3f3dfe4cc5eaf25b049e504a2771ec8782b891b1a0b52a520bb335cb87489874

Sharing

Copy URL Twitter E-mail

General

Target

3f3dfe4cc5eaf25b049e504a2771ec8782b891b1a0b52a520bb335cb87489874
Size

4.1MB
MD5

089250dbae009218ecfe26e946062662
SHA1

69214b44ad187f31a0f390d0348e0f5fcd64f6a0
SHA256

3f3dfe4cc5eaf25b049e504a2771ec8782b891b1a0b52a520bb335cb87489874
SHA512

dbd2a45d238248d6bd97d5cefc88070248e92109d0f54cfb011be5526f199eb1f78b81da5abe88f9a482e0b0f11f17187e0106d87cb5bcf30944c1642ad17c24
SSDEEP

49152:VI4mTddLlrR5G7gXF8dbBNXg1vs7dCUoEBNG/ZB3GjsLWQ0YB0e6QST:GFdJ1o7gXF8dbBNXg1vs78UYZksUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f3dfe4cc5eaf25b049e504a2771ec8782b891b1a0b52a520bb335cb87489874

Files

3f3dfe4cc5eaf25b049e504a2771ec8782b891b1a0b52a520bb335cb87489874
.exe windows x86

94d1fba28402879de637487a4a7ce61d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetTickCount
IsDebuggerPresent
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
GlobalReAlloc
SizeofResource
InitializeCriticalSection
FreeResource
LockResource
LoadResource
FindResourceW
ExitProcess
LoadLibraryW
GetProcAddress
FreeLibrary
ReadFile
FindFirstFileW
SetLastError
GetCommandLineW
FindNextFileW
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
FindClose
WaitForSingleObject
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
LeaveCriticalSection
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
UnmapViewOfFile
OpenFileMappingW
GetTempPathW
WaitNamedPipeW
GetNamedPipeInfo
DisconnectNamedPipe
CreateFileW
WriteFile
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
CreateThread
SetEvent
Sleep
CreateEventW
SetThreadPriority
VirtualQuery
WideCharToMultiByte
CopyFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
CloseHandle
DeleteFileW
GetFileAttributesExW
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExW
SetFilePointerEx
GetStdHandle
GetFileType
SetStdHandle
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
GetCPInfo
CompareStringW
GetCurrentThreadId
GetFileAttributesW
OutputDebugStringA
GetCurrentThread
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CompareStringA
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
lstrcpyW
LocalFree
FormatMessageW
EncodePointer
LoadLibraryA
GlobalFindAtomW
HeapFree
GlobalGetAtomNameW
VerSetConditionMask
VerifyVersionInfoW
GetFileSize
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
GetThreadLocale
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
VirtualProtect
SearchPathW
GetProfileIntW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileTime
SetErrorMode
FindResourceExW
GetTempFileNameW
GetWindowsDirectoryW
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
GetStartupInfoW
OutputDebugStringW
RtlUnwind
GetCommandLineA
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
GetSystemInfo
VirtualAlloc
QueryPerformanceFrequency
HeapQueryInformation

