15368e5d19ffc668dda91ef2208f99ee2474983aabf8ef475b2a944e49c4981d

Sharing

Copy URL Twitter E-mail

General

Target

15368e5d19ffc668dda91ef2208f99ee2474983aabf8ef475b2a944e49c4981d
Size

1.5MB
MD5

8581139f36bb7c0cb45e554e7bf53dbd
SHA1

068ebcf5b45da0b9823cc17891add82d6d44799a
SHA256

15368e5d19ffc668dda91ef2208f99ee2474983aabf8ef475b2a944e49c4981d
SHA512

9e7188b32858dd170347f50677ab12402de6e2352b8e9132f84e9da00241768c6a97b4c4fa88cc844b6ff650003f1acdaf6934e9a3936824d22c61138985b972
SSDEEP

24576:/xp0qer18S6rCLFGPsBTC599103P0cA1GC7cTnirFTvu:prerfamG5910/tA1wTnir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15368e5d19ffc668dda91ef2208f99ee2474983aabf8ef475b2a944e49c4981d

Files

15368e5d19ffc668dda91ef2208f99ee2474983aabf8ef475b2a944e49c4981d
.exe windows x86

8255267c55e6a7078e1feeba45c8448e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetCloseHandle
InternetOpenA
InternetCheckConnectionA
InternetCanonicalizeUrlA
InternetCrackUrlA

kernel32

CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
WinExec
lstrcatA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetFileAttributesA
GetCurrentDirectoryA
GetLastError
CreateMutexA
CloseHandle
GetVolumeInformationA
GlobalUnlock
GlobalLock
GlobalAlloc
TerminateThread
Sleep
lstrcmpA
GetCurrentThreadId
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsBadCodePtr
lstrcpynA
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
GetVersionExA
HeapAlloc
GetProcessHeap
HeapFree
GetSystemTime
MulDiv
VirtualProtect
FlushInstructionCache
GetCurrentProcess
SetLastError
GlobalFree
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetPrivateProfileIntA
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
HeapSize
ExitThread
CreateThread
GetFileType
SetStdHandle
GetACP
RaiseException
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GlobalReAlloc
DuplicateHandle
CreateFileA
ReadFile
InterlockedExchange
GetProfileStringA
ExitProcess
GetLocalTime
GetTimeZoneInformation
RtlUnwind
GetTickCount
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
LocalAlloc
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
WriteFile
GetCurrentThread
GetModuleFileNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer

user32

GetMenuStringA
InsertMenuA
DestroyCursor
MapDialogRect
SetWindowContextHelpId
TranslateMessage
ShowOwnedPopups
HideCaret
DeleteMenu
SetParent
CharNextA
WindowFromPoint
CharUpperA
LoadStringA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
wvsprintfA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
LoadIconA
SendDlgItemMessageA
SetFocus
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
GetWindowTextLengthA
GetDlgCtrlID
GetClassLongA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetMessagePos
WindowFromDC
FrameRect
OffsetRect
MapWindowPoints
GetSysColorBrush
PeekMessageA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
EqualRect
PostThreadMessageA
GetWindowPlacement
DrawMenuBar
GetMenu
IsMenu
SetMenu
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
LockWindowUpdate
GetFocus
DrawIconEx
DrawIcon
DestroyIcon
ValidateRect
IsWindowEnabled
DrawFrameControl
IsWindowVisible
RemovePropA
DestroyWindow
DrawEdge
BeginPaint
EndPaint
ClientToScreen
GetActiveWindow
UnregisterClassA
RegisterClassA
CreateWindowExA
SetPropA
GetPropA
ScreenToClient
CopyAcceleratorTableA
InvertRect
GetDCEx
GetNextDlgGroupItem
GetTabbedTextExtentA
GetKeyState
RegisterClipboardFormatA
GetSystemMenu
DestroyMenu
GetMenuItemInfoA
DispatchMessageA
GetMessageA
SetScrollRange
SetScrollPos
SetScrollInfo
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
GetWindowInfo
GetWindow
IsIconic
IsZoomed
MoveWindow
PostMessageA
GetWindowDC
IsRectEmpty
SetWindowRgn
SetWindowPos
CallWindowProcA
DefWindowProcA
UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
CallNextHookEx
GrayStringA
TabbedTextOutA
GetWindowTextA
DrawStateA
SetRect
CloseWindow
ShowScrollBar
GetDesktopWindow
GetSystemMetrics
GetCursorPos
CreatePopupMenu
AppendMenuA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
FindWindowA
BringWindowToTop
SetForegroundWindow
ShowWindow
MessageBoxA
UpdateWindow
KillTimer
SubtractRect
SetTimer
LoadBitmapA
LoadCursorA
CopyIcon
GetWindowRect
GetParent
GetDC
ReleaseDC
IsWindow
SetCursor
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
MessageBeep
GetClientRect
InflateRect
CopyRect
FillRect
DrawTextA
GetSysColor
InvalidateRect
EnableWindow
SendMessageA
GetWindowLongA
SetWindowLongA
ShowCaret
TrackPopupMenu
PostQuitMessage

gdi32

CreateRectRgn
DeleteDC
GetDIBits
CreateICA
SetTextColor
SetBkColor
RealizePalette
SelectPalette
GetDeviceCaps
ExtFloodFill
LineTo
MoveToEx
SetBkMode
GetTextExtentPointA
CreateDIBitmap
StretchDIBits
SetStretchBltMode
ExcludeClipRect
GetClipBox
IntersectClipRect
SetROP2
UnrealizeObject
PatBlt
SetBrushOrgEx
CreatePatternBrush
SelectClipRgn
PlayEnhMetaFile
SetWindowOrgEx
StartDocA
SaveDC
RestoreDC
SetPolyFillMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetRegionData
SetTextAlign
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
SetRectRgn
GetTextColor
GetCharWidthA
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
ExtCreateRegion
OffsetRgn
CombineRgn
DeleteObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
CreateRectRgnIndirect
GetCurrentObject
GetStockObject
CreateFontIndirectA
GetObjectA
GetTextExtentPoint32A
GetTextMetricsA
StretchBlt
BitBlt
SelectObject
Rectangle
CreatePen
GetMapMode
CreateCompatibleDC
CreateFontA
CreateBitmap
RoundRect
GetBkColor
DPtoLP
ScaleWindowExtEx
CreateCompatibleBitmap
LPtoDP

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
SetFileSecurityA
GetFileSecurityA
RegSetValueA
RegCreateKeyA
RegCloseKey

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
ExtractIconA

comctl32

ImageList_AddMasked
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIcon
ImageList_Draw
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringLen
SysFreeString
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VarDateFromStr
VariantTimeToSystemTime

odbc32

ord2
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord10
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord3
ord11
ord18
ord13
ord61
ord16
ord5

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 712KB - Virtual size: 711KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 588KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8255267c55e6a7078e1feeba45c8448e

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

iphlpapi

Sections

.text Size: 712KB - Virtual size: 711KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 76KB - Virtual size: 157KB

.rsrc Size: 588KB - Virtual size: 587KB

.text
Size: 712KB - Virtual size: 711KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 76KB - Virtual size: 157KB

.rsrc
Size: 588KB - Virtual size: 587KB