d91819247015b3387dd483d7881351f1244a1c76436349759205d6a0d7ac6f34

Sharing

Copy URL Twitter E-mail

General

Target

d91819247015b3387dd483d7881351f1244a1c76436349759205d6a0d7ac6f34
Size

2.4MB
MD5

537cdf7b2934716b38ad7b08dcb47b4b
SHA1

62ac0157fa02a6927e77b6226de7e202fbb942ea
SHA256

d91819247015b3387dd483d7881351f1244a1c76436349759205d6a0d7ac6f34
SHA512

f05ac81743ff7e806cee29e54e739ec42eafed5b52dda070beeb8ae033db85fe6d76e2e2b81adaec3a667a14eb0a48b30ce3afefab63a5cf381cbe6f9cf27538
SSDEEP

49152:WXqNOoIfXZkEiCszGm9rfrL1Llr0+JleW0ppp7P7l:WXwbiXZ9iCszGmxTL1Llr0+Jk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d91819247015b3387dd483d7881351f1244a1c76436349759205d6a0d7ac6f34

Files

d91819247015b3387dd483d7881351f1244a1c76436349759205d6a0d7ac6f34
.exe windows x86

284c172e32142aa0166d54e9bfbbe146

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
SetFilePointerEx
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
ExitProcess
GetConsoleMode
ReadConsoleW
ExitThread
LCMapStringW
GetDriveTypeW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
GetConsoleCP
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameW
GetProfileIntW
GetTempPathW
SearchPathW
GetWindowsDirectoryW
VerifyVersionInfoW
VerSetConditionMask
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
InitializeCriticalSectionAndSpinCount
CompareStringA
GetCurrentThread
lstrcmpA
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetCurrentProcessId
FreeResource
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
lstrcmpiW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
SetLastError
MulDiv
GlobalSize
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
FreeLibrary
GetTickCount
GetProcAddress
LoadLibraryW
ReadFile
GetFileSize
GlobalReAlloc
ReleaseMutex
CreateMutexW
GetCurrentDirectoryW
GetFileAttributesW
DeleteFileW
LocalFree
GetCurrentProcess
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
FindResourceExW
GetModuleHandleW
CopyFileW
lstrcpyW
OutputDebugStringA
CreateProcessW
Sleep
CreateFileW
CreateThread
GetVersionExW
GetModuleFileNameW
CreateDirectoryW
FindClose
FindFirstFileW
OutputDebugStringW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FormatMessageW
GetPrivateProfileIntW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
FindResourceW
LoadResource
LockResource
SizeofResource
GetPrivateProfileStringW
CloseHandle
WriteFile
GetCommandLineW
WriteConsoleW

user32

SetCursor
ShowOwnedPopups
TranslateMessage
SystemParametersInfoW
MessageBeep
IsZoomed
PostQuitMessage
LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetTopWindow
GetClassNameW
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
GetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
IsDialogMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetDlgCtrlID
GetSysColorBrush
MoveWindow
GetLastActivePopup
MessageBoxW
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
FillRect
EndPaint
EnumDisplayMonitors
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
IsWindowEnabled
GetFocus
SetFocus
IsWindow
CharUpperW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
DrawStateW
TrackMouseEvent
GetSystemMenu
FindWindowW
PostMessageW
GetForegroundWindow
GetKeyboardLayout
GetWindowThreadProcessId
GetMenuState
GetMenuStringW
UnregisterClassW
SetParent
GetScrollInfo
GetWindow
UpdateWindow
ShowWindow
IsRectEmpty
RedrawWindow
GetSysColor
ScreenToClient
DrawIcon
IsIconic
LoadIconW
SetScrollPos
PtInRect
SetWindowPos
SetRect
SetScrollRange
OffsetRect
LoadBitmapW
LoadCursorW
IntersectRect
RealChildWindowFromPoint
SendDlgItemMessageA
SetRectEmpty
DestroyMenu
GetMenuItemInfoW
CopyImage
GetAsyncKeyState
MapDialogRect
WaitMessage
DeleteMenu
BringWindowToTop
LoadAcceleratorsW
SetWindowLongW
InflateRect
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
DestroyIcon
UnpackDDElParam
ReuseDDElParam
MonitorFromPoint
CheckDlgButton
MapVirtualKeyExW
ToUnicodeEx
GetMessageW
PostThreadMessageW
GetCursorPos
GetSystemMetrics
SetCursorPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MapVirtualKeyW
LoadImageW
GetDC
ReleaseDC
SendMessageW
SetWindowRgn
GetParent
GetClientRect
EnableWindow
CopyRect
CallWindowProcW
InvalidateRect
GetWindowLongW
GetClassLongW
SetClassLongW
GetActiveWindow
GetCapture
SetCapture
ClientToScreen
WindowFromPoint
ReleaseCapture
SetTimer
KillTimer
GetWindowRect
NotifyWinEvent
ModifyMenuW
GetKeyboardState
CreateAcceleratorTableW
SetLayeredWindowAttributes
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
RegisterClipboardFormatW
LockWindowUpdate
GetMenuDefaultItem
GetKeyNameTextW
UnionRect
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
GetUpdateRect
SubtractRect
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
IsClipboardFormatAvailable
FrameRect
CopyIcon
SetMenuDefaultItem
EnableScrollBar
UpdateLayeredWindow
CharUpperBuffW
BeginPaint

gdi32

GetDIBits
CreateFontIndirectW
CopyMetaFileW
CreateBitmap
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
RealizePalette
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
CreateRoundRectRgn
GetRgnBox
OffsetRgn
EnumFontFamiliesExW
GetBkColor
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
SelectPalette
GetStockObject
StretchBlt
CombineRgn
ExtCreateRegion
GetDeviceCaps
CreateSolidBrush
Rectangle
GetTextExtentPoint32W
CreateFontW
GetTextColor
CreateCompatibleBitmap
BitBlt
SetDIBColorTable
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleDC
SetBitmapBits
GetBitmapBits
SetViewportOrgEx
CreateDCW
GetObjectW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

shell32

ShellExecuteW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHGetFolderPathW

comctl32

_TrackMouseEvent

shlwapi

PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathRemoveExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathIsUNCW

uxtheme

IsAppThemed
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleGetClipboard
DoDragDrop
CoDisconnectObject
CoCreateGuid
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
OleLoadPicture

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipReleaseDC
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdiplusStartup

winmm

PlaySoundW

msi

ord217
ord173

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

284c172e32142aa0166d54e9bfbbe146

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

winmm

msi

oleacc

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 384KB - Virtual size: 383KB

.data Size: 22KB - Virtual size: 40KB

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 152KB - Virtual size: 151KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 384KB - Virtual size: 383KB

.data
Size: 22KB - Virtual size: 40KB

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 152KB - Virtual size: 151KB