ff645e20a499deb2f0d43c4771688cdc3dd7ab5167a4d70045de5ecb776fccf2

Sharing

Copy URL

Twitter E-mail

General

Target

ff645e20a499deb2f0d43c4771688cdc3dd7ab5167a4d70045de5ecb776fccf2
Size

1.8MB
MD5

68b5fa6e339df8d3f0f1664544eee223
SHA1

1050104695b20e0cdbfdd83ae67d57c2b1e7cb7a
SHA256

ff645e20a499deb2f0d43c4771688cdc3dd7ab5167a4d70045de5ecb776fccf2
SHA512

cfc49d2609e6e146f37d19a78beae7a83354cf6410b07384d432a403c19fef3cb1d830b2dd537386836888cf65b26f21dc656f09d8fae26a2c71102237d71a62
SSDEEP

12288:Kk4KuoyrDIHbAy7mYFmkIHOK+gvNgCS6JhML1lzFAlOotng5KeceAWTHWWr5i3Fw:l4KuoYDsAySYbWHKCVe1lzFAsotcTH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff645e20a499deb2f0d43c4771688cdc3dd7ab5167a4d70045de5ecb776fccf2

Files

ff645e20a499deb2f0d43c4771688cdc3dd7ab5167a4d70045de5ecb776fccf2
.exe windows x86

7a44a8ae2778ad70d696a456ad2ffc3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
CompareStringA
CompareStringW
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetEnvironmentStringsW
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetDriveTypeA
GetLocaleInfoW
GetACP
GetOEMCP
SetEnvironmentVariableA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FindResourceA
GlobalAddAtomA
GetProfileStringA
InterlockedExchange
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapSize
ExitThread
CreateThread
HeapReAlloc
GetDriveTypeW
RaiseException
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
GetStartupInfoW
SetErrorMode
FindResourceExW
GetCurrentDirectoryW
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindNextFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
FindFirstFileW
FindClose
UnlockFile
LockFile
SetFilePointer
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GlobalFlags
lstrcmpiW
lstrcmpA
lstrcmpiA
GetCurrentThread
GlobalGetAtomNameW
SuspendThread
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
LoadLibraryA
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GlobalFree
FindResourceW
lstrlenA
InterlockedDecrement
InterlockedIncrement
MulDiv
GetModuleHandleA
SetLastError
SizeofResource
LoadResource
LockResource
SetCurrentDirectoryW
FlushFileBuffers
WriteFile
ReadFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
WritePrivateProfileStringW
GetPrivateProfileIntW
GetWindowsDirectoryW
GetTickCount
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetThreadPriority
SetEvent
CreateEventW
CreateProcessW
TerminateProcess
GetExitCodeProcess
CloseHandle
GetPrivateProfileStringW
GetCurrentProcess
GetTempPathW
CreateDirectoryW
GetFileAttributesExW
GetShortPathNameW
GetLastError
LocalFree
MoveFileW
DeleteFileW
GlobalAlloc
Sleep
GetModuleHandleW
GlobalLock
GlobalUnlock
lstrlenW
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
lstrcpyW
WaitForSingleObject
ResumeThread
IsBadReadPtr
lstrcmpW

