a6110a834ac6ebed9e0f8f7ae26b550d7537a5d96e75adf599d3fbdce412a600

Sharing

Copy URL Twitter E-mail

General

Target

a6110a834ac6ebed9e0f8f7ae26b550d7537a5d96e75adf599d3fbdce412a600
Size

15.0MB
MD5

16e456af7459b1b4dd27e1cc4ec81329
SHA1

651e574d5f1455a97351fc152532f25f93482aaa
SHA256

a6110a834ac6ebed9e0f8f7ae26b550d7537a5d96e75adf599d3fbdce412a600
SHA512

6d5007ba48233718d8c41c0f2ca4a0ab863f9821bcba7b0ba79c0c640eaca23a2f3ab03de1f76b2b66aabb4ff3ace0844390bee740215fc106b9e7e82db0df91
SSDEEP

393216:5kDJpST0pSnnDJWgGtxrrVqYSsj3vHYuEqrI8vZCOAps:5kVpSUSnVD4rrVqYSsj3v4PqrpX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6110a834ac6ebed9e0f8f7ae26b550d7537a5d96e75adf599d3fbdce412a600

Files

a6110a834ac6ebed9e0f8f7ae26b550d7537a5d96e75adf599d3fbdce412a600
.exe windows x86

d465f9bf1c28f468761e6309cc649859

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
SuspendThread
ResumeThread
Sleep
CreateMutexW
ReleaseMutex
CreateEventW
SetEvent
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
SetStdHandle
GetConsoleMode
GetConsoleCP
LoadLibraryA
lstrcmpiW
GetModuleHandleA
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetModuleFileNameA
GetStdHandle
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree
HeapCreate
RtlUnwind
GetStartupInfoW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
lstrcpynW
InterlockedDecrement
FormatMessageW
InterlockedIncrement
GlobalAlloc
LocalFileTimeToFileTime
SystemTimeToFileTime
MulDiv
GetCurrentDirectoryW
GlobalUnlock
GetTickCount
GetModuleHandleW
GlobalLock
FreeResource
GetSystemDefaultLangID
lstrlenW
MultiByteToWideChar
GetACP
SetFileTime
GetFileSize
WriteFile
FlushFileBuffers
SetFilePointer
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ReadFile
CreateProcessW
CreatePipe
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
FindNextFileW
CreateFileW
GetLocalTime
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
LocalFree
CreateDirectoryW
WideCharToMultiByte
GetModuleFileNameW
FindFirstFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetEnvironmentVariableW
lstrcatW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
ExitProcess
GetCurrentProcess
CloseHandle
OpenMutexW
GetExitCodeProcess
WaitForSingleObject
GetLastError
OutputDebugStringW
GetCurrentProcessId
GetCurrentThreadId
GetTempPathW
GetSystemDirectoryW
FindClose
WritePrivateProfileStringA
FindNextFileA
FindFirstFileA
GetProcAddress
LoadLibraryW
CopyFileW
InitializeCriticalSectionAndSpinCount

user32

UpdateLayeredWindow
GetWindowRgn
MoveWindow
ClientToScreen
HideCaret
TrackPopupMenu
ShowCaret
AppendMenuW
EnableMenuItem
SetWindowTextW
CreatePopupMenu
CreateCaret
SetCaretPos
GetWindowTextW
GetWindowTextLengthW
GetGUIThreadInfo
CreateAcceleratorTableW
InvalidateRgn
wsprintfA
PostMessageW
GetDesktopWindow
MessageBoxW
DispatchMessageW
GetWindow
DefWindowProcW
CallWindowProcW
DrawTextA
EqualRect
IsWindowEnabled
GetKeyNameTextW
MapVirtualKeyExW
GetKeyboardLayout
SetForegroundWindow
GetCaretPos
DestroyMenu
GetCaretBlinkTime
FillRect
DrawTextW
GetMonitorInfoW
GetPropW
EnableWindow
SendMessageW
RegisterClassW
CreateWindowExW
IsWindow
ShowWindow
SetWindowPos
SetWindowLongW
MonitorFromWindow
GetWindowLongW
RegisterClassExW
TranslateMessage
SetPropW
GetClassInfoExW
SetFocus
GetClientRect
LoadCursorW
GetParent
LoadImageW
PostQuitMessage
GetMessageW
GetWindowRect
UnionRect
OffsetRect
InflateRect
SetCursor
IsRectEmpty
MapWindowPoints
IsWindowVisible
ReleaseCapture
GetActiveWindow
GetCursorPos
GetSysColor
ReleaseDC
InvalidateRect
IntersectRect
GetDC
GetUpdateRect
CharPrevW
SetRect
SetWindowRgn
EndPaint
PtInRect
BeginPaint
GetFocus
GetKeyState
DestroyWindow
SetTimer
ScreenToClient
CharNextW
IsIconic
SetCapture
KillTimer
IsZoomed