user32

SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgItem
GetDlgCtrlID
SetFocus
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
SetPropW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
SetWindowLongW
GetClassLongW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
ShowWindow
BringWindowToTop
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
InvalidateRect
SetRectEmpty
IntersectRect
DestroyIcon
UnpackDDElParam
ReuseDDElParam
SetParent
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
DrawStateW
IsRectEmpty
TrackMouseEvent
CharUpperW
GetAsyncKeyState
SetCapture
SetTimer
KillTimer
GetSystemMenu
DeleteMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
ModifyMenuW
ClientToScreen
PostThreadMessageW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongW
CheckDlgButton
SetWindowTextW
IsDialogMessageW
CharNextW
InvalidateRgn
SetRect
GetNextDlgGroupItem
GetNextDlgTabItem
RealChildWindowFromPoint
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetIconInfo
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
CreateMenu
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
IsChild
IsMenu
GetClassInfoExW
GetMessageTime
GetMessagePos
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
MonitorFromPoint
InflateRect
CopyRect
FillRect
GetSysColor
ScreenToClient
IsWindow
RegisterWindowMessageW
GetLastActivePopup
GetWindowLongW
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
GetFocus
CallNextHookEx
SetWindowsHookExW
ValidateRect
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PostQuitMessage
PostMessageW
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
UnregisterClassW
GetPropW
FindWindowW
GetWindowRect
MoveWindow
GetClassNameW
CallWindowProcW
RemovePropW
UnhookWindowsHookEx
ShowScrollBar
DestroyWindow
GetCursorPos
MessageBoxW
ReleaseDC
GetClientRect
GetWindowDC
GetSystemMetrics
GetDC
LoadImageW
GetDesktopWindow
LoadCursorW
LoadIconW
RegisterClassW
GetClassInfoW
GetActiveWindow
LoadStringW
SendMessageW
CreateWindowExW
DefWindowProcW
CopyImage
SetForegroundWindow
GetParent
SetClipboardData
EmptyClipboard
CloseClipboard
GetMonitorInfoW
OpenClipboard
GetWindowPlacement
SetActiveWindow
MonitorFromWindow
GetWindowThreadProcessId
GetKeyState
wsprintfW
SetMenuItemBitmaps

gdi32

CreateHatchBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
GetTextColor
ExtTextOutW
SetViewportExtEx
PatBlt
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
RoundRect
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
FillRgn
CreateBitmap
GetBoundsRect
PtInRegion
GetNearestPaletteIndex
GetBkColor
OffsetRgn
GetRgnBox
CreateRoundRectRgn
TextOutW
GetTextFaceW
SetPixel
GetPixel
CreateRectRgn
CombineRgn
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateSolidBrush
CreateRectRgnIndirect
CreatePatternBrush
GetTextExtentPoint32W
CreateFontIndirectW
CreatePen
CreateDIBitmap
SetTextColor
SetBkColor
CreateDCW
CopyMetaFileW
SetViewportOrgEx
FrameRgn
SetPixelV
DeleteDC
DeleteObject
GetObjectW
CreatePalette
SelectPalette
GetSystemPaletteEntries
GetDeviceCaps
GetDIBits
GetStockObject
RealizePalette
StretchBlt
CreateCompatibleDC
SetDIBColorTable
CreateDIBSection
SelectObject
CreateCompatibleBitmap
BitBlt

advapi32

RegDeleteKeyW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegCloseKey
RegDeleteValueW

shell32

SHGetFileInfoW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
DragQueryFileW

ole32

CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
DoDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateGuid
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CLSIDFromString
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CoDisconnectObject

oleaut32

SysAllocStringLen
SysStringLen
SafeArrayDestroy
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
LoadTypeLi
SysFreeString
OleCreateFontIndirect
SysAllocString
VariantCopy
VariantChangeType
VariantClear

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

libcurl

curl_free
curl_easy_escape
curl_easy_setopt
curl_global_cleanup
curl_global_init
curl_easy_getinfo
curl_easy_pause
curl_easy_cleanup
curl_slist_append
curl_slist_free_all
curl_easy_init
curl_easy_perform

shlwapi

PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
StrFormatKBSizeW
PathRemoveFileSpecW

msimg32

TransparentBlt
AlphaBlend

uxtheme

IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
GetThemeSysColor
CloseThemeData
OpenThemeData
DrawThemeText
DrawThemeParentBackground
GetWindowTheme
DrawThemeBackground

oledlg

OleUIBusyW

gdiplus

GdipCreateFromHDC
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImagePaletteSize
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette
GdiplusStartup
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdiplusShutdown
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94d1fba28402879de637487a4a7ce61d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

libcurl

shlwapi

msimg32

uxtheme

oledlg

gdiplus

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 25KB - Virtual size: 44KB

.rsrc Size: 276KB - Virtual size: 275KB

.reloc Size: 157KB - Virtual size: 157KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 25KB - Virtual size: 44KB

.rsrc
Size: 276KB - Virtual size: 275KB

.reloc
Size: 157KB - Virtual size: 157KB