757256ee762d9ca7888dcfde0b643608de649c36e3dbdae08b70df86ded6f0a6

Sharing

Copy URL Twitter E-mail

General

Target

757256ee762d9ca7888dcfde0b643608de649c36e3dbdae08b70df86ded6f0a6
Size

13.3MB
MD5

4d3724897400d67ce9f5f8a2d6013225
SHA1

f67d1f4bf572a34614b175c06302e44e0b42f0b1
SHA256

757256ee762d9ca7888dcfde0b643608de649c36e3dbdae08b70df86ded6f0a6
SHA512

9b578873d8ad83c93779a2ea73931b4c3d442f6db9ae51415b034f3a74634797d24c9d7ab84bd599a1b11d1a7c21b687b42e625fb3b24822c4fb09e25f103f4b
SSDEEP

393216:f+JNxWse8WqC2Dv0IW2msO8VCgmhIwhOjJc:f+y81xmsO8VAIfd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
757256ee762d9ca7888dcfde0b643608de649c36e3dbdae08b70df86ded6f0a6

Files

757256ee762d9ca7888dcfde0b643608de649c36e3dbdae08b70df86ded6f0a6
.exe windows x86

baa8860d81ff5f5001a47d174431c4b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetUserDefaultLCID
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
CreateFileA
ReadFile
CloseHandle
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
RtlFillMemory
GetModuleHandleA
WideCharToMultiByte
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
MultiByteToWideChar
RtlMoveMemory
SetHandleCount
GetACP
HeapSize
RaiseException
TerminateProcess
RtlUnwind
GetCommandLineA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
FindResourceA
LoadResource
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameA
GetTickCount
lstrlenA
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
GetFileSize
SetStdHandle
IsBadCodePtr
GetStringTypeW
GetStringTypeA
LCMapStringW
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsGetValue
InterlockedDecrement
SetErrorMode
lstrcatA
lstrcpyA
lstrcpynA
GetVersion
MulDiv
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
SetLastError
GetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
TlsSetValue
GetTimeZoneInformation
FileTimeToSystemTime
SuspendThread
GetSystemInfo
IsProcessorFeaturePresent
lstrcmpiA
LocalFree
FileTimeToLocalFileTime
lstrcpynA
DuplicateHandle
LockFile
UnlockFile
SetEndOfFile
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
LocalAlloc
GlobalHandle
LocalReAlloc
GetFileTime
GetCurrentThread
GlobalFlags
SetErrorMode
GetProcessVersion
GetSystemTime
HeapSize
UnhandledExceptionFilter
CompareStringA
CompareStringW
InterlockedExchange
SetEnvironmentVariableA
GetSystemDirectoryA
FlushFileBuffers
SetStdHandle
LCMapStringW
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
RaiseException
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
RtlUnwind
GetVersion
LCMapStringA
GetFileSize
GetLocalTime
IsBadReadPtr
OpenFileMappingA
ReleaseMutex
CreateMutexA
TerminateProcess
GetExitCodeThread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetWindowsDirectoryA
lstrcpyn
QueryPerformanceFrequency
QueryPerformanceCounter
TerminateThread
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
CloseHandle
WaitForSingleObject
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
CopyFileA
GetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
ExpandEnvironmentStringsA
Sleep
CreateEventA
CreateThread
GetComputerNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
GetLastError
LoadLibraryA
FreeLibrary
GetFullPathNameA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrlenA
lstrcatA
InitializeCriticalSection

ole32

OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard
CoUninitialize
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleFlushClipboard
CoInitialize
OleInitialize
CLSIDFromString
OleUninitialize
OleInitialize

