chitanda[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

chitanda.exe
Size

2.0MB
MD5

97ae29556caeaa42f47dd55e93dda6d8
SHA1

3c7aa31d50e857cbf91fb0fac2233ba0e9db76db
SHA256

87c3b63c1941edf4041ff8c8125d50b54ba8991c6a1660ccc52161ba861c0093
SHA512

224e715fb307fbd31dfa880f94fc5f8b78a9e0c7a0d3c96951d16c880d49345eb9453e2631ed350268a5be91d4b68797ad36554373e3f8b9296926fb7fb88853
SSDEEP

49152:MFlnSgfpxd+zymFKu1Glia/xoPaWnHaNru7SeLijLfsgxzAurTNC5/w1/:eSgfpxEym0u176xoPaWnHaNS7SeLijbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
chitanda.exe

Files

chitanda.exe
.exe windows x86

277281be75b1c3fc66a5be16d8b4d426

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetCurrentThreadId
GlobalFree
GetModuleFileNameA
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
SetThreadPriority
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetFileTime
GetTempFileNameA
GetFullPathNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetACP
GetThreadLocale
FileTimeToSystemTime
GetStringTypeExA
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetWindowsDirectoryA
LocalFree
SetErrorMode
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
FindResourceExW
RtlUnwind
ExitProcess
DecodePointer
RaiseException
EncodePointer
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualQuery
HeapReAlloc
ExitThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetStdHandle
IsValidCodePage
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
FreeLibrary
CompareStringA
LoadLibraryW
MultiByteToWideChar
lstrcmpW
FindResourceA
lstrlenW
MulDiv
GetNumberFormatA
FreeResource
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateThread
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileA
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindClose
GetLastError
GetSystemInfo
VirtualAlloc
VirtualProtect
InterlockedDecrement
InterlockedIncrement
Sleep
GetTempPathA
GetTickCount
CopyFileA
DeleteFileA
GetDriveTypeW

user32

CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
DestroyIcon
LoadImageA
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
DestroyCursor
LoadCursorA
GetKeyNameTextA
MapVirtualKeyA
SetCursorPos
RedrawWindow
IsZoomed
DeleteMenu
GetSystemMenu
SetParent
GetMenuItemInfoA
RealChildWindowFromPoint
GetSysColorBrush
EnumDisplayMonitors
SetLayeredWindowAttributes
CharUpperA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
LoadAcceleratorsW
LoadMenuW
UnionRect
CreateMenu
PostThreadMessageA
WindowFromPoint
UnregisterClassA
LockWindowUpdate
GetMenuDefaultItem
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetIconInfo
CopyImage
DrawIconEx
DestroyAcceleratorTable
SetClassLongA
DrawStateA
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
RegisterClipboardFormatA
IsClipboardFormatAvailable
WaitMessage
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
MonitorFromPoint
IsMenu
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
SetMenuDefaultItem
FrameRect
GetUpdateRect
CopyIcon
BringWindowToTop
GetDoubleClickTime
SubtractRect
GetWindowRgn
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
GetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindowRect
GetWindow
SetFocus
GetFocus
IsChild
SendMessageA
EnableWindow
wsprintfA
GetCursorPos
GetClientRect
TranslateAcceleratorA
SetRectEmpty
SetWindowContextHelpId
IsRectEmpty
MapDialogRect
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetSystemMetrics
ReleaseCapture
SetCursor
LoadCursorW
SetCapture
KillTimer
SetTimer
SetWindowRgn
DrawIcon
SystemParametersInfoA
OffsetRect
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
IsIconic
GetWindowThreadProcessId
IntersectRect
InflateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
RegisterWindowMessageA
LoadIconW
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
IsWindow
LoadIconA
SetRect
GetParent
GetDC
InvalidateRect
IsWindowVisible
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
CharUpperBuffA
DestroyWindow

gdi32

RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
CreatePen
Rectangle
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
EnumFontFamiliesExA
OffsetRgn
SetPixel
StretchBlt
SetDIBColorTable
Polygon
Polyline
CreatePolygonRgn
CreateRoundRectRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetWindowOrgEx
GetTextFaceA
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
GetObjectA
SetTextColor
EnumFontFamiliesA
CreateDIBitmap
GetTextExtentPoint32A
GetTextMetricsA
GetViewportOrgEx
CreateCompatibleBitmap
CreateDIBSection
Ellipse
LPtoDP
CreateEllipticRgn
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
SetWindowExtEx
ScaleWindowExtEx
GetObjectType
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectPalette
SetBkColor

shell32

SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
SHAddToRecentDocs
DragQueryFileA
DragFinish
ShellExecuteA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

wldap32

ord79
ord33
ord301
ord27
ord41
ord46
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22

ws2_32

WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
WSAIoctl
getsockname
ntohs
bind
htons
getsockopt
getpeername
setsockopt
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateBitmapFromStream

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

CryptImportKey
CryptEncrypt
CryptDestroyKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
CryptGetHashParam

ole32

CoLockObjectExternal
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VarBstrFromDate
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen
VariantCopy
OleCreateFontIndirect
SysAllocString
VariantClear

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

277281be75b1c3fc66a5be16d8b4d426

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 325KB - Virtual size: 325KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 127KB - Virtual size: 126KB

.reloc Size: 180KB - Virtual size: 179KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 325KB - Virtual size: 325KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 127KB - Virtual size: 126KB

.reloc
Size: 180KB - Virtual size: 179KB