50b217df64b52965d66fbf0ce4e914a046b686552ff9c341510a2983ec1b6a72

Sharing

Copy URL Twitter E-mail

General

Target

50b217df64b52965d66fbf0ce4e914a046b686552ff9c341510a2983ec1b6a72
Size

2.6MB
MD5

44eaa45b9076224d6a28abea1a0aecd6
SHA1

352e7b0aff5b5fb74770ffda4a0fe0e77a7b2b35
SHA256

50b217df64b52965d66fbf0ce4e914a046b686552ff9c341510a2983ec1b6a72
SHA512

6507a909e177594e2679726182b6eeb21e75339275257f0f0a27948b0e8423c73bd85d0cd11fc03b463bb91423f00ffc0a0e0238d5a67ff414826e093112ad53
SSDEEP

24576:yjCjwpXkY8kSJGBtlfvreKDOLC0JOBCbJ1lzF+E6DUi+CjH5QYZ1sXUDLTgncnE:yjCc0dkebL1vLi71+XMLTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50b217df64b52965d66fbf0ce4e914a046b686552ff9c341510a2983ec1b6a72

Files

50b217df64b52965d66fbf0ce4e914a046b686552ff9c341510a2983ec1b6a72
.exe windows x86

2879d79c3dab4168ffe02e2cd8d057e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetFileType
GetCurrentDirectoryA
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetDriveTypeA
GetLocaleInfoW
SetStdHandle
HeapSize
FindResourceA
GlobalAddAtomA
GetProfileStringA
InterlockedExchange
ExitThread
CreateThread
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
GetDriveTypeW
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoW
SetErrorMode
GetCurrentDirectoryW
FindResourceExW
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProfileIntW
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
UnlockFile
LockFile
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GlobalFlags
lstrcmpiW
FindNextFileW
FindFirstFileW
FindClose
lstrcmpA
lstrcmpiA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
SuspendThread
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
GlobalGetAtomNameW
LoadLibraryA
FindResourceW
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
InterlockedDecrement
InterlockedIncrement
MulDiv
GetModuleHandleA
SetLastError
SetFilePointer
lstrlenA
ExitProcess
SizeofResource
LoadResource
LockResource
GlobalSize
GetFileSize
TerminateThread
SetCurrentDirectoryW
GlobalFree
FlushFileBuffers
WriteFile
ReadFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
AreFileApisANSI
SetFileAttributesW
GetWindowsDirectoryW
GetTickCount
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileIntW
SetThreadPriority
SetEvent
CreateEventW
CreateProcessW
TerminateProcess
GetExitCodeProcess
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringW
GetCurrentProcess
GetTempPathW
CreateDirectoryW
GetFileAttributesExW
GetShortPathNameW
FormatMessageW
LocalFree
CopyFileW
MoveFileW
DeleteFileW
GlobalAlloc
Sleep
GetModuleHandleW
GlobalLock
GlobalUnlock
lstrlenW
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
lstrcpyW
WaitForSingleObject
ResumeThread
CreateMutexW
GetLastError
CreateFileW
CloseHandle
SetUnhandledExceptionFilter
lstrcmpW