user32

wsprintfA
AdjustWindowRectEx
IsWindow
MessageBoxA
wvsprintfA
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
PostQuitMessage
PostMessageA
SendMessageA
SetCursor
EnableWindow
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
SetActiveWindow
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
UnhookWindowsHookEx
UnregisterClassA
GetClassNameA
PtInRect
GetWindowRect
GetDlgCtrlID
GetSysColor
MapWindowPoints
UpdateWindow
GetWindow
ClientToScreen
LoadIconA
SetWindowTextA
LoadCursorA
GetWindowTextA
GetMenuItemCount
GetSysColorBrush
LoadStringA
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
SendDlgItemMessageA
IsDialogMessageA
SetWindowLongA
SetWindowPos
ShowWindow
SetFocus
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
PostThreadMessageA
DestroyMenu
EndDialog
CallNextHookEx
CreateDialogIndirectParamA
RemovePropA
ScrollWindowEx
IsDialogMessageA
CheckMenuItem
SendDlgItemMessageA
LoadStringA
GetSysColorBrush
GetMessageTime
GetLastActivePopup
MapWindowPoints
GetMenuCheckMarkDimensions
GetClassLongA
RegisterClassA
GetScrollPos
AdjustWindowRectEx
SetMenuItemBitmaps
RegisterWindowMessageA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
EndPaint
BeginPaint
CharUpperA
GetWindowTextLengthA
UnregisterHotKey
RegisterHotKey
CreateWindowExA
GetForegroundWindow
SetWindowTextA
GetMenuItemCount
GetMenuItemID
GetMenuStringA
GetMenuState
GetTabbedTextExtentA
DrawStateA
GrayStringA
TabbedTextOutA
WindowFromDC
EnumChildWindows
GetWindowDC
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
FrameRect
GetPropA
MoveWindow
UnregisterClassA
CallWindowProcA
SetPropA
DrawTextA
GetCursor
GetWindowTextA
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
TrackPopupMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
LoadBitmapA
CopyRect
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DeleteMenu
GetSystemMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
GetDesktopWindow
GetClassNameA
GetDlgItem

wininet

HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA
HttpOpenRequestA
InternetReadFile
InternetCloseHandle

gdi32

GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
CreateBitmap
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
SelectObject
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
SetPixel
GetObjectA
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
GetPixel
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
BeginPath
GetCurrentObject
RoundRect
GetTextExtentPoint32A
CreateDCA
CreateRectRgnIndirect
SetBkColor
GetDeviceCaps
GetTextMetricsA
GetViewportExtEx
ExtSelectClipRgn
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetROP2
SetPolyFillMode
TranslateCharsetInfo
CreateFontA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePenIndirect
RestoreDC
SaveDC
SetWindowOrgEx
SetTextColor
SetBkMode

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA
RegEnumKeyA
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA

comctl32

ord17
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_Read
ord17
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_Add
ImageList_AddMasked
_TrackMouseEvent
ImageList_Draw
ImageList_SetBkColor
ImageList_GetImageCount

oledlg

ord8

oleaut32

SafeArrayGetUBound
VariantInit
SafeArrayAllocDescriptor
SafeArrayAllocData
VarR8FromCy
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayDestroy
VariantClear
SysAllocString
VarR8FromBool
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
SysFreeString
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

winmm

midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutRestart

ws2_32

recv
getpeername
accept
ntohs
recvfrom
ntohl
htons
WSAAsyncSelect
closesocket
send
select
ioctlsocket
inet_ntoa
WSAStartup
WSACleanup

rasapi32

RasHangUpA
RasGetConnectStatusA

msimg32

GradientFill

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

Sections

MBSHJXSX
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MBSHJXSX
Size: 2.6MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

MBSHJXSX
Size: 332KB - Virtual size: 773KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MBSHJXSX
Size: 8.8MB - Virtual size: 8.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MBSHJXSX
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baa8860d81ff5f5001a47d174431c4b7

Headers

File Characteristics

Imports

kernel32

ole32

user32

wininet

gdi32

winspool.drv

advapi32

comctl32

oledlg

oleaut32

winmm

ws2_32

rasapi32

msimg32

comdlg32

shell32

Sections

MBSHJXSX Size: 1.6MB - Virtual size: 1.6MB

MBSHJXSX Size: 2.6MB - Virtual size: 2.5MB

MBSHJXSX Size: 332KB - Virtual size: 773KB

MBSHJXSX Size: 8.8MB - Virtual size: 8.7MB

MBSHJXSX Size: 48KB - Virtual size: 47KB

MBSHJXSX
Size: 1.6MB - Virtual size: 1.6MB

MBSHJXSX
Size: 2.6MB - Virtual size: 2.5MB

MBSHJXSX
Size: 332KB - Virtual size: 773KB

MBSHJXSX
Size: 8.8MB - Virtual size: 8.7MB

MBSHJXSX
Size: 48KB - Virtual size: 47KB