c1eb7d0ad07a6e739f9704fe32a3ad1d5033bf3b681070bbc0fdbb5e2cd4d99d

Sharing

Copy URL Twitter E-mail

General

Target

c1eb7d0ad07a6e739f9704fe32a3ad1d5033bf3b681070bbc0fdbb5e2cd4d99d
Size

3.1MB
MD5

2db7ddd003ba3f442be0cff25dabbeea
SHA1

da217be116fa90ed51ae1516f1e68c51b69a2bd9
SHA256

c1eb7d0ad07a6e739f9704fe32a3ad1d5033bf3b681070bbc0fdbb5e2cd4d99d
SHA512

6fe296e6f2b6150fb8bd9b149a8ce888427d6637ac54a4b84eb146d031e7d9e5920a7236bd613c2445f8bd01741a6642ca28b6e34e4ec3aeb3c9e4d3b19fb05e
SSDEEP

49152:F50AB3ZkVLPKkxJNMhijmHg6D2VGL/8i2mD98lKCXtGS3+B9iJ9SAWqTQgntK0i:F50UJkWkxJNMGmHg6S1f+B9i1WqTQb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1eb7d0ad07a6e739f9704fe32a3ad1d5033bf3b681070bbc0fdbb5e2cd4d99d

Files

c1eb7d0ad07a6e739f9704fe32a3ad1d5033bf3b681070bbc0fdbb5e2cd4d99d
.exe windows x86

2dafa948d88329f981af5e01ac3b3816

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerClose
mixerGetControlDetailsW
mixerGetLineControlsW
mixerGetLineInfoW
mixerSetControlDetails
mixerOpen
PlaySoundW

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetHidGuid

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces

kernel32

InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
SearchPathW
GetProfileIntW
GetTickCount
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
SetFileTime
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
GetFileSizeEx
GetFileAttributesExW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToFileTime
GetAtomNameW
GlobalGetAtomNameW
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetCurrentProcessId
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
GetFileTime
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetCommandLineA
GetCommandLineW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
ExitProcess
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetDriveTypeW
SetEvent
CompareStringA
lstrcmpA
GetCurrentThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetThreadLocale
TerminateProcess
MoveFileW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
DuplicateHandle
UnlockFile
SetFilePointer
SetUnhandledExceptionFilter
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
SetLastError
MulDiv
GlobalSize
ReleaseSemaphore
CreateSemaphoreW
DeviceIoControl
WaitForSingleObject
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LoadLibraryW
TerminateThread
GetExitCodeThread
FreeLibrary
GetProcAddress
ReleaseMutex
CreateMutexW
GetCurrentDirectoryW
GetFileAttributesW
DeleteFileW
SetFileAttributesW
RemoveDirectoryW
LocalFree
GetCurrentProcess
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
FindResourceExW
GetModuleHandleW
CopyFileW
OutputDebugStringA
CreateProcessW
lstrcpyW
lstrcmpiW
lstrcpynW
lstrlenW
ExpandEnvironmentStringsW
CreateThread
GetVersionExW
WinExec
Sleep
GetModuleFileNameW
CreateDirectoryW
FindClose
FindFirstFileW
OutputDebugStringW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FormatMessageW
GetPrivateProfileIntW
GetPrivateProfileStructW
WritePrivateProfileStructW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
FindResourceW
LoadResource
LockResource
SizeofResource
GetPrivateProfileStringW
CloseHandle
WriteFile
CreateFileW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
LocalUnlock
LocalLock
GetStringTypeExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
SetCurrentDirectoryW
GetUserDefaultLCID

user32

UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
SetParent
SetWindowRgn
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextW
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
GetDialogBaseUnits
TrackMouseEvent
DestroyIcon
InvalidateRect
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
RealChildWindowFromPoint
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
LoadCursorW
GetSysColorBrush
SetCursor
ShowOwnedPopups
GetActiveWindow
TranslateMessage
PostQuitMessage
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
MonitorFromPoint
DrawTextExW
DrawTextW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
CreateMenu
GetParent
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
GetComboBoxInfo
IsCharLowerW
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
GetDCEx
EnumChildWindows
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
SendNotifyMessageW
MonitorFromRect
GrayStringW
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
CharUpperW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
WindowFromDC
SetWindowLongW
SetTimer
SystemParametersInfoW
SetDoubleClickTime
SwapMouseButton
KillTimer
ReleaseDC
GetDC
LoadImageW
MapVirtualKeyW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetMessageExtraInfo
mouse_event
GetSystemMetrics
GetCursorPos
PostThreadMessageW
GetMessageW
EnableWindow
SetFocus
SetForegroundWindow
AttachThreadInput
SendMessageW
GetDesktopWindow
GetWindowLongW
keybd_event
ToUnicodeEx
MapVirtualKeyExW
GetWindowThreadProcessId
GetKeyboardLayout
GetForegroundWindow
PostMessageW
FindWindowW
InSendMessage
GetWindowRgn
DestroyCursor
GetClassNameW
GetTabbedTextExtentW
DeleteMenu

gdi32

TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetLayout
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
MoveToEx
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
CreateFontW
GetCharWidthW
StretchDIBits
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
SetMapMode
SetGraphicsMode
SetMapperFlags
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
CreateDIBSection
CreateCompatibleDC
SetBitmapBits
StartDocW
GetObjectW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetTextColor
GetBitmapBits
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
BitBlt
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteDC
AddFontResourceW
DeleteObject
SelectObject
GetLayout

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter
GetJobW

advapi32

SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegSetValueW
RegCreateKeyExW
CreateProcessAsUserW
GetLengthSid
SetTokenInformation
ConvertStringSidToSidW
DuplicateTokenEx
OpenProcessToken
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExW
SHAppBarMessage
SHBrowseForFolderW
SHGetFolderPathW

shlwapi

StrStrIW
PathIsUNCW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemeColor
DrawThemeText
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName

ole32

OleIsRunning
CoGetMalloc
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
OleSetClipboard
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
StringFromGUID2
CLSIDFromString
CoCreateGuid
CoInitializeEx
SetConvertStg
OleRegGetUserType
OleCreateFromData
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoUninitialize
CoInitialize
CoCreateInstance
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
OleRun
CreateDataAdviseHolder
CreateOleAdviseHolder
OleQueryLinkFromData
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleQueryCreateFromData
GetRunningObjectTable

oleaut32

RegisterTypeLi
LoadTypeLi
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
SysAllocString
VariantChangeType
SysFreeString
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

msi

ord217
ord173

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 564KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dafa948d88329f981af5e01ac3b3816

Headers

DLL Characteristics

File Characteristics

Imports

winmm

hid

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

msi

oleacc

imm32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 564KB - Virtual size: 564KB

.data Size: 31KB - Virtual size: 51KB

.rsrc Size: 83KB - Virtual size: 82KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 564KB - Virtual size: 564KB

.data
Size: 31KB - Virtual size: 51KB

.rsrc
Size: 83KB - Virtual size: 82KB