5f02423406b598c7bd9656d0b13ff58f11a4ccf8acf6e0b7d2e6672ee41a7f8b

Sharing

Copy URL Twitter E-mail

General

Target

5f02423406b598c7bd9656d0b13ff58f11a4ccf8acf6e0b7d2e6672ee41a7f8b
Size

4.2MB
MD5

fa18984564dd05fdf71b4bf23d27ad16
SHA1

5d7009110618d6116a3019028736edbad1ea29f1
SHA256

5f02423406b598c7bd9656d0b13ff58f11a4ccf8acf6e0b7d2e6672ee41a7f8b
SHA512

da7e023203e481c0fb84015b1e25ceffdf776d05cadf4312fd153b354ba1cd542c2a5615e4849bb0b67abf2eb837afe651a2e012a59744f12222c1679e9dc14c
SSDEEP

49152:Aulv35r8hVeAIWUMysstcue+5WxEJL0/vmPUXYF3OKaRGCb:rJb+Er3F/ac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f02423406b598c7bd9656d0b13ff58f11a4ccf8acf6e0b7d2e6672ee41a7f8b

Files

5f02423406b598c7bd9656d0b13ff58f11a4ccf8acf6e0b7d2e6672ee41a7f8b
.exe windows x86

c7652e836d4c304760e73955764debd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CloseHandle
WaitForSingleObject
CreateEventA
CreateFileA
GetLastError
ReadFile
GetModuleHandleA
LocalFree
WriteFile
ResetEvent
GetProcAddress
GetOverlappedResult
OpenEventW
FileTimeToLocalFileTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetEnvironmentVariableA
CreateFileW
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetProcessHeap
HeapAlloc
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetFilePointerEx
GetStartupInfoW
ReadConsoleW
GetConsoleMode
GetConsoleCP
IsValidCodePage
WaitForSingleObjectEx
SetStdHandle
WriteConsoleW
OutputDebugStringW
GetFileType
GetStdHandle
GetSystemTimeAsFileTime
AreFileApisANSI
ExitProcess
ExitThread
CreateThread
RtlUnwind
RaiseException
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
HeapValidate
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
SearchPathA
GetTickCount
GetWindowsDirectoryA
GetTempFileNameA
GetTempPathA
FindResourceExW
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
GetACP
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
VirtualProtect
GetProfileIntA
SetErrorMode
InterlockedIncrement
InterlockedDecrement
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetVersionExA
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetHandleInformation
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FindClose
CompareStringA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
DecodePointer
EncodePointer
LoadLibraryA
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
GetVersion
GetFileAttributesW
ResumeThread
SetThreadPriority
SuspendThread
GetCurrentThreadId
SetEvent
GetModuleFileNameA
GetCurrentProcessId
CopyFileA
GlobalSize
SetLastError
GetAtomNameA
GlobalGetAtomNameA
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
FindNextFileA
GetFileAttributesA
FreeResource
FindResourceA
QueryPerformanceCounter
QueryPerformanceFrequency
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FindFirstFileA
MultiByteToWideChar
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrlenA
LocalAlloc
OutputDebugStringA
lstrcmpA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
DeleteFileA
GetCurrentDirectoryA
TerminateThread
GetExitCodeThread
WaitCommEvent
SetCommTimeouts
PurgeComm
FlushFileBuffers
GetCommMask
SetCommMask
EscapeCommFunction
SetCommState
GetCommState
ClearCommError
SetupComm
FormatMessageA