user32

GetTopWindow
IsChild
WinHelpW
GetClassInfoW
RegisterClassW
TrackPopupMenu
GetDlgItem
GetWindowTextLengthW
DestroyWindow
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
DefWindowProcW
GetMessageTime
GetForegroundWindow
IntersectRect
SystemParametersInfoW
GetWindowPlacement
wsprintfW
UnhookWindowsHookEx
EndPaint
BeginPaint
GetWindowDC
MessageBoxW
DrawAnimatedRects
AppendMenuW
SetMenu
DestroyMenu
LoadImageW
FindWindowW
GetMessageW
PeekMessageW
TranslateMessage
DispatchMessageW
GetMenuStringW
InsertMenuW
ExitWindowsEx
DestroyIcon
EmptyClipboard
SetClipboardData
FindWindowExW
GetWindowTextW
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
IsWindowEnabled
SetFocus
RegisterWindowMessageW
GetDlgCtrlID
SetWindowPos
GetMenu
GetMenuItemCount
DrawFocusRect
SetClassLongW
DrawFrameControl
LoadIconW
KillTimer
SetTimer
ReleaseDC
GetCapture
ReleaseCapture
SetCapture
SetCursor
CreatePopupMenu
GetMessagePos
RedrawWindow
CheckDlgButton
LoadBitmapW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetSystemMenu
RemovePropW
CallWindowProcW
GetWindowLongW
SetPropW
SetWindowLongW
GetMenuItemID
GetMenuDefaultItem
GetKeyState
DeleteMenu
SetCursorPos
GetSysColor
GetFocus
ClientToScreen
GetDesktopWindow
GetWindow
GetPropW
GetLastActivePopup
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
SetWindowTextW
SetParent
PostThreadMessageW
LockWindowUpdate
UpdateWindow
BeginDeferWindowPos
OffsetRect
EndDeferWindowPos
TrackPopupMenuEx
IsWindowVisible
IsIconic
PostMessageW
GetDC
SetMenuDefaultItem
GetSystemMetrics
LoadMenuW
GetSubMenu
IsWindow
SetForegroundWindow
InvalidateRect
GetCursorPos
ScreenToClient
PtInRect
InflateRect
GetParent
GetWindowRect
SendMessageW
GetClientRect
GrayStringW
DrawTextW
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DestroyCursor
EnableWindow
CopyRect
TabbedTextOutW
DeferWindowPos
EqualRect
AdjustWindowRectEx
SetActiveWindow
MapWindowPoints
SendDlgItemMessageA
GetWindowTextA
SendDlgItemMessageW
GetDCEx
CharUpperW
GetSysColorBrush
GetClassNameW
RegisterClipboardFormatW
ShowOwnedPopups
PostQuitMessage
MapDialogRect
GetAsyncKeyState
LoadStringW
IsZoomed
SetRect
ValidateRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
WindowFromPoint
wvsprintfW
EndDialog
GetActiveWindow
CreateDialogIndirectParamW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageW
GetNextDlgTabItem
ShowWindow
MoveWindow
LoadCursorW
EnableMenuItem

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetMapMode
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
SetRectRgn
GetCharWidthW
CreateFontW
GetTextMetricsW
EnumFontFamiliesExW
CopyMetaFileW
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
SetBkColor
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
RestoreDC
CreateDIBSection
DeleteDC
PatBlt
DeleteObject
SelectObject
GetTextExtentPoint32W
CreateBitmap
GetBkMode
GetBkColor
GetTextColor
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectW
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
CreateFontIndirectW

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegDeleteKeyW
RegQueryValueW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegEnumKeyW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegOpenKeyExW

shell32

DragAcceptFiles
SHGetSpecialFolderPathW
ExtractIconW
SHFileOperationW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder
ShellExecuteW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation

comctl32

ImageList_EndDrag
ImageList_DragMove
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Destroy
ImageList_Create
ord17
ImageList_DrawIndirect
PropertySheetW
DestroyPropertySheetPage
ImageList_DragEnter
CreatePropertySheetPageW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleDuplicateData
OleGetClipboard
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
CoTaskMemAlloc

oleaut32

VarBstrFromDate
VariantClear
SysAllocString
SysFreeString

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathIsDirectoryW
PathFindFileNameW
PathMakePrettyW
PathFindExtensionW
PathRemoveFileSpecW
PathIsRootW
PathGetCharTypeW
PathIsURLW
PathFileExistsW

winhttp

WinHttpQueryHeaders
WinHttpReadData
WinHttpCrackUrl
WinHttpCloseHandle
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpQueryOption
WinHttpSetOption
WinHttpReceiveResponse

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 600KB - Virtual size: 625KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2879d79c3dab4168ffe02e2cd8d057e1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

version

shlwapi

winhttp

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 236KB - Virtual size: 233KB

.data Size: 600KB - Virtual size: 625KB

.rsrc Size: 328KB - Virtual size: 327KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 236KB - Virtual size: 233KB

.data
Size: 600KB - Virtual size: 625KB

.rsrc
Size: 328KB - Virtual size: 327KB