6459bf5bc1e12bc197f286266cd341f94a58d997bd3d4ea80604e113eb8c14d7

Sharing

Copy URL Twitter E-mail

General

Target

6459bf5bc1e12bc197f286266cd341f94a58d997bd3d4ea80604e113eb8c14d7
Size

708KB
MD5

df6fa4a20d5684448c6b78f70fbcedde
SHA1

0ba0130056f9363f1b05a1536cec0a4a385542ec
SHA256

6459bf5bc1e12bc197f286266cd341f94a58d997bd3d4ea80604e113eb8c14d7
SHA512

93cbe4c8992f4fb5167220d37c3ee8d0acb9be18fa820f8df81824b1b7f308e4e6ad5c78306b3c107a195bd7a5d74e64a761c09364caaf32e0c60db96679c1a0
SSDEEP

12288:3lDawB1PfWqY2KAnIrKxgEThjDV16RMKjREOT3:35aZixgEJ6RMKjSOT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6459bf5bc1e12bc197f286266cd341f94a58d997bd3d4ea80604e113eb8c14d7

Files

6459bf5bc1e12bc197f286266cd341f94a58d997bd3d4ea80604e113eb8c14d7
.dll windows x86

8163585113141d3a6d6b4e4c6b180972

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathIsUNCA
PathStripToRootA
PathRemoveExtensionA
PathFindExtensionA
PathFindFileNameA

kernel32

FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
CreateFileA
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
CreateMutexA
ReleaseMutex
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoW
GetCurrentProcess
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetACP
GetStdHandle
Sleep
VirtualFree
HeapCreate
HeapDestroy
FatalAppExitA
ExitProcess
HeapSize
CreateThread
ExitThread
RtlUnwind
RaiseException
GetProcessHeap
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetAtomNameA
GetOEMCP
GetCPInfo
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalFlags
lstrcmpA
InterlockedIncrement
SetErrorMode
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetModuleFileNameA
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
lstrcmpW
GetProcAddress
GetVersionExA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetLastError
FindResourceA
SizeofResource
LockResource
LoadResource
IsDBCSLeadByte
GetModuleHandleA
OutputDebugStringA
MultiByteToWideChar
lstrcmpiW
CompareStringW
GetEnvironmentVariableA
lstrcmpiA
GetEnvironmentVariableW
GetStringTypeExW
InterlockedExchange
lstrlenA
GetStringTypeExA
CompareStringA
lstrlenW
GetVersion
GetLastError
WideCharToMultiByte
GetTimeZoneInformation
InterlockedCompareExchange

user32

DestroyIcon
DeleteMenu
ShowOwnedPopups
GetDialogBaseUnits
PostQuitMessage
DestroyMenu
GetMenuItemInfoA
LoadCursorA
GetSysColorBrush
UnregisterClassA
GetMessageA
ValidateRect
GetWindowThreadProcessId
InflateRect
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
CharLowerA
CharLowerW
CharUpperW
CharUpperA
GetDC
DrawTextA
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
MapVirtualKeyA
GetKeyNameTextA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetClientRect
FillRect
RedrawWindow
ReleaseDC
EnableWindow
SendMessageA
GetWindowRect
IsWindowVisible
LoadBitmapA
InvalidateRect
WindowFromPoint
ReleaseCapture
DrawEdge
SetCursor
ClientToScreen
LoadImageA
DestroyCursor
DrawFocusRect
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetMenu
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
CopyRect
TranslateMessage
GetDesktopWindow
GetSysColor
GetCapture
GetCursorPos
SetWindowRgn
SetDlgItemTextA

gdi32

OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
GetWindowExtEx
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
CreateFontIndirectA
SetRectRgn
GetMapMode
DPtoLP
GetTextExtentPoint32A
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
GetViewportExtEx
SelectClipPath
SelectObject
DeleteObject
SetTextColor
CreateSolidBrush
CreateFontA
BitBlt
SetBkColor
CreateBitmap
CreateCompatibleDC
GetObjectA
GetPixel
CreateRectRgn
StretchBlt
GetTextMetricsA
CombineRgn
GetStockObject
DeleteDC
ExtTextOutA
SelectClipRgn
CreateCompatibleBitmap
GetDeviceCaps
CopyMetaFileA
CreateDCA
GetDCOrgEx
GetClipBox
CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
SetColorAdjustment
GetClipRgn
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
StartDocA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

shell32

ExtractIconA
SHGetFileInfoA

ole32

ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
CoTaskMemAlloc
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoDisconnectObject
OleDuplicateData
CoCreateInstance
StringFromGUID2
CLSIDFromString
ReadFmtUserTypeStg

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
VariantClear
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
SafeArrayAllocData

comctl32

_TrackMouseEvent

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

Exports

Exports

CheckModule
ClearModule
InitModule
LoadImplObjects

Sections

.text
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8163585113141d3a6d6b4e4c6b180972

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

oleacc

Exports

Exports

Sections

.text Size: 520KB - Virtual size: 517KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 36KB - Virtual size: 33KB

.text
Size: 520KB - Virtual size: 517KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 36KB - Virtual size: 33KB