68fa5eb6b37c6042a0095cac094a18c739d87d648e4f2b03ae01e22cb295b735

Sharing

Copy URL Twitter E-mail

General

Target

68fa5eb6b37c6042a0095cac094a18c739d87d648e4f2b03ae01e22cb295b735
Size

1.7MB
MD5

035796c259784007a62b4fd081e03730
SHA1

6ccb9a3e5194f80f88ec59940d23c968a061ab3e
SHA256

68fa5eb6b37c6042a0095cac094a18c739d87d648e4f2b03ae01e22cb295b735
SHA512

d50e0ca62d63ea0daa930f5b149114d8faa81e740aad5bc3b5336a7f2f4a9c366a66829ad26289c052fd0e71d25453f5a65bd943507df60604fb5262fffc4e31
SSDEEP

24576:B+Q36dvnqrXQnsDke1obs0zD5oQfsXJ9vTNK4encSV/xO/O5fVofj:wI6nqKsDkZgtKqY/Q/O5Kf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68fa5eb6b37c6042a0095cac094a18c739d87d648e4f2b03ae01e22cb295b735

Files

68fa5eb6b37c6042a0095cac094a18c739d87d648e4f2b03ae01e22cb295b735
.exe windows x86

0cb7b81567d8c5928f20416e329b1d6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetCookieA

sqlite3

sqlite3_open
sqlite3_errmsg
sqlite3_prepare_v2
sqlite3_step
sqlite3_column_text
sqlite3_finalize
sqlite3_close
sqlite3_column_count

kernel32

MapViewOfFile
CreateFileMappingA
CreateDirectoryA
SetEndOfFile
ReadFile
SetFilePointer
GetFileSize
GetEnvironmentVariableW
GetVersion
GetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeExW
GetStringTypeExA
lstrcmpiW
LocalFree
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
UnhandledExceptionFilter
GetTimeZoneInformation
FlushFileBuffers
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
TlsAlloc
TerminateProcess
LCMapStringW
LCMapStringA
FatalAppExitA
GetCommandLineA
GetStartupInfoA
GetCPInfo
GetOEMCP
GetDateFormatA
GetTimeFormatA
UnmapViewOfFile
ExitThread
VirtualQuery
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
IsBadStringPtrA
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemInfo
FormatMessageA
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetShortPathNameW
GetFileInformationByHandle
CopyFileA
MoveFileA
CopyFileW
MoveFileW
CreateHardLinkA
DeleteFileA
RemoveDirectoryA
GetFullPathNameA
GetDiskFreeSpaceExA
CreateHardLinkW
CreateDirectoryW
DeleteFileW
RemoveDirectoryW
GetFullPathNameW
GetDiskFreeSpaceExW
SetFileTime
GetFileTime
FindClose
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileAttributesExA
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
GetFileAttributesExW
GetFileAttributesW
GetFileAttributesA
HeapSize
HeapReAlloc
HeapDestroy
WaitForMultipleObjects
DeviceIoControl
GlobalHandle
CreateProcessA
SetEvent
CreateEventA
SetThreadPriority
ResumeThread
GlobalMemoryStatus
CreateFileA
WriteFile
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
GetModuleHandleA
GetCurrentProcessId
lstrcpyA
GetProcAddress
Sleep
CreateSemaphoreA
WaitForSingleObject
CloseHandle
IsDebuggerPresent
OutputDebugStringA
LoadLibraryA
ReleaseSemaphore
FreeLibrary
GlobalFree
GetLocalTime
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcpynW
lstrcpynA
InterlockedIncrement
GetModuleFileNameA
lstrcmpA
lstrlenW
SetLastError
MulDiv
MultiByteToWideChar
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
FindResourceExA
SizeofResource
lstrlenA
FindResourceA
LoadResource
LockResource
HeapFree
IsBadWritePtr
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
GetProcessHeap
HeapAlloc
GetCurrentThreadId
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetFileType
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CreateThread
SetEnvironmentVariableA

user32

GetDoubleClickTime
IntersectRect
GetDlgCtrlID
IsRectEmpty
DragDetect
DefMDIChildProcA
BringWindowToTop
TranslateMDISysAccel
CreateDialogParamA
GetMenu
wsprintfW
DestroyIcon
SetWindowRgn
ModifyMenuA
DrawFrameControl
CallNextHookEx
IsMenu
DrawTextA
GetMenuDefaultItem
WindowFromPoint
GetSysColorBrush
FrameRect
UpdateWindow
WaitMessage
GetWindowThreadProcessId
CharLowerA
IsWindowEnabled
UnhookWindowsHookEx
SetWindowsHookExA
GetSystemMenu
SetRect
DrawEdge
DrawIconEx
GetCapture
GetForegroundWindow
EndDialog
GetParent
GetClassLongA
SetRectEmpty
SetParent
OffsetRect
GetWindowDC
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
InflateRect
EqualRect
CopyRect
CreateDialogIndirectParamA
GetKeyState
FlashWindowEx
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowLongA
GetWindowRect
GetWindow
UnregisterClassA
wsprintfA
DestroyWindow
CreateWindowExA
SetWindowLongA
MoveWindow
SetTimer
KillTimer
SendMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DefWindowProcA
PostMessageA
CheckMenuItem
DeleteMenu
CharUpperA
GetDlgItemTextA
GetScrollRange
UnionRect
SetScrollPos
GetScrollPos
SetScrollRange
ShowScrollBar
ScrollWindow
DrawFocusRect
GetDlgItemInt
SetDlgItemInt
CharLowerW
CharUpperW
CreateIconFromResourceEx
ReleaseCapture
SetMenuDefaultItem
SetMenuItemInfoA
DefFrameProcA
GetSystemMetrics
wvsprintfA
LoadImageA
GetMessagePos
SetCursor
LoadAcceleratorsA
GetMessageA
TranslateMessage
DispatchMessageA
LoadBitmapA
AppendMenuA
TrackPopupMenuEx
CallWindowProcA
EnableWindow
PostQuitMessage
GetActiveWindow
SetWindowTextA
GetWindowTextA
SetCapture
ShowWindow
MessageBoxA
SetFocus
GetWindowTextLengthA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
IsWindow
DialogBoxParamA
GetFocus
GetCursorPos
PtInRect
ClientToScreen
ScreenToClient
SetWindowContextHelpId
LoadMenuA
GetSubMenu
MapDialogRect
DestroyMenu
RegisterWindowMessageA
IsWindowVisible
RedrawWindow
InvalidateRect
TrackPopupMenu
DestroyAcceleratorTable
GetSysColor
IsChild
EndPaint
FillRect
BeginPaint
GetClassNameA
CharNextA
GetDesktopWindow
InvalidateRgn
GetMonitorInfoA
MonitorFromPoint
SetMenu
ReleaseDC
GetDC
GetMenuItemInfoA
RemoveMenu
CreatePopupMenu
GetMenