a88b6dc96d1cbf1fc910abeefa61fdefbec28f8d416a89baf4400eaf0cd1c077

Sharing

Copy URL Twitter E-mail

General

Target

a88b6dc96d1cbf1fc910abeefa61fdefbec28f8d416a89baf4400eaf0cd1c077
Size

2.3MB
MD5

97472a319ba78c835ed78c40d516ee49
SHA1

76e7713a82c57569d7e4d598030ae5211881f617
SHA256

a88b6dc96d1cbf1fc910abeefa61fdefbec28f8d416a89baf4400eaf0cd1c077
SHA512

6cd0f91b8670603804faef387f0e45adeeb5d1daf05b47d1fb753bfadfbd987a95c7398f8422e5d3f44ec2f4985ba835525761895e88b39efeaf01b87f2b15dd
SSDEEP

49152:DucIsaQkJEYdMmqxY7Xv/coZtUv9Jm0bg2FEqvbhrlq2R1zPIJhpoPRIz//jlumB:D8QkJE8qxY7X3co0vPm0bg2FEqvbhrUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a88b6dc96d1cbf1fc910abeefa61fdefbec28f8d416a89baf4400eaf0cd1c077

Files

a88b6dc96d1cbf1fc910abeefa61fdefbec28f8d416a89baf4400eaf0cd1c077
.exe windows x86

5c013c0f7470dbaf5e03237d2a065de2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
GetCurrentDirectoryW
WriteConsoleW
CompareStringW
GetStringTypeW
GetDriveTypeW
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
CreateFileW
FindFirstFileExA
GetDriveTypeA
GetFileInformationByHandle
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
VerSetConditionMask
VerifyVersionInfoA
SleepEx
GetProcessHeap
FreeEnvironmentStringsW
HeapCreate
GetStdHandle
GetTimeZoneInformation
IsProcessorFeaturePresent
GetConsoleMode
GetConsoleCP
LCMapStringW
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
CreateThread
ExitThread
HeapReAlloc
VirtualQuery
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
HeapFree
DecodePointer
EncodePointer
RaiseException
RtlUnwind
SearchPathA
GetNumberFormatA
GetWindowsDirectoryA
GetFileSizeEx
GetFileAttributesExA
SetErrorMode
FindResourceExW
GetACP
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
InitializeCriticalSection
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
ReplaceFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleHandleW
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetProfileIntA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
GetCurrentProcessId
MulDiv
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
WriteFile
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
GetCurrentDirectoryA
SystemTimeToFileTime
SetFilePointer
InterlockedDecrement
InterlockedIncrement
CreateDirectoryA
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
ActivateActCtx
DeactivateActCtx
SetLastError
GetTempPathA
DeleteFileA
WaitForSingleObject
TerminateThread
GetTickCount
Sleep
FlushViewOfFile
GetLastError
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalMemoryStatusEx
CloseHandle
ExitProcess
GetSystemInfo
VirtualProtect
VirtualFree
FindFirstFileA
FindClose
MultiByteToWideChar
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalLock
GlobalUnlock
GlobalFree
GetSystemDirectoryA
GetModuleFileNameA
CreateFileA
GetFileSize
VirtualAlloc
ReadFile

user32

SystemParametersInfoA
GetMenuItemInfoA
CharUpperA
IsClipboardFormatAvailable
WindowFromPoint
MapDialogRect
GetAsyncKeyState
MapVirtualKeyA
GetKeyNameTextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
LoadCursorW
LoadCursorA
DestroyCursor
RedrawWindow
SetCursorPos
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetActiveWindow
SetCursor
LoadAcceleratorsA
IsIconic
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorA
IntersectRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
ValidateRect
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
MessageBeep
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
PostMessageA
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetDCEx
LockWindowUpdate
LoadAcceleratorsW
GetScrollInfo
SetScrollInfo
CreateMenu
PostThreadMessageA
ScreenToClient
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
DrawEdge
DrawIcon
TranslateMessage
GetMessageA
IsRectEmpty
SetWindowRgn
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
IsZoomed
DeleteMenu
GetSystemMenu
SetParent
RealChildWindowFromPoint
GetSysColorBrush
EnumDisplayMonitors
SetLayeredWindowAttributes
CopyRect
LoadImageA
DestroyIcon
LoadIconA
IsWindowVisible
LoadIconW
SetForegroundWindow
UpdateWindow
GetWindowLongA
SetWindowLongA
wsprintfA
MessageBoxA
UnionRect
UnregisterClassA
CopyAcceleratorTableA
InvalidateRgn
CharNextA
GetWindowTextA
GetNextDlgGroupItem
SetCapture
GetTabbedTextExtentW
GetMenuDefaultItem
GetWindowRgn
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
GetUpdateRect
FrameRect
SetMenuDefaultItem
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExA
IsCharLowerA
LoadImageW
SetRect
FillRect
InvalidateRect
EnableWindow
GetSystemMetrics
GetSysColor
GetCursorPos
PtInRect
InflateRect
OffsetRect
GetWindowRect
GetClientRect
GetDC
ReleaseDC
SetTimer
KillTimer
SendMessageA
GetParent
TrackPopupMenu
ReleaseCapture
LoadBitmapW
GetSubMenu
LoadMenuW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
WaitMessage
RegisterClipboardFormatA
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawStateA
SetClassLongA
DestroyAcceleratorTable
DrawIconEx
CopyImage
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
GetTopWindow
InvertRect

gdi32

GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
GetDeviceCaps
CreateHatchBrush
CopyMetaFileA
CreateDCA
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32A
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
GetTextMetricsA
GetCharWidthA
StretchDIBits
GetBkColor
LineTo
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
Rectangle
CreateDIBitmap
GetWindowExtEx
GetTextCharsetInfo
EnumFontFamiliesExA
GetRgnBox
GetTextColor
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetViewportExtEx
IntersectClipRect
ExcludeClipRect
GetClipBox
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
EnumFontFamiliesA
MoveToEx
GetMapMode
CreateCompatibleBitmap
GetStockObject
CreateFontA
BitBlt
CreateCompatibleDC
SetMapMode
SelectObject
CreateSolidBrush
StartPage
CreatePen

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

GetJobA
ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

CryptGetHashParam
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumValueA
RegEnumKeyA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
CryptImportKey

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoA
ShellExecuteA
Shell_NotifyIconA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHAddToRecentDocs
DragQueryFileA
DragFinish

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW

ole32

CoUninitialize
OleRun
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CreateStreamOnHGlobal
OleDraw
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
ReleaseStgMedium

oleaut32

SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
GetErrorInfo
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType

oledlg

ord8

ws2_32

sendto
getaddrinfo
recvfrom
ntohs
setsockopt
closesocket
recv
send
gethostbyname
htons
connect
getprotobyname
socket
WSAIoctl
getsockname
gethostname
ioctlsocket
listen
htonl
freeaddrinfo
getpeername
getsockopt
bind
ntohl
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
accept

winmm

sndPlaySoundA
PlaySoundA

wldap32

ord27
ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord41
ord46

crypt32

CertFreeCertificateContext

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c013c0f7470dbaf5e03237d2a065de2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

winmm

wldap32

crypt32

oleacc

gdiplus

wininet

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 363KB - Virtual size: 363KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 188KB - Virtual size: 188KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 363KB - Virtual size: 363KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 188KB - Virtual size: 188KB