6706b3176a2cb7bf2c43879fd09aab0e96102be0e230f9b9d4fc414f6b636ad5

Sharing

Copy URL Twitter E-mail

General

Target

6706b3176a2cb7bf2c43879fd09aab0e96102be0e230f9b9d4fc414f6b636ad5
Size

2.7MB
MD5

b37a864448d4124352a7e769bf8af7df
SHA1

dd472731b5a7b84e504d32b865a8d446b7d1cbb1
SHA256

6706b3176a2cb7bf2c43879fd09aab0e96102be0e230f9b9d4fc414f6b636ad5
SHA512

0e2df2564ff7c7a1724551b83543b1bd519ee4e38b8d63a551c64901f2ca118f894c96e3bb55109b86420984564a85cb8f018a867f9237ed21baaa505edc20ed
SSDEEP

49152:bm/m80rRZ1a2Zw0Yk//XM2MHpDVUs7OYRk4T:bmZyD//X+o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6706b3176a2cb7bf2c43879fd09aab0e96102be0e230f9b9d4fc414f6b636ad5

Files

6706b3176a2cb7bf2c43879fd09aab0e96102be0e230f9b9d4fc414f6b636ad5
.exe windows x86

20dc1534376d52a75fb3b2fc7eb86183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetEnvironmentStringsW
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetDriveTypeA
GetLocaleInfoW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FindResourceA
GlobalAddAtomA
GetProfileStringA
InterlockedExchange
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
ExitThread
CreateThread
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
GetDriveTypeW
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoW
SetErrorMode
GetCurrentDirectoryW
FindResourceExW
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindNextFileW
GetProfileIntW
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
FindFirstFileW
FindClose
UnlockFile
LockFile
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GlobalFlags
lstrcmpiW
SuspendThread
lstrcmpA
lstrcmpiA
GetCurrentThread
GlobalGetAtomNameW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
LoadLibraryA
FindResourceW
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
InterlockedDecrement
InterlockedIncrement
MulDiv
GetModuleHandleA
SetLastError
lstrlenA
ExitProcess
SizeofResource
LoadResource
LockResource
GlobalSize
TerminateThread
SetCurrentDirectoryW
GlobalFree
SetFilePointer
FlushFileBuffers
WriteFile
ReadFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
GetWindowsDirectoryW
GetTickCount
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileIntW
SetThreadPriority
SetEvent
CreateEventW
CreateProcessW
TerminateProcess
GetExitCodeProcess
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringW
GetCurrentProcess
GetTempPathW
CreateDirectoryW
GetFileAttributesExW
GetShortPathNameW
FormatMessageW
LocalFree
CopyFileW
MoveFileW
DeleteFileW
GlobalAlloc
Sleep
GetModuleHandleW
GlobalLock
GlobalUnlock
lstrlenW
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
WaitForSingleObject
ResumeThread
CreateMutexW
GetLastError
CreateFileW
CloseHandle
lstrcmpW
IsBadReadPtr
lstrcpyW

