCount
ResetEvent
SetEvent
WaitForSingleObject
FreeResource
FindResourceA
ResumeThread
MulDiv
GlobalUnlock
GlobalLock
CreateEventA
CloseHandle
CreateThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GlobalFree
GlobalAlloc
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
UnlockFile
DuplicateHandle
SetEndOfFile
LockFile
LoadLibraryExW
GetFullPathNameA
OutputDebugStringW
LCMapStringW
GetStringTypeW
RtlUnwind
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetSystemInfo
VirtualAlloc
VirtualQuery
GetCommandLineA
GetCommandLineW
HeapQueryInformation
QueryPerformanceFrequency
SetStdHandle
GetFileType
ExitProcess
GetStdHandle
GetConsoleCP
GetConsoleMode
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
DeleteFileW
GetDriveTypeW
ReadConsoleW
FindFirstFileExA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GlobalHandle
GetCurrentDirectoryW

user32

HideCaret
InvertRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
GetComboBoxInfo
GetWindowRgn
InvalidateRgn
CopyAcceleratorTableA
CharNextA
PostThreadMessageA
LoadImageW
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
MessageBeep
DeleteMenu
GetSystemMenu
LoadMenuW
IsZoomed
TrackMouseEvent
GetAsyncKeyState
RealChildWindowFromPoint
CopyImage
EnumDisplayMonitors
SetLayeredWindowAttributes
GetSysColorBrush
WindowFromPoint
SetWindowRgn
DrawIcon
KillTimer
DestroyCursor
LoadCursorW
SetCursorPos
SetCapture
CharUpperA
SystemParametersInfoA
GetMenuItemInfoA
ReuseDDElParam
UnpackDDElParam
DestroyIcon
IntersectRect
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
ReleaseCapture
BringWindowToTop
SetCursor
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
PostQuitMessage
MapVirtualKeyA
GetKeyNameTextA
GetMessageA
GetCursorPos
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowThreadProcessId
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoA
GetIconInfo
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassLongA
EqualRect
MapWindowPoints
OpenClipboard
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetClassNameA
DrawStateA
IsDialogMessageA
GetWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsWindowEnabled
SetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
InflateRect
FrameRect
LoadImageA
SetWindowLongA
DrawIconEx
GetWindowLongA
IsWindowVisible
PtInRect
GetScrollBarInfo
IsWindow
GetSystemMetrics
GetActiveWindow
ShowScrollBar
IsRectEmpty
SetRectEmpty
PostMessageA
GetWindowRect
IsChild
GetFocus
GetParent
WaitMessage
CopyIcon
ModifyMenuA
CharUpperBuffA
EmptyClipboard
SetClipboardData
MonitorFromWindow
CloseClipboard
UnregisterClassA
LoadBitmapA
LoadBitmapW
wsprintfA
OffsetRect
SetTimer
CopyRect
GetSysColor
FillRect
InvalidateRect
ReleaseDC
GetDC
SetRect
LoadIconW
UpdateWindow
DispatchMessageA
TranslateMessage
PeekMessageA
GetKeyState
SendMessageA
LoadCursorA
MessageBoxA
GetClientRect
EnableWindow
SetClassLongA
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
DrawFocusRect
DrawFrameControl
DrawEdge
SetParent
ScreenToClient
GetNextDlgGroupItem
CallNextHookEx

gdi32

SetViewportExtEx
SetViewportOrgEx
SetBkMode
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
SetRectRgn
Ellipse
CreateDIBSection
LPtoDP
CreateDIBitmap
EnumFontFamiliesA
CreatePen
GetDeviceCaps
SelectObject
DeleteDC
DeleteObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
GetRgnBox
CreateEllipticRgn
CreateRectRgn
CombineRgn
GetTextMetricsA
GetBkColor
CreateBitmap
GetPixel
SetBkColor
Rectangle
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
SetDIBColorTable
OffsetRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
ExtTextOutA
TextOutA
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
EnumFontFamiliesExA
CreateSolidBrush
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreateHatchBrush
SetTextColor
GetStockObject
CreateDCA
CopyMetaFileA
GetTextExtentPoint32A
CreateFontIndirectA
StretchBlt
GetMapMode
DPtoLP
GetObjectA

msimg32

AlphaBlend
TransparentBlt
GradientFill

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
OpenEncryptedFileRawA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
CloseEncryptedFileRaw
WriteEncryptedFileRaw

comctl32

ImageList_Draw
ImageList_AddMasked
ImageList_ReplaceIcon
InitCommonControlsEx
_TrackMouseEvent

shlwapi

StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

IsAppThemed
GetWindowTheme
GetThemeSysColor
GetThemePartSize
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData

ole32

CoRevokeClassObject
CreateStreamOnHGlobal
StgOpenStorage
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoInitialize
CoDisconnectObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoInitializeEx
DoDragDrop
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
OleLoadPicture

oledlg

ord8

iphlpapi

GetAdaptersInfo

ws2_32

htons
connect
recv
closesocket
send
socket
WSAStartup
gethostbyname

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbe90e40db8aa47de815c98e6607395f

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

imagehlp

shell32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

iphlpapi

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 598KB - Virtual size: 598KB

.data Size: 302KB - Virtual size: 6.4MB

.gfids Size: 107KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 160KB - Virtual size: 160KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 598KB - Virtual size: 598KB

.data
Size: 302KB - Virtual size: 6.4MB

.gfids
Size: 107KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 160KB - Virtual size: 160KB