gdi32

CreateFontIndirectW
GetDeviceCaps
RemoveFontMemResourceEx
GetEnhMetaFileHeader
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
SaveDC
GetObjectW
AddFontMemResourceEx
DeleteDC
CreateDIBitmap
GetStockObject
CloseEnhMetaFile
CreateEnhMetaFileW
RestoreDC
CreateRectRgn
PtInRegion
CreatePatternBrush
GetTextExtentPointA
SetBitmapBits
GetBitmapBits
GetTextMetricsW
BitBlt
SetWindowOrgEx
CreateRoundRectRgn
CreateSolidBrush
TextOutW
GetObjectA
ExtSelectClipRgn
RoundRect
GetClipBox
SetStretchBltMode
GetCharABCWidthsW
CombineRgn
CreateRectRgnIndirect
CreatePenIndirect
SelectClipRgn
SetBkMode
GdiFlush
SetBkColor
StretchBlt
CreateDIBSection
SetTextColor
LineTo
GetTextExtentPoint32W
CreatePen
PlayEnhMetaFile
MoveToEx

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegCreateKeyExW
RegOpenKeyW
RegCloseKey
RegQueryValueExW
OpenProcessToken
SetSecurityInfo
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
CreateProcessWithLogonW

shell32

DragQueryFileW
ShellExecuteExW

ole32

CLSIDFromString
CLSIDFromProgID
OleLockRunning
ReleaseStgMedium
CreateStreamOnHGlobal
RegisterDragDrop
OleDuplicateData
DoDragDrop
CoCreateInstance

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

shlwapi

PathIsDirectoryW

comctl32

ord17
_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipImageGetFrameCount
GdipGetImageWidth
GdipImageGetFrameDimensionsCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipGetImageHeight
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipCreateFontFromDC
GdipDrawRectangleI
GdipDeleteStringFormat
GdipCreatePen1
GdipSetStringFormatTrimming
GdipCloneImage
GdipFillRectangleI
GdipStringFormatGetGenericTypographic
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCloneStringFormat
GdipDrawString
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatAlign
GdipDeleteGraphics
GdipDeleteFont
GdipSetPenMode
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipMeasureString
GdipCreateFontFromLogfontA
GdipDeletePen
GdipFree
GdipDeleteBrush
GdipLoadImageFromStream
GdipSetStringFormatFlags
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

ws2_32

gethostname
WSAStartup
gethostbyname

Sections

.text
Size: 645KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d465f9bf1c28f468761e6309cc649859

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

imm32

ws2_32

Sections

.text Size: 645KB - Virtual size: 644KB

.rdata Size: 127KB - Virtual size: 126KB

.data Size: 13KB - Virtual size: 23KB

.rsrc Size: 265KB - Virtual size: 265KB

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 645KB - Virtual size: 644KB

.rdata
Size: 127KB - Virtual size: 126KB

.data
Size: 13KB - Virtual size: 23KB

.rsrc
Size: 265KB - Virtual size: 265KB

.reloc
Size: 40KB - Virtual size: 40KB