user32

IsChild
WinHelpW
GetClassInfoW
RegisterClassW
TrackPopupMenu
GetWindowTextLengthW
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
wsprintfW
UnhookWindowsHookEx
EndPaint
BeginPaint
GetWindowDC
GetMessageW
PeekMessageW
TranslateMessage
DispatchMessageW
GetMenuStringW
FindWindowW
ExitWindowsEx
DestroyIcon
GetWindowTextW
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
DrawFocusRect
IsWindowEnabled
SetFocus
RegisterWindowMessageW
GetWindow
GetDlgCtrlID
SetWindowPos
GetMenuItemCount
DrawFrameControl
LoadIconW
KillTimer
SetTimer
ReleaseDC
CreatePopupMenu
GetMessagePos
RedrawWindow
OffsetRect
RemovePropW
GetPropW
CallWindowProcW
GetWindowLongW
SetPropW
SetWindowLongW
SendDlgItemMessageA
DestroyCursor
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
MessageBoxW
GetMenuItemID
GetMenuDefaultItem
GetCursorPos
ReleaseCapture
GetCapture
SetCursorPos
SetCursor
SetCapture
GrayStringW
DrawTextW
TabbedTextOutW
BeginDeferWindowPos
EndDeferWindowPos
GetKeyState
DeleteMenu
ClientToScreen
ScreenToClient
PtInRect
SendDlgItemMessageW
CheckDlgButton
SetWindowTextW
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
SetParent
InflateRect
GetFocus
GetSysColor
GetParent
UpdateWindow
PostMessageW
TrackPopupMenuEx
InvalidateRect
IsIconic
SetForegroundWindow
CheckMenuItem
IsWindowVisible
SetClassLongW
GetSystemMenu
InsertMenuW
GetMenu
SetMenu
DestroyMenu
LoadMenuW
GetDC
CopyRect
GetWindowRect
IsWindow
GetClientRect
GetSubMenu
SetMenuDefaultItem
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
LoadBitmapW
SendMessageW
EnableWindow
GetSystemMetrics
GetTopWindow
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetWindowTextA
MapWindowPoints
LockWindowUpdate
GetDCEx
PostThreadMessageW
CharUpperW
GetSysColorBrush
GetClassNameW
LoadStringW
SetRect
MapDialogRect
GetAsyncKeyState
RegisterClipboardFormatW
ShowOwnedPopups
PostQuitMessage
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
GetDesktopWindow
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
ValidateRect
WindowFromPoint
wvsprintfW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
EnableMenuItem
ShowWindow
MoveWindow
LoadCursorW
IsDialogMessageW

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetMapMode
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
SetRectRgn
GetCharWidthW
CreateFontW
GetTextMetricsW
EnumFontFamiliesExW
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
SetBkColor
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
RestoreDC
CreateDIBSection
DeleteDC
PatBlt
DeleteObject
SelectObject
GetBkMode
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleBitmap
GetBkColor
GetTextColor
GetTextExtentPoint32W
CreateCompatibleDC
CreateBitmap
GetStockObject
GetObjectW
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
CreateFontIndirectW

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegCloseKey

shell32

DragAcceptFiles
SHGetSpecialFolderPathW
ExtractIconW
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetMalloc
DragQueryFileW
ShellExecuteW
DragFinish
SHGetDesktopFolder

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_GetImageInfo
ImageList_Draw
ImageList_AddMasked
ImageList_GetImageCount
_TrackMouseEvent
ImageList_SetBkColor
ImageList_Destroy
ImageList_Create
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_DrawIndirect
ImageList_BeginDrag

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid

oleaut32

SysAllocString
SysFreeString

shlwapi

PathFindFileNameW
PathIsDirectoryW
PathMakePrettyW
PathFindExtensionW
PathRemoveFileSpecW
PathIsRootW
PathFileExistsW

winhttp

WinHttpQueryHeaders
WinHttpCrackUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpQueryOption
WinHttpSetOption
WinHttpReceiveResponse

Sections

.text
Size: 880KB - Virtual size: 879KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 496KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a44a8ae2778ad70d696a456ad2ffc3e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

shlwapi

winhttp

Sections

.text Size: 880KB - Virtual size: 879KB

.rdata Size: 148KB - Virtual size: 147KB

.data Size: 496KB - Virtual size: 511KB

.rsrc Size: 272KB - Virtual size: 269KB

.text
Size: 880KB - Virtual size: 879KB

.rdata
Size: 148KB - Virtual size: 147KB

.data
Size: 496KB - Virtual size: 511KB

.rsrc
Size: 272KB - Virtual size: 269KB