2d31bf487806703a01b45079821e280b5103deea0fd0c1906a9146b839c4460e

Sharing

Copy URL Twitter E-mail

General

Target

2d31bf487806703a01b45079821e280b5103deea0fd0c1906a9146b839c4460e
Size

2.0MB
MD5

77cc36d84bf7469c8e1b1a5d9a9b36da
SHA1

5dc199933dda367369ae3c0e1858f681c311c1d4
SHA256

2d31bf487806703a01b45079821e280b5103deea0fd0c1906a9146b839c4460e
SHA512

cdb5dd54603104eb49a64a8691d5abd8a03db84a17b1721b3be6144e212e72ac69dbe2b372b635316e93a1593d5dc0af91f0368a0222b578d3ade7a9078dde45
SSDEEP

49152:tz57oqyHKB5iztdu338YEf9rYDuvfde7l1otFcxeUMSsbmsO6tGNPlYSnetHxyJP:tN1yHKXifu338ZdYDuvfdsl1otFcxeUT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d31bf487806703a01b45079821e280b5103deea0fd0c1906a9146b839c4460e

Files

2d31bf487806703a01b45079821e280b5103deea0fd0c1906a9146b839c4460e
.exe windows x86

1cdacfd59451944b3234a5177d08bc51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
FreeLibrary
GetModuleHandleA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
GlobalGetAtomNameA
VirtualProtect
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileStringA
FileTimeToSystemTime
SetThreadPriority
ResumeThread
WaitForSingleObject
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
FindNextFileA
FileTimeToLocalFileTime
GetThreadLocale
GlobalFlags
GetACP
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetCPInfo
GetOEMCP
FindResourceExW
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetTempFileNameA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
Sleep
SearchPathA
SetErrorMode
GetFileAttributesExA
GetFileSizeEx
GetFileTime
CompareStringA
EncodePointer
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetStdHandle
IsValidCodePage
GetTimeZoneInformation
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
GetDriveTypeW
CompareStringW
LCMapStringW
WriteConsoleW
GetCurrentDirectoryW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetCurrentProcessId
GetModuleFileNameA
ActivateActCtx
DeactivateActCtx
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
LoadLibraryW
LoadLibraryA
lstrcmpW
GetFileInformationByHandle
GetDriveTypeA
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
lstrlenA
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
MultiByteToWideChar
GetPrivateProfileIntA
WritePrivateProfileStringA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetTickCount
GetTempPathA
DeleteFileA
FindClose
FindFirstFileA
GetSystemInfo
UnmapViewOfFile
CloseHandle
GetLastError
GlobalAddAtomA
CreateFileA
FindFirstFileExA

user32

RealChildWindowFromPoint
IntersectRect
OffsetRect
DeleteMenu
LoadMenuW
SetWindowRgn
RedrawWindow
KillTimer
SetCapture
WindowFromPoint
ReleaseCapture
MessageBeep
NotifyWinEvent
IsZoomed
CharUpperA
IsRectEmpty
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
SetMenuDefaultItem
GetMenuDefaultItem
WaitMessage
CharNextA
CopyAcceleratorTableA
SetRect
InvalidateRgn
GetNextDlgGroupItem
DestroyIcon
UnregisterClassA
SetParent
DestroyAcceleratorTable
SetClassLongA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
InvertRect
HideCaret
GetIconInfo
CopyImage
LoadImageA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
FrameRect
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
GetSysColorBrush
DestroyCursor
GetWindowRgn
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
GetFocus
GetWindowRect
PtInRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetClassNameA
LoadBitmapW
InvalidateRect
UpdateWindow
FillRect
DrawStateA
EnableWindow
GetParent
LoadCursorA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
ShowOwnedPopups
CheckDlgButton
SetCursor
GetMessageA
TranslateMessage
ValidateRect
MapVirtualKeyA
GetKeyNameTextA
SetWindowContextHelpId
PostQuitMessage
MapDialogRect
GetAsyncKeyState
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
AdjustWindowRectEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
PostMessageA
wsprintfA
LoadIconW
GetSystemMenu
AppendMenuA
SendMessageA
SetTimer
GetClientRect
IsIconic
GetSystemMetrics
DrawIcon
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExA
GetClassInfoExA
GetClassInfoA
SubtractRect
RegisterClassA

shell32

SHGetFileInfoA
SHBrowseForFolderA
SHAppBarMessage
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA
DragFinish
DragQueryFileA
SHGetPathFromIDListA

oleaut32

VariantClear
OleCreateFontIndirect
VarBstrFromDate
SafeArrayDestroy
SysFreeString
SysAllocStringByteLen
VariantChangeType
VariantInit
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantCopy

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

wldap32

ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord41
ord46
ord27

ws2_32

ntohs
getsockname
bind
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
htons
getsockopt
WSASetLastError
WSAStartup
WSACleanup
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
ntohl
setsockopt
htonl

crypt32

CertFreeCertificateContext

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetStockObject
SetPixelV
GetTextFaceA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
ExtFloodFill
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
GetRgnBox
GetTextColor
GetBkColor
EnumFontFamiliesExA
CreateDIBSection
CreateRoundRectRgn
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
GetTextExtentPoint32A
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectA
DeleteObject
GetObjectType
SelectPalette
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
BitBlt
GetPixel
PtVisible
ExtSelectClipRgn
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateSolidBrush

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

CryptEncrypt
CryptImportKey
CryptDestroyKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
CryptGetHashParam
RegEnumKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoUninitialize

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cdacfd59451944b3234a5177d08bc51

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

wldap32

ws2_32

crypt32

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

advapi32

ole32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 330KB - Virtual size: 330KB

.data Size: 25KB - Virtual size: 57KB

.rsrc Size: 82KB - Virtual size: 82KB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 330KB - Virtual size: 330KB

.data
Size: 25KB - Virtual size: 57KB

.rsrc
Size: 82KB - Virtual size: 82KB

.reloc
Size: 180KB - Virtual size: 180KB