375636042b9e25898f18ba8166bfd7576380fbc9b469f0e47f7f60e508c3a222

Sharing

Copy URL Twitter E-mail

General

Target

375636042b9e25898f18ba8166bfd7576380fbc9b469f0e47f7f60e508c3a222
Size

2.8MB
MD5

ecb436e8673c58d077fe45769969b119
SHA1

64d3301b6e8337eae38bd9065497e7c58609dc3b
SHA256

375636042b9e25898f18ba8166bfd7576380fbc9b469f0e47f7f60e508c3a222
SHA512

0de82ef0c6ba9492f118e3c13a9e13d7c72e67a70ace9f4b67e969ab7c953a38da20109c22ad6362ffe1ba78568eb7e2a90c4ca3dceb1dd5248dc7970c236a66
SSDEEP

49152:sKDDvYcM5kefdwHEc08SDBXJRGzs4o8TSsCoFPTMDxLNeRW:n/vYcM5kefdYEwS1X/Gg4ThMDxL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
375636042b9e25898f18ba8166bfd7576380fbc9b469f0e47f7f60e508c3a222

Files

375636042b9e25898f18ba8166bfd7576380fbc9b469f0e47f7f60e508c3a222
.exe windows x86

f04871c6a8261f031e0a29e034e63c2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExW
SetStdHandle
GetCurrentDirectoryW
FlushFileBuffers
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapReAlloc
HeapAlloc
HeapFree
SetConsoleCtrlHandler
GetFullPathNameA
GetFullPathNameW
GetConsoleCP
GetACP
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
LoadLibraryExW
RtlUnwind
RaiseException
ReadConsoleW
IsValidCodePage
SetConsoleMode
GetConsoleMode
GetEnvironmentVariableW
ConvertThreadToFiber
ConvertFiberToThread
GetFileType
ReleaseMutex
FindNextFileW
FindFirstFileW
MultiByteToWideChar
GetModuleHandleExW
CreateFiber
DeleteFiber
SwitchToFiber
SystemTimeToFileTime
GetSystemTime
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
InitializeCriticalSectionAndSpinCount
SetLastError
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
WriteConsoleW
SetEndOfFile
GetTimeZoneInformation
HeapSize
CreateMutexW
CreateEventW
FreeResource
LockResource
ReadConsoleA
VerifyVersionInfoW
VerSetConditionMask
DeleteFileW
GetFileAttributesW
SetFileAttributesW
CreateDirectoryW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryA
GetSystemDirectoryA
GetModuleFileNameA
GetModuleHandleA
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThread
GetCurrentProcess
Sleep
CreateMutexA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateThread
InitializeCriticalSection
DuplicateHandle
SetEvent
CreateFileW
WideCharToMultiByte
FindResourceW
LoadLibraryW
OpenMutexW
SizeofResource
LoadResource
GetLastError
GlobalFree
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
FindClose
GetModuleFileNameW
MulDiv
FreeLibrary
ReadFile
WriteFile
GetFileSize
CloseHandle
WaitForSingleObject
GetStdHandle

user32

GetProcessWindowStation
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
SetFocus
EnableWindow
PostMessageW
CreatePopupMenu
DestroyMenu
InsertMenuW
MessageBoxW
GetUserObjectInformationW
LoadStringW
GetDC
SetWindowPos
GetSystemMetrics
ReleaseDC
CallWindowProcW
CreateWindowExW
ShowWindow
GetAsyncKeyState
GetMenu
DrawMenuBar
EnableMenuItem
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetWindowTextW
SetWindowLongW
GetParent
EndDialog
DialogBoxParamW
SendMessageW
TrackPopupMenu
RegisterHotKey
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
IsDialogMessageW
LoadIconW
LoadCursorW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
GetClassNameW
EnumWindows
GetWindowLongW
PtInRect
SetRect
FillRect
ScreenToClient
ClientToScreen
GetCursorPos
MessageBoxExW
AdjustWindowRect
GetWindowRect
GetClientRect
SetWindowTextW
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetMenuItemRect
SetMenuItemBitmaps
DeleteMenu
RemoveMenu
AppendMenuW
CreateMenu
SetMenu
TranslateAcceleratorW
LoadAcceleratorsW
KillTimer
SetTimer
GetDlgItemInt
SetDlgItemInt
IsZoomed
IsIconic
IsWindowVisible
SetLayeredWindowAttributes
UpdateLayeredWindow
DestroyWindow
IsWindow
RegisterClassExW
PostQuitMessage
DefWindowProcW
AttachThreadInput
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
InvalidateRect
UnregisterHotKey

gdi32

CreateDIBSection
SetTextColor
SetBkMode
SetDCBrushColor
SetBkColor
SelectObject
GetStockObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
TextOutW
GetTextExtentPoint32W
DeleteObject
CreateFontIndirectW
GetObjectW
GetDeviceCaps
CreateFontW

comdlg32

GetSaveFileNameW
ChooseColorW
FindTextW
ChooseFontW
GetOpenFileNameW

shell32

DragQueryFileW
DragFinish
Shell_NotifyIconW
ShellExecuteW

ole32

StringFromGUID2
CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

gdiplus

GdipAlloc
GdipDrawImageRectRect
GdipFillRectangleI
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipDeleteBrush
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipCreateImageAttributes

msimg32

AlphaBlend

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
ord12
PathFileExistsW

comctl32

CreateStatusWindowW
ord410
ord412
ord413
ord17

crypt32

CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertOpenStore

bcrypt

BCryptGenRandom

advapi32

CryptReleaseContext
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptSetHashParam
CryptDestroyKey
CryptGetProvParam
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW

ws2_32

shutdown
listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
getservbyport
gethostbyname
gethostbyaddr
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
htonl
getsockopt
ioctlsocket
connect
closesocket
__WSAFDIsSet
socket
getservbyname

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 210KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f04871c6a8261f031e0a29e034e63c2f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

gdiplus

msimg32

version

shlwapi

comctl32

crypt32

bcrypt

advapi32

ws2_32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 560KB - Virtual size: 560KB

.data Size: 210KB - Virtual size: 257KB

.rsrc Size: 176KB - Virtual size: 176KB

.reloc Size: 86KB - Virtual size: 86KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 560KB - Virtual size: 560KB

.data
Size: 210KB - Virtual size: 257KB

.rsrc
Size: 176KB - Virtual size: 176KB

.reloc
Size: 86KB - Virtual size: 86KB