45f4dd70031bd031e9226bae8fff2b1c6545f990f7fe19727685213367ed0e6a

Sharing

Copy URL Twitter E-mail

General

Target

45f4dd70031bd031e9226bae8fff2b1c6545f990f7fe19727685213367ed0e6a
Size

4.7MB
MD5

dd4dba6f0a827bc1d5fe9ce0790f909f
SHA1

1fee41d50fbf2b62f7b4c319d7b7c5d9541ed9e0
SHA256

45f4dd70031bd031e9226bae8fff2b1c6545f990f7fe19727685213367ed0e6a
SHA512

0d3f7bea90cd29f2de172d374179d5f5cdb3901737648f2da919fc96ae1770f8045818dbae4fa4ad0ee17a851f57a4767576b0cd278537d01e3eb9a68c7db4f1
SSDEEP

98304:U4SHwaR9atxIbRE222IBu6UUOhFKkwvbwnZXvSp+JmnHiEoj9ghi1RebMIg9Cbk1:U4EGsRm2IBudGvbwndwHiEojDIg9Cbki

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45f4dd70031bd031e9226bae8fff2b1c6545f990f7fe19727685213367ed0e6a

Files

45f4dd70031bd031e9226bae8fff2b1c6545f990f7fe19727685213367ed0e6a
.exe windows x86

b2d4b5d209356ecf87793c101b6795ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
InterlockedIncrement
InitializeCriticalSection
SetFilePointer
CreateFileA
GetTempFileNameA
GetTempPathA
GetCurrentDirectoryA
lstrcmpiA
ReadFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
InitializeCriticalSectionAndSpinCount
GetFileAttributesA
GetACP
GetCPInfo
GetOEMCP
GetTickCount
GetProfileIntA
SearchPathA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
VirtualProtect
GetWindowsDirectoryA
GetNumberFormatA
GetUserDefaultLCID
FindResourceExW
HeapFree
EncodePointer
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
IsProcessorFeaturePresent
DeleteCriticalSection
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
CompareStringW
LCMapStringW
GetTimeZoneInformation
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
GetThreadLocale
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
WaitForSingleObject
ResumeThread
SetThreadPriority
FreeResource
GlobalAddAtomA
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleW
GetVersionExA
lstrcpyA
FreeLibrary
LoadLibraryW
ActivateActCtx
DeactivateActCtx
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
SetLastError
MultiByteToWideChar
lstrlenA
LocalReAlloc
TlsSetValue
HeapCreate
TlsAlloc
CreateToolhelp32Snapshot
GetModuleHandleA
GetModuleFileNameA
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
OpenProcess
Process32First
InterlockedDecrement
CloseHandle
CreateMutexA
GetLastError
DeleteFileA
LockResource
MoveFileA
SizeofResource
Sleep
WideCharToMultiByte
LoadResource
FindResourceW
GlobalFlags
FindResourceA
GetProcessHeap

user32

CharUpperA
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
WaitMessage
DestroyIcon
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageA
LoadImageW
GetIconInfo
CopyIcon
GetDoubleClickTime
CharNextA
InvalidateRgn
GetNextDlgGroupItem
GetUpdateRect
UnregisterClassA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
PostThreadMessageA
IsClipboardFormatAvailable
FrameRect
RegisterClipboardFormatA
CharUpperBuffA
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
InvertRect
HideCaret
DestroyCursor
GetWindowRgn
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
SetClassLongA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
ValidateRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterWindowMessageA
MessageBeep
RedrawWindow
IsWindowVisible
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
FillRect
OffsetRect
InflateRect
IsRectEmpty
DrawStateA
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
IsWindow
ScreenToClient
ClientToScreen
GetWindowRect
PtInRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
PostMessageA
PostQuitMessage
GetSysColorBrush
LoadCursorA
GetClassInfoA
DefWindowProcA
MapWindowPoints
LoadCursorW
SetLayeredWindowAttributes
GetSysColor
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
IsZoomed
RealChildWindowFromPoint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
DestroyMenu
GetMenuItemInfoA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetFocus
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
ReleaseCapture
SetCapture
KillTimer
SetTimer
LoadMenuW
DeleteMenu
DrawIconEx
IntersectRect
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowLongA
GetSystemMenu
IsIconic
wsprintfA
DrawIcon
GetClientRect
SendMessageA
LoadIconW
AppendMenuA
GetSystemMetrics
EnableWindow
GetClassNameA
InvalidateRect
UpdateWindow
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
GetDlgItem
SetScrollPos
SetPropA

advapi32

RegDeleteValueA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
LookupPrivilegeValueA
RegQueryValueA

shell32

DragQueryFileA
DragFinish
SHAppBarMessage
SHGetFolderPathA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA

ole32

OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoInitialize
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoInitializeEx
CoInitializeSecurity
CoCreateInstance

oleaut32

VarBstrFromDate
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantChangeType
SysAllocString
VariantClear
VariantInit
SysFreeString
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathAppendA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

oledlg

ord8

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDrawImageRectI

wininet

InternetCloseHandle
InternetOpenA
InternetReadFile
InternetOpenUrlA
HttpQueryInfoA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

CreateEllipticRgn
CreateRectRgn
CreateHatchBrush
DeleteObject
CreatePolygonRgn
EnumFontFamiliesA
GetTextMetricsA
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
GetTextCharsetInfo
CombineRgn
GetTextFaceA
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
CreatePatternBrush
CreateSolidBrush
CreatePen
GetStockObject
CreateDIBitmap
CreateBitmap
CreateDCA
GetDeviceCaps
SetPixelV
EnumFontFamiliesExA
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
RoundRect
StretchBlt
RealizePalette
SetDIBColorTable
SetPixel
Rectangle
DPtoLP
GetMapMode
SetRectRgn
GetRgnBox
OffsetRgn
CreateRoundRectRgn
CreateDIBSection
GetObjectType
GetBkColor
GetTextColor
Polyline
Ellipse
SelectPalette
Polygon
PatBlt
ExtTextOutA
GetTextExtentPoint32A
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CopyMetaFileA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2d4b5d209356ecf87793c101b6795ab

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

wininet

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 283KB - Virtual size: 282KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 283KB - Virtual size: 282KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 175KB - Virtual size: 175KB