add33120565cf99505180dfc689d23ac489bbcd1ac04ac227e08bc78940c3d31

Sharing

Copy URL Twitter E-mail

General

Target

add33120565cf99505180dfc689d23ac489bbcd1ac04ac227e08bc78940c3d31
Size

1.2MB
MD5

3e95dfabc1e2d79f6bc61b492682fa68
SHA1

158da326788a9cb157548ca0fbb293bc497cfeee
SHA256

add33120565cf99505180dfc689d23ac489bbcd1ac04ac227e08bc78940c3d31
SHA512

8d1159f8437591ce56621c126e3c68f1019d491623c01f72bf97db91a28c068c03f9504e991bc66384f9b2b849704a1698cc10a42e5fce658ac5e88070de381b
SSDEEP

12288:ytV9iPOzS0sdvSWi6xtSckPkOzmwzeJmtOOxwBBccGX4iquaeLY4kbn7DuJNAxNE:y40s/nkPkO6wzeJmW3DDbnv3Tf4IL+q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
add33120565cf99505180dfc689d23ac489bbcd1ac04ac227e08bc78940c3d31

Files

add33120565cf99505180dfc689d23ac489bbcd1ac04ac227e08bc78940c3d31
.exe windows x86

ab364ab8ffa71360dbc3a275814dcb3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetStdHandle
GetCurrentDirectoryW
FlushFileBuffers
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapReAlloc
HeapAlloc
HeapFree
GetFullPathNameA
GetFullPathNameW
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetACP
GetStdHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
LoadLibraryExW
RtlUnwind
RaiseException
LockResource
LCMapStringW
CompareStringW
WideCharToMultiByte
TlsFree
InitializeCriticalSectionAndSpinCount
SetLastError
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryA
GetSystemDirectoryA
GetModuleFileNameA
GetModuleHandleA
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThread
GetCurrentProcess
Sleep
CreateMutexA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DuplicateHandle
FreeResource
CreateFileW
GetModuleFileNameW
MulDiv
ReadFile
WriteFile
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
VerifyVersionInfoW
VerSetConditionMask
GetFileAttributesW
FindResourceW
LoadLibraryW
OpenMutexW
CreateMutexW
SizeofResource
LoadResource
ReleaseMutex
GetLastError
GetCurrentThreadId
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
FreeLibrary
GetFileSize
CloseHandle
WaitForSingleObject
GetLocaleInfoW
TerminateThread
SetEnvironmentVariableA
GetProcessHeap
WriteConsoleW
SetEndOfFile
GetTimeZoneInformation
HeapSize
GetOEMCP

user32

ReleaseDC
CallWindowProcW
CreateWindowExW
ShowWindow
GetAsyncKeyState
GetMenu
DrawMenuBar
EnableMenuItem
GetSubMenu
GetSystemMetrics
GetMenuItemCount
GetWindowTextW
SetWindowPos
GetDC
PostMessageW
EnableWindow
SetWindowLongW
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
SetFocus
GetDlgItemTextW
GetParent
RegisterHotKey
UnregisterHotKey
LoadStringW
SetDlgItemTextW
GetDlgItem
EndDialog
DialogBoxParamW
SendMessageW
GetMenuItemID
IsDialogMessageW
LoadIconW
LoadCursorW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
GetClassNameW
EnumWindows
GetWindowLongW
PtInRect
SetRect
FillRect
ScreenToClient
ClientToScreen
GetCursorPos
MessageBoxExW
AdjustWindowRect
GetWindowRect
GetClientRect
SetWindowTextW
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetMenuItemRect
TrackPopupMenu
DeleteMenu
RemoveMenu
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
SetMenu
TranslateAcceleratorW
LoadAcceleratorsW
KillTimer
SetTimer
GetDlgItemInt
SetDlgItemInt
IsZoomed
IsIconic
IsWindowVisible
SetLayeredWindowAttributes
UpdateLayeredWindow
DestroyWindow
IsWindow
RegisterClassExW
PostQuitMessage
DefWindowProcW
AttachThreadInput
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
InvalidateRect

gdi32

CreateDIBSection
SetTextColor
SetBkMode
SetDCBrushColor
SetBkColor
SelectObject
GetStockObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
TextOutW
GetTextExtentPoint32W
DeleteObject
CreateFontIndirectW
GetObjectW
GetDeviceCaps
CreateFontW

comdlg32

ChooseColorW
FindTextW
ChooseFontW
GetOpenFileNameW

shell32

DragQueryFileW
DragFinish
Shell_NotifyIconW

ole32

StringFromGUID2
CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

gdiplus

GdipDrawImageRectRect
GdipFillRectangleI
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipDeleteBrush
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc

msimg32

AlphaBlend

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathFileExistsW
ord12

comctl32

ord413
ord412
ord410
ord17
CreateStatusWindowW

ws2_32

listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
closesocket
connect
ioctlsocket
getsockopt
htonl
htons
inet_addr
inet_ntoa
ntohs
getservbyport
recv
select
send
socket
gethostbyaddr
gethostbyname
getservbyname

Sections

.text
Size: 672KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 195KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab364ab8ffa71360dbc3a275814dcb3a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

gdiplus

msimg32

version

shlwapi

comctl32

ws2_32

Sections

.text Size: 672KB - Virtual size: 671KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 195KB - Virtual size: 206KB

.rsrc Size: 176KB - Virtual size: 176KB

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 672KB - Virtual size: 671KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 195KB - Virtual size: 206KB

.rsrc
Size: 176KB - Virtual size: 176KB

.reloc
Size: 32KB - Virtual size: 32KB