f4c2ec608b29d844eeca6f8815595ada14069686c84ebce77b18f738b9278552

Sharing

Copy URL Twitter E-mail

General

Target

f4c2ec608b29d844eeca6f8815595ada14069686c84ebce77b18f738b9278552
Size

5.8MB
MD5

a60f23f138106411cfcb95f3a06a9a59
SHA1

379f01d749078c69cd258a146762259ab644450a
SHA256

f4c2ec608b29d844eeca6f8815595ada14069686c84ebce77b18f738b9278552
SHA512

eb3765c42470b5bde5c8e51ce38d3d2663348cc46e8562254942abc44e8ed52d811af65d7cfb178fb6aa9dfee2634586db74dc3ab0c7e8e45b57590600afd871
SSDEEP

49152:zuiO+qI7OxYLFa4FdqKmSqyOGKqhUWdNzOzLuQJQa3Nqqqq3qqqqcqq2qqqvqqqO:BwILbFdqKh4qTxRm9r2p3r+4rVmcqi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4c2ec608b29d844eeca6f8815595ada14069686c84ebce77b18f738b9278552

Files

f4c2ec608b29d844eeca6f8815595ada14069686c84ebce77b18f738b9278552
.exe windows x86

b10ee01630c3d09a32edaca6b97550eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
LoadLibraryA
SetLastError
CompareStringA
LocalFree
FormatMessageA
GlobalAlloc
GlobalSize
lstrlenW
MulDiv
FindClose
FindFirstFileA
FindNextFileA
EnumResourceLanguagesA
ConvertDefaultLocale
GetLocaleInfoA
GetCurrentThread
lstrcmpA
InterlockedExchange
SetEvent
LocalAlloc
GetModuleFileNameW
InterlockedDecrement
GetHandleInformation
DuplicateHandle
GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
GetShortPathNameA
GetFileSizeEx
GetFileTime
GlobalFlags
SetErrorMode
GetAtomNameA
VirtualProtect
GetProfileIntA
GetCPInfo
GetOEMCP
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetModuleHandleW
GetTempFileNameA
GetDiskFreeSpaceA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
PulseEvent
ResetEvent
FindResourceExA
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
WaitForMultipleObjects
RtlUnwind
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
SetStdHandle
GetFileType
DebugBreak
GetStdHandle
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
FatalAppExitA
SetConsoleCtrlHandler
LoadLibraryW
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
GetProcessHeap
GetTimeFormatA
GetDateFormatA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
GetTimeZoneInformation
OpenEventA
FileTimeToLocalFileTime
OpenFileMappingA
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
GlobalLock
GlobalUnlock
GetLocalTime
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileInformationByHandle
FileTimeToSystemTime
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
WinExec
CreateDirectoryA
GetFileSize
ReadFile
CreateEventA
SetFileAttributesA
RemoveDirectoryA
Beep
GetTickCount
CreateThread
GetTempPathA
MoveFileExA
CopyFileA
GetCurrentProcessId
OpenProcess
CreateProcessA
lstrcpyA
MultiByteToWideChar
SetCurrentDirectoryA
lstrlenA
CreateFileA
WriteFile
FreeResource
GetCommandLineW
WaitForSingleObject
CloseHandle
DeleteFileA
GetCurrentDirectoryA
GetModuleFileNameA
GetLogicalDrives
GetDriveTypeA
GetModuleHandleA
GetProcAddress
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GlobalFree
GetLastError

user32

GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetMenuItemID
InsertMenuA
AppendMenuA
GetMenuStringA
GetMenuState
GetMenuItemCount
IsMenu
RemoveMenu
GetSysColorBrush
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawTextA
DrawTextExA
GetTabbedTextExtentA
GrayStringA
ScrollDC
CreateMenu
CreatePopupMenu
DeleteMenu
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
InsertMenuItemA
ModifyMenuA
LoadMenuIndirectA
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
GetCursorPos
GetKeyNameTextA
MapVirtualKeyA
TranslateMessage
GetMessageA
GetWindowThreadProcessId
PtInRect
ReleaseCapture
WaitMessage
CharUpperA
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
SetRectEmpty
GetDialogBaseUnits
GetAsyncKeyState
GetClipboardFormatNameA
CopyAcceleratorTableA
CharNextA
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
MsgWaitForMultipleObjects
InSendMessage
IsClipboardFormatAvailable
IsRectEmpty
SetRect
InflateRect
UnionRect
SubtractRect
DispatchMessageW
GetMessageW
IsWindowUnicode
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
GetDlgCtrlID
SetWindowsHookExA
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
TabbedTextOutA
OpenIcon
CloseWindow
LoadIconA
LoadCursorA
CheckRadioButton
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
MapDialogRect
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
GetCapture
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
DragDetect
EndDialog
GetActiveWindow
SetActiveWindow
EnableWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
SetWindowPos
SetWindowRgn
GetMenu
ReleaseDC
GetWindowDC
LoadImageA
DestroyMenu
DestroyCursor
DestroyIcon
SetCursor
PostMessageA
TrackPopupMenuEx
SendMessageA
GetSubMenu
GetSysColor
GetDC
CreateIconIndirect
GetIconInfo
LoadMenuA
RedrawWindow
SetWindowLongA
GetWindowLongA
IsWindow
MessageBoxA
GetFocus
AdjustWindowRectEx
CreateIconFromResource
wsprintfA
GetSystemMetrics
CallNextHookEx
SetLayeredWindowAttributes
PostQuitMessage
PeekMessageA
GetDesktopWindow
CheckDlgButton
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
DispatchMessageA
SetFocus
EqualRect
DeferWindowPos
BeginDeferWindowPos
PostThreadMessageA
CopyRect