user32

CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetClassLongA
EqualRect
CopyRect
GetSysColor
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ScrollWindow
TrackPopupMenu
SetMenu
GetMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
IsDialogMessageA
SetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SetFocus
IsDlgButtonChecked
CheckDlgButton
MoveWindow
ShowWindow
SendDlgItemMessageA
MapVirtualKeyA
GetKeyNameTextA
EndDialog
CreateDialogIndirectParamA
DestroyWindow
LoadBitmapW
NotifyWinEvent
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
GetTopWindow
SetParent
GetDesktopWindow
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
HideCaret
SetWindowContextHelpId
GetClientRect
EnableScrollBar
CreatePopupMenu
GetScrollRange
SetScrollRange
GetScrollPos
GetAsyncKeyState
LockWindowUpdate
RedrawWindow
FrameRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetCapture
GetFocus
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageA
CallNextHookEx
SetWindowsHookExA
ValidateRect
GetKeyState
GetMessageA
GetLastActivePopup
GetWindowThreadProcessId
GetParent
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
DestroyIcon
GetWindowLongA
IsWindowEnabled
EnableWindow
MessageBoxA
SendMessageA
IsCharLowerA
SubtractRect
UnionRect
MapDialogRect
TabbedTextOutA
IsWindow
PostMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
IsMenu
PostQuitMessage
LoadImageA
GetCursorPos
CheckMenuItem
EnableMenuItem
ModifyMenuA
DeleteMenu
SetMenuItemBitmaps
InsertMenuItemA
GetMenuItemInfoA
SetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
DrawIcon
DrawTextA
DrawTextExA
GrayStringA
DrawStateA
SetCursor
GetSystemMetrics
GetSysColorBrush
DrawFocusRect
ShowScrollBar
FillRect
IntersectRect
InflateRect
SetRect
GetWindowRect
SetWindowPos
PeekMessageA
DispatchMessageA
TranslateMessage
PtInRect
GetDlgItem
GetWindow
GetClassNameA
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
GetClipboardFormatNameA
InvertRect
LoadBitmapA
GetMenuCheckMarkDimensions
CharUpperA
SetRectEmpty
InvalidateRgn
ReleaseCapture
SystemParametersInfoA
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
IsClipboardFormatAvailable
MessageBeep
CopyImage
WaitMessage
LoadAcceleratorsW
CharNextA
CopyAcceleratorTableA
TrackMouseEvent
UpdateLayeredWindow
MonitorFromPoint
UnregisterClassA
DrawIconEx
GetKeyboardLayout
DestroyCursor
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
MapVirtualKeyExA
GetKeyboardState
GetDoubleClickTime
CopyIcon
IsRectEmpty
OffsetRect
CharUpperBuffA
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
RegisterClipboardFormatA
GetIconInfo
SetClassLongA
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
SetScrollPos
ToAsciiEx

gdi32

SetDIBColorTable
CreateCompatibleDC
GetObjectA
CreateDIBSection
SetStretchBltMode
SetBrushOrgEx
StretchBlt
GetDIBColorTable
CopyMetaFileA
CreateDCA
GetDeviceCaps
ExtTextOutA
SetBkColor
SetTextColor
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetMapMode
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
SelectObject
RealizePalette
RoundRect
SetPaletteEntries
SetPixel
SetPixelV
SetRectRgn
GetTextMetricsA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
EnumFontFamiliesExA
GetSystemPaletteEntries
DeleteDC
Rectangle
GetStockObject
DeleteObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RevertToSelf
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
SetThreadToken
OpenThreadToken

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
ShellExecuteA
SHAppBarMessage
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

SHGetValueA
SHSetValueA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground
IsAppThemed

ole32

OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
StringFromGUID2
CoInitialize
CLSIDFromProgID
OleUninitialize
CoCreateGuid
CoInitializeEx
CoUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleLockRunning
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal
OleGetClipboard
CoRegisterMessageFilter
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoCreateInstance

oleaut32

SysStringLen
SafeArrayDestroy
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SysAllocStringByteLen
SysFreeString

oledlg

ord8

gdiplus

GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdipCreateBitmapFromStreamICM

setupapi

SetupDiGetClassDevsA
CM_Get_DevNode_Status
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiEnumDeviceInfo

winmm

PlaySoundA
sndPlaySoundA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7652e836d4c304760e73955764debd6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

setupapi

winmm

oleacc

imm32

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 446KB - Virtual size: 445KB

.data Size: 25KB - Virtual size: 64KB

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 588KB - Virtual size: 588KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 446KB - Virtual size: 445KB

.data
Size: 25KB - Virtual size: 64KB

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 588KB - Virtual size: 588KB