0097909f539244c0f722c380bcfad92b19b24280fba1cf26279e9d02b54d1c9f

Sharing

Copy URL Twitter E-mail

General

Target

0097909f539244c0f722c380bcfad92b19b24280fba1cf26279e9d02b54d1c9f
Size

2.5MB
MD5

2911617e00755b595a6129b9840b2826
SHA1

2bdb27cc5fb663be21a43af5a89201f12d83befe
SHA256

0097909f539244c0f722c380bcfad92b19b24280fba1cf26279e9d02b54d1c9f
SHA512

c3f30772c55ffb487353c82433efa6484988e180def01bf5f7d7738f6ff315208757b534618e333230be9bb7e2e8ac94cb8a59ed08c1a8cdf54558c4ae1aa25a
SSDEEP

49152:puT/GEnRj9YAAa4sax8tS+Tui3fZg4T59MGd1XaMm9MGd1XaMSkKPNr:DpAAj8tS+TX3Rgs2Gd1XaN2Gd1Xa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0097909f539244c0f722c380bcfad92b19b24280fba1cf26279e9d02b54d1c9f

Files

0097909f539244c0f722c380bcfad92b19b24280fba1cf26279e9d02b54d1c9f
.exe windows x86

8913fb95b80d590352052c0b2c5cb877

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo

winmm

midiOutShortMsg
midiInStop
timeGetTime
timeBeginPeriod
mciSendCommandW
midiInGetNumDevs
midiInAddBuffer
midiInClose
midiInStart
midiInGetDevCapsW
midiOutUnprepareHeader
midiInPrepareHeader
midiInReset
midiOutOpen
midiOutPrepareHeader
midiOutGetDevCapsW
midiInOpen
midiInUnprepareHeader
midiOutLongMsg
midiOutClose
midiOutGetNumDevs

kernel32

GetPrivateProfileStringW
GetSystemDefaultLangID
GetVersionExW
GetNativeSystemInfo
SetPriorityClass
GetCurrentProcess
SetThreadPriority
Sleep
GetCurrentThread
LoadLibraryA
GetThreadPriority
GetPriorityClass
SizeofResource
LockResource
LoadResource
FindResourceW
CreateDirectoryW
SetThreadAffinityMask
ReadFile
TryEnterCriticalSection
GetVolumeInformationW
FindFirstFileW
FindNextFileW
WriteFile
TerminateProcess
RemoveDirectoryW
GetModuleFileNameW
SetFilePointer
GetTempPathW
CreateMutexW
FindClose
GetLocaleInfoW
CreateFileW
GetFileAttributesW
GetCurrentThreadId
ReleaseMutex
GetSystemDirectoryW
UnmapViewOfFile
GetModuleHandleA
GetLogicalDriveStringsW
CreateEventW
FormatMessageW
GetFileAttributesExW
SetEvent
TerminateThread
QueryPerformanceFrequency
OutputDebugStringW
CloseHandle
ResetEvent
GetCurrentDirectoryW
SetCurrentDirectoryW
DeleteCriticalSection
ExitProcess
VerSetConditionMask
CopyFileW
VerifyVersionInfoW
QueryPerformanceCounter
MoveFileW
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
LocalFree
GlobalSize
GlobalAlloc
GlobalLock
GetCurrentProcessId
GlobalUnlock
CompareStringW
lstrlenW
DeviceIoControl
LocalAlloc
GetACP
GetStdHandle
GetModuleFileNameA
HeapFree
HeapReAlloc
HeapAlloc
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
LoadLibraryExW
RtlUnwind
RaiseException
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
GetCPInfo
GetStringTypeW
LCMapStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
DecodePointer
EncodePointer
GetLastError
WinExec
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
GetPrivateProfileIntW
EnterCriticalSection
WritePrivateProfileStringW
WideCharToMultiByte
MultiByteToWideChar
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
GetConsoleCP
GetConsoleMode
ReadConsoleW
GetProcessHeap
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpyW
GetDriveTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
SetFilePointerEx
WriteConsoleW
DeleteFileW
HeapSize