user32

GetTopWindow
IsChild
WinHelpW
GetClassInfoW
RegisterClassW
TrackPopupMenu
GetDlgItem
GetWindowTextLengthW
DestroyWindow
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
DefWindowProcW
GetMessageTime
GetForegroundWindow
IntersectRect
SystemParametersInfoW
GetWindowPlacement
wsprintfW
UnhookWindowsHookEx
EndPaint
BeginPaint
GetWindowDC
MessageBoxW
DrawAnimatedRects
AppendMenuW
SetClassLongW
SetMenu
DestroyMenu
LoadImageW
FindWindowW
GetMessageW
PeekMessageW
TranslateMessage
DispatchMessageW
GetMenuStringW
InsertMenuW
ExitWindowsEx
DestroyIcon
EmptyClipboard
SetClipboardData
FindWindowExW
GetWindowTextW
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
DrawFocusRect
GetSysColor
IsWindowEnabled
SetFocus
RegisterWindowMessageW
GetDlgCtrlID
SetWindowPos
GetMenu
GetMenuItemCount
LoadIconW
KillTimer
SetTimer
ReleaseDC
CreatePopupMenu
GetMessagePos
RedrawWindow
GetSystemMenu
RemovePropW
CallWindowProcW
LoadCursorW
CheckDlgButton
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
SetPropW
SetWindowLongW
GetMenuItemID
GetMenuDefaultItem
GetDesktopWindow
GetWindow
GetPropW
GetLastActivePopup
UpdateWindow
CheckMenuRadioItem
TrackPopupMenuEx
IsWindowVisible
GetKeyState
ReleaseCapture
SetCapture
GetCapture
SetCursor
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextW
ShowWindow
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
SetParent
PostThreadMessageW
DeleteMenu
ClientToScreen
BeginDeferWindowPos
OffsetRect
EndDeferWindowPos
SetCursorPos
GetFocus
GetDC
LoadMenuW
GetSubMenu
SetMenuDefaultItem
GetSystemMetrics
PostMessageW
IsWindow
IsIconic
SetForegroundWindow
InvalidateRect
GetCursorPos
ScreenToClient
PtInRect
InflateRect
GetParent
GetWindowRect
SendMessageW
GetClientRect
GrayStringW
DrawTextW
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DestroyCursor
EnableWindow
CopyRect
TabbedTextOutW
DeferWindowPos
EqualRect
AdjustWindowRectEx
SetActiveWindow
MapWindowPoints
SendDlgItemMessageA
GetWindowLongW
SendDlgItemMessageW
LockWindowUpdate
GetDCEx
CharUpperW
GetSysColorBrush
GetClassNameW
LoadStringW
RegisterClipboardFormatW
ValidateRect
ShowOwnedPopups
PostQuitMessage
MapDialogRect
GetAsyncKeyState
wvsprintfW
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorW
LoadAcceleratorsW
SetRect
SetRectEmpty
WindowFromPoint
EndDialog
GetActiveWindow
CreateDialogIndirectParamW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
GetNextDlgTabItem
LoadBitmapW
EnableMenuItem

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetMapMode
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
SetRectRgn
GetCharWidthW
CreateFontW
GetTextMetricsW
CopyMetaFileW
EnumFontFamiliesExW
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
SetBkColor
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
RestoreDC
CreateDIBSection
DeleteDC
PatBlt
DeleteObject
SelectObject
GetCurrentObject
GetTextExtentPoint32W
CreateBitmap
GetBkMode
GetBkColor
GetTextColor
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectW
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
CreateFontIndirectW

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegDeleteKeyW
RegQueryValueW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegEnumKeyW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegOpenKeyExW

shell32

DragAcceptFiles
SHGetSpecialFolderPathW
ExtractIconW
SHFileOperationW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
DragQueryFileW
ShellExecuteW
DragFinish
SHGetFileInfoW

comctl32

ImageList_GetImageInfo
ImageList_EndDrag
ImageList_DragMove
ImageList_GetImageCount
ImageList_DragEnter
ImageList_BeginDrag
ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Destroy
ImageList_Create
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_DrawIndirect
ImageList_DragLeave

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleDuplicateData
OleGetClipboard
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
CoTaskMemAlloc

oleaut32

VarBstrFromDate
VariantClear
SysAllocString
SysFreeString

shlwapi

PathFileExistsW
PathIsDirectoryW
PathMakePrettyW
PathFindExtensionW
PathRemoveFileSpecW
PathIsRootW
PathGetCharTypeW
PathIsURLW
PathFindFileNameW

winhttp

WinHttpQueryHeaders
WinHttpCrackUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpQueryOption
WinHttpSetOption
WinHttpReceiveResponse

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 600KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 460KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20dc1534376d52a75fb3b2fc7eb86183

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

shlwapi

winhttp

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 600KB - Virtual size: 617KB

.rsrc Size: 460KB - Virtual size: 456KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 600KB - Virtual size: 617KB

.rsrc
Size: 460KB - Virtual size: 456KB