219246652721fcdcb77da97ab94ecbebc96053db3e8b9998c00aae2d9f84b9e8

Sharing

Copy URL Twitter E-mail

General

Target

219246652721fcdcb77da97ab94ecbebc96053db3e8b9998c00aae2d9f84b9e8
Size

720KB
MD5

5bf33854f2d159d6ef1d87254d60e35e
SHA1

96398f0f945563ce62707d432dd7d67eb9f82bbe
SHA256

219246652721fcdcb77da97ab94ecbebc96053db3e8b9998c00aae2d9f84b9e8
SHA512

4f24aae9b9677553a06d4edb98be2dba62f0c26db33eebcc578392e4573c3ea1b3c2a3bd5a115581402981cd56649ea582ade70c18659cfc455e3ede824cc6b9
SSDEEP

12288:onOAIp9EGJdvBva6u0YMP/HiRn2+4q8msOWQULOWuWhbtDbAXIu/Ej+c581i:lhufYf/RLR5hL9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
219246652721fcdcb77da97ab94ecbebc96053db3e8b9998c00aae2d9f84b9e8

Files

219246652721fcdcb77da97ab94ecbebc96053db3e8b9998c00aae2d9f84b9e8
.exe windows x86

78235734a80859d99c85e503034bb55e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GlobalFindAtomW
GlobalAddAtomW
GetProcessVersion
SetErrorMode
GlobalGetAtomNameW
GlobalSize
GetStartupInfoW
ExitProcess
RtlUnwind
TerminateProcess
RaiseException
HeapAlloc
HeapFree
ExitThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
lstrcatW
GetUserDefaultLCID
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetStdHandle
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
DefineDosDeviceW
GetDiskFreeSpaceExW
SetVolumeLabelW
QueryDosDeviceA
QueryDosDeviceW
GetLogicalDrives
GetDriveTypeW
FindResourceA
GlobalAddAtomA
GetProfileStringA
MoveFileExW
MoveFileExA
RemoveDirectoryA
CopyFileA
CreateDirectoryA
MoveFileA
DeleteFileA
GetFileAttributesA
SetFileAttributesA
GetEnvironmentVariableW
GetTempPathA
ExpandEnvironmentStringsW
GetSystemDirectoryA
ExpandEnvironmentStringsA
DeviceIoControl
SetThreadLocale
OutputDebugStringA
UnmapViewOfFile
FormatMessageA
TlsAlloc
LocalAlloc
WaitForMultipleObjects
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceW
GlobalFree
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
lstrcpynW
GetVolumeInformationW
lstrcpyW
UnlockFile
LockFile
FlushFileBuffers
ReadFile
DuplicateHandle
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
FormatMessageW
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
lstrlenW
GetCurrentThread
AllocConsole
FreeConsole
OutputDebugStringW
WriteFile
CreateFileW
GetFileSize
SetFilePointer
SetEndOfFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentDirectoryW
CreateDirectoryW
LoadLibraryExW
LoadLibraryExA
EnumResourceLanguagesW
FindResourceExW
SizeofResource
LoadResource
LockResource
FreeLibrary
GetWindowsDirectoryW
OpenMutexW
CreateProcessW
WaitForSingleObject
GetTempPathW
GetComputerNameW
GetPrivateProfileStringW
GetModuleFileNameW
LoadLibraryA
GetTickCount
Sleep
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
lstrcmpW
RemoveDirectoryW
DeleteFileW
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
GetLastError
LoadLibraryW
LocalFree
GetSystemInfo
OpenProcess
GetCurrentProcess
CreateThread
GetSystemDirectoryW
GetModuleHandleA
CreateFileA
GetFileInformationByHandle
CloseHandle
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
GetModuleHandleW
GetProcAddress
EnumSystemLocalesA

user32

GetClassInfoW
RegisterClassW
GetMenu
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetWindowTextLengthW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
LoadStringW
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GetMenuStringW
DeleteMenu
InsertMenuW
CloseDesktop
SetThreadDesktop
GetThreadDesktop
OpenDesktopW
OpenInputDesktop
GetUserObjectInformationW
CloseWindowStation
SetProcessWindowStation
GetMenuItemCount
UnhookWindowsHookEx
SetWindowTextW
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
ScreenToClient
GetScrollInfo
WindowFromPoint
GetDesktopWindow
WaitMessage
ReleaseCapture
SetCapture
LoadCursorW
GetCapture
MsgWaitForMultipleObjects
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
GetSystemMetrics
CharUpperW
wsprintfW
GetMenuCheckMarkDimensions
LoadBitmapW
IsChild
GetTopWindow
SetScrollPos
SetScrollInfo
GetScrollPos
SetScrollRange
GetScrollRange
GetMenuState
ModifyMenuW
OpenWindowStationW
MessageBoxW
EnumDesktopWindows
UnregisterClassW
GetWindowTextLengthA
BeginDeferWindowPos
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
GetWindowThreadProcessId
GetWindowTextW
GetWindowLongW
GetParent
IsWindowVisible
EnumWindows
PostMessageW
PostQuitMessage
SendMessageW
ScrollWindow
EndDeferWindowPos
CopyRect
GetClientRect
DeferWindowPos
EqualRect
AdjustWindowRectEx
IsWindow
SetActiveWindow
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
LoadIconW
GetSysColorBrush
CharNextW
CopyAcceleratorTableW
SetRect
GetNextDlgGroupItem
GetDialogBaseUnits
EndDialog
CreateDialogIndirectParamW
DestroyIcon
PostThreadMessageW
wvsprintfW
RemoveMenu
AppendMenuW
RegisterClipboardFormatW
InflateRect
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuW
DestroyMenu
TranslateAcceleratorW
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
GetLastActivePopup
SetWindowsHookExW
GetCursorPos
PeekMessageW
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageW
TranslateMessage
ShowScrollBar
WinHelpW
LoadAcceleratorsW
SetRectEmpty
ClientToScreen
MessageBeep
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW

gdi32

GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
SetTextJustification
TextOutW
ExtTextOutW
Escape
GetDCOrgEx
GetObjectW
GetTextColor
GetBkColor
DPtoLP
LPtoDP
SetMapperFlags
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CreateFontIndirectW
CopyMetaFileW
CreateDCW
GetTextExtentPoint32W
GetTextMetricsW
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
SelectPalette
GetStockObject
SelectObject
GetMapMode
SetTextCharacterExtra
ExtTextOutA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
RestoreDC
SaveDC
StartDocW
DeleteDC
DeleteObject
RectVisible
CreateBitmap

comdlg32

GetSaveFileNameW
GetFileTitleW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegSetValueExA
RegConnectRegistryW
RegCreateKeyExA
RegCreateKeyA
RegQueryValueExA
RegEnumKeyW
RegQueryValueW
RegSetValueW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
CreateServiceW
ChangeServiceConfigW
StartServiceW
RegSetValueExW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
CloseServiceHandle
RegOpenKeyW
GetUserNameW
GetTokenInformation
LookupAccountSidW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW

shell32

ExtractIconW
DragQueryFileW
DragAcceptFiles
SHGetFileInfoW
ShellExecuteW
DragFinish

comctl32

ord17

oledlg

OleUIBusyW

ole32

ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
CoRegisterMessageFilter
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleRegGetUserType
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

VarCyFromStr
VariantClear
SysFreeString
LoadTypeLi
SysStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VariantTimeToSystemTime
SysAllocStringByteLen
SysStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantChangeType
VariantCopy
SysAllocStringLen

ws2_32

inet_addr
ntohl
WSAStartup
htonl
gethostbyname
inet_ntoa

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

setupapi

SetupInstallFileW

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

Exports

Exports

?Dll_GetLogFileName@@YAHPAGH@Z
?Dll_GetLogLevel@@YAKXZ
?Dll_GetLogTos@@YAKXZ
?Dll_SetLogOutput@@YAXKKPBG@Z

Sections

.text
Size: 572KB - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OutputL
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78235734a80859d99c85e503034bb55e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

version

setupapi

rpcrt4

Exports

Exports

Sections

.text Size: 572KB - Virtual size: 569KB

.rdata Size: 84KB - Virtual size: 81KB

.data Size: 36KB - Virtual size: 59KB

.OutputL Size: 4KB - Virtual size: 528B

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 572KB - Virtual size: 569KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 36KB - Virtual size: 59KB

.OutputL
Size: 4KB - Virtual size: 528B

.rsrc
Size: 20KB - Virtual size: 18KB