3922d94961edd82858b07416b82f13b883cb980dedf027b511950487bc10ca30

Sharing

Copy URL Twitter E-mail

General

Target

3922d94961edd82858b07416b82f13b883cb980dedf027b511950487bc10ca30
Size

4.5MB
MD5

83a9b8ef13a4190fe9cec8756c96c185
SHA1

1f86822b9f933ca9e6e32db2f2eb4578ca4639dd
SHA256

3922d94961edd82858b07416b82f13b883cb980dedf027b511950487bc10ca30
SHA512

bfdd5b5175de09ee286f4615785dc27c1c5a2220a7645151d315070f033add0f19f658de4b4cbd1e660f2385fa827cf0f7a2b1503ad15401a5448b21ef3fc499
SSDEEP

49152:GuMQCd5hsHiOxaSnqBCUO5Zx+WPzs/BnU0xopZfnU7EyaYrdmQIGVtQgF7Hzfgaa:Gpp7+RQgaWLCwfn4/5JF7Hz4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3922d94961edd82858b07416b82f13b883cb980dedf027b511950487bc10ca30

Files

3922d94961edd82858b07416b82f13b883cb980dedf027b511950487bc10ca30
.exe windows x86

281f40ac3b271029c238f8f3a887e977

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetModuleHandleExW
HeapValidate
GetSystemInfo
SetStdHandle
GetFileType
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetStdHandle
WriteConsoleW
QueryPerformanceFrequency
ExitProcess
LCMapStringW
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
GetStringTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
VirtualQuery
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SearchPathA
ResetEvent
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
GetWindowsDirectoryA
lstrcpyA
FindResourceExW
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFlags
SetErrorMode
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
OutputDebugStringW
GetProfileIntA
GetAtomNameA
InitializeCriticalSectionAndSpinCount
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFullPathNameA
GetFileTime
GetFileAttributesA
GetDiskFreeSpaceA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GlobalAlloc
GetModuleFileNameA
GetVersionExA
GetCurrentThread
WaitForSingleObject
SetEvent
CloseHandle
GlobalFree
GlobalUnlock
GlobalLock
ResumeThread
SetThreadPriority
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
Sleep
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
MultiByteToWideChar
SetLastError
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualFree
VirtualAlloc
GetLocalTime
VirtualProtect
CreateFileW

user32

DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
SetRectEmpty
GetWindowThreadProcessId
SetCursor
GetCursorPos
TranslateMessage
GetMessageA
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
ShowWindow
NotifyWinEvent
LoadCursorW
LoadCursorA
GetLastActivePopup
SetParent
GetDesktopWindow
WindowFromPoint
ClientToScreen
HideCaret
SetWindowContextHelpId
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
InvalidateRgn
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
ReleaseDC
GetWindowDC
GetDCEx
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
EnableWindow
IsRectEmpty
SetTimer
SetCapture
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
PostThreadMessageA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
SystemParametersInfoA
InflateRect
GetAsyncKeyState
RealChildWindowFromPoint
PeekMessageA
PostQuitMessage
UnregisterClassA
SendMessageA
PostMessageA
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetSysColorBrush
DrawFocusRect
FillRect
FrameRect
InvertRect
SetRect
OffsetRect
DestroyCursor
ReleaseCapture
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
IntersectRect
DestroyIcon
LoadImageA
UnpackDDElParam
ReuseDDElParam
CharUpperA
ValidateRect
GetSystemMetrics
IsWindow
TabbedTextOutA
MapDialogRect
GetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
RegisterWindowMessageA
DispatchMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
BeginPaint
EndPaint
ScrollWindow
CopyImage
GetClipboardFormatNameA
LoadAcceleratorsW
CharNextA
CopyAcceleratorTableA
MessageBeep
GetKeyNameTextA
MapVirtualKeyA
GetTabbedTextExtentW
UnionRect
TrackMouseEvent
LoadImageW
RegisterClipboardFormatA
WaitMessage
IsClipboardFormatAvailable
DrawIconEx
GetIconInfo
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursorPos
CopyIcon
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
GetDoubleClickTime
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
KillTimer
CharUpperBuffA

gdi32

CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectA
CreateFontA
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetROP2
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthA
GetCurrentPositionEx
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRgnBox
GetStockObject
GetStretchBltMode
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
SetRectRgn
GetTextMetricsA
StartDocA
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
DeleteDC
DeleteObject
StretchDIBits
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBSection
GetTextExtentPointA
GetTextExtentPoint32W
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetObjectA
SetBkColor
CreateBitmap
ExtTextOutA
StretchBlt
SetDIBColorTable
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetSystemPaletteEntries
EnumFontFamiliesExA
SetTextColor

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter
GetJobA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegSetValueA
RegOpenKeyExW
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderPathA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemePartSize
IsAppThemed
DrawThemeText

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoRegisterMessageFilter
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
IsAccelerator
CoRevokeClassObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleGetClipboard
OleLockRunning
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
StringFromGUID2
CoGetClassObject
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
StringFromCLSID
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoLockObjectExternal
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

OleCreateFontIndirect
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
VariantCopy
VarBstrFromDate
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen

oledlg

ord8

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 499KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

281f40ac3b271029c238f8f3a887e977

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 499KB - Virtual size: 498KB

.data Size: 311KB - Virtual size: 346KB

.gfids Size: 114KB - Virtual size: 113KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 96KB - Virtual size: 100KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 499KB - Virtual size: 498KB

.data
Size: 311KB - Virtual size: 346KB

.gfids
Size: 114KB - Virtual size: 113KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 96KB - Virtual size: 100KB