user32

WindowFromPoint
GetWindowPlacement
DestroyCursor
GetKeyboardState
SetCaretPos
GetActiveWindow
MessageBeep
SetWindowTextW
GetSystemMetrics
GetIconInfo
EnumDisplayMonitors
EnumChildWindows
MessageBoxW
IsWindowVisible
MapVirtualKeyW
GetMessagePos
GetUpdateRgn
GetSystemMenu
wsprintfW
SetWindowsHookExW
GetAsyncKeyState
CallNextHookEx
GetMessageW
GetDC
GetDesktopWindow
SetWindowLongW
RegisterClassExW
UnregisterClassW
CreateWindowExW
DestroyWindow
ShowWindow
RegisterWindowMessageW
GetCapture
DefWindowProcW
GetWindowLongW
MoveWindow
IsWindow
SendMessageW
SetWindowPos
GetWindowRect
GetWindow
CallWindowProcW
AttachThreadInput
GetWindowThreadProcessId
GetWindowTextW
TranslateMessage
SetFocus
EnumWindows
PeekMessageW
DispatchMessageW
GetFocus
SendMessageTimeoutW
PostMessageW
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
SetCursorPos
GetAncestor
InvalidateRect
SetForegroundWindow
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
ShowCaret
SetCursor
ToUnicode
SetClipboardData
SetCapture
DestroyCaret
LoadCursorW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
OpenClipboard
GetForegroundWindow
TrackMouseEvent
ScreenToClient
CreateCaret
RedrawWindow
DestroyIcon
GetWindowInfo
GetMonitorInfoW
CreateIconIndirect
CloseClipboard
EmptyClipboard
IsChild

gdi32

GetObjectW
RestoreDC
CreateRectRgn
GetPixel
CreateRectRgnIndirect
CreateBitmap
GetRegionData
ExcludeClipRect
CombineRgn
SaveDC
CreateDIBSection
GetDeviceCaps
GetOutlineTextMetricsW
CreateFontIndirectW
SetMapMode
RemoveFontMemResourceEx
DeleteObject
GetGlyphOutlineW
GetGlyphIndicesW
SetMapperFlags
DeleteDC
GetTextMetricsW
CreateCompatibleDC
GetKerningPairsW
SelectObject
StretchDIBits

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegCreateKeyExW
RegSetValueExW

shell32

SHGetMalloc
Shell_NotifyIconW
ord680
SHGetPathFromIDListW
SHBrowseForFolderW
ExtractAssociatedIconW
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CLSIDFromString
CoInitialize
OleUninitialize
OleInitialize
CoTaskMemAlloc
DoDragDrop
RegisterDragDrop
RevokeDragDrop
PropVariantClear
CoCreateInstance

netapi32

NetApiBufferFree
NetWkstaGetInfo

ws2_32

__WSAFDIsSet
closesocket
select
getaddrinfo
WSAStartup
send
socket
WSAGetLastError
setsockopt
ioctlsocket
freeaddrinfo
getsockopt
recv
connect

shlwapi

PathStripToRootW

imm32

ImmNotifyIME
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 562KB - Virtual size: 561KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8913fb95b80d590352052c0b2c5cb877

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

netapi32

ws2_32

shlwapi

imm32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 380KB - Virtual size: 380KB

.data Size: 97KB - Virtual size: 102KB

.gfids Size: 1024B - Virtual size: 572B

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 562KB - Virtual size: 561KB

.reloc Size: 99KB - Virtual size: 98KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 380KB - Virtual size: 380KB

.data
Size: 97KB - Virtual size: 102KB

.gfids
Size: 1024B - Virtual size: 572B

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 562KB - Virtual size: 561KB

.reloc
Size: 99KB - Virtual size: 98KB