gdi32

InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
StretchBlt
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
ExtTextOutA
GetDCOrgEx
GetClipBox
CopyMetaFileA
CreateDCA
GetDeviceCaps
UnrealizeObject
GetObjectType
CreatePen
CreatePenIndirect
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
FrameRgn
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateFontA
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
DeleteObject
SelectObject
CombineRgn
CreateRectRgn
GetDIBits
GetObjectA
GetStockObject
DeleteDC
SetTextColor
BitBlt
SetBkColor
CreateCompatibleDC
CreateBitmap
SetPixel
GetPixel
CreateCompatibleBitmap
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetViewportOrgEx
GetWorldTransform
GetRegionData
SetRectRgn
EqualRgn
OffsetRgn
GetGraphicsMode
GetMapMode
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetBkColor
UpdateColors
RealizePalette
GetNearestColor
EnumObjects
SetBrushOrgEx
CreatePatternBrush
CreateMetaFileA
DeleteMetaFile
EnumFontFamiliesExA
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
GetRgnBox
PtInRegion
RectInRegion
CreateICA
GetBrushOrgEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc

advapi32

SetThreadToken
RegCloseKey
RegSetValueA
IsTextUnicode
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
SetFileSecurityA
GetFileSecurityA
RegDeleteValueA
RegQueryValueExA
RevertToSelf
OpenThreadToken
RegSetValueExA
RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA

shell32

ShellExecuteExA
SHGetSpecialFolderPathA
DragAcceptFiles
SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
CommandLineToArgvW

ole32

CreateItemMoniker
CreateGenericComposite
CreateFileMoniker
GetClassFile
CoGetMalloc
OleFlushClipboard
StgOpenStorage
StgIsStorageFile
OleLockRunning
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
OleSave
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleRegEnumVerbs
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
CoReleaseMarshalData
CoMarshalInterface
CoUnmarshalInterface
OleSetClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CoUninitialize
OleUninitialize
OleInitialize
OleRun
CoRevokeClassObject
CoRegisterClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoDisconnectObject
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
StgCreateDocfile

comctl32

_TrackMouseEvent

shlwapi

PathRemoveExtensionA
PathFindExtensionA
PathIsUNCA
PathStripToRootA
PathFindFileNameA
UrlUnescapeA
PathRemoveFileSpecW

oledlg

ord3
ord7
ord6
ord5
ord9
ord4
ord8

urlmon

URLDownloadToFileA

winmm

PlaySoundA

wininet

InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetGetCookieA
InternetSetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
DeleteUrlCacheEntry
InternetOpenUrlA
HttpQueryInfoA
InternetCloseHandle
InternetReadFile
GopherCreateLocatorA
GopherGetAttributeA
GopherOpenFileA
InternetErrorDlg
HttpAddRequestHeadersA
HttpEndRequestA
HttpSendRequestExA
FtpFindFirstFileA
InternetFindNextFileA
GopherFindFirstFileA
InternetGetLastResponseInfoA
GopherGetLocatorTypeA
FtpPutFileA
FtpCommandA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpDeleteFileA
FtpRenameFileA
FtpCreateDirectoryA
FtpRemoveDirectoryA
FtpSetCurrentDirectoryA
FtpGetFileA

ws2_32

WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
inet_addr
htons
accept
getpeername
WSAGetLastError
WSAStartup
WSASetLastError
WSACleanup
setsockopt
getsockopt
bind
ioctlsocket
shutdown
connect
select
socket
recvfrom
inet_ntoa
getsockname
ntohs
sendto
listen

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

comdlg32

GetFileTitleA

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString
SafeArrayGetDim
SafeArrayGetElemsize
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VariantClear
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
OleCreateFontIndirect
SafeArrayCreateVector
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
VarCyFromStr

Sections

.textbss
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b10ee01630c3d09a32edaca6b97550eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

oledlg

urlmon

winmm

wininet

ws2_32

oleacc

winspool.drv

comdlg32

oleaut32

Sections

.textbss Size: - Virtual size: 1.0MB

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 371KB - Virtual size: 371KB

.data Size: 22KB - Virtual size: 88KB

.idata Size: 26KB - Virtual size: 26KB

.rsrc Size: 3.1MB - Virtual size: 3.1MB

.reloc Size: 124KB - Virtual size: 123KB

.textbss
Size: - Virtual size: 1.0MB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 371KB - Virtual size: 371KB

.data
Size: 22KB - Virtual size: 88KB

.idata
Size: 26KB - Virtual size: 26KB

.rsrc
Size: 3.1MB - Virtual size: 3.1MB

.reloc
Size: 124KB - Virtual size: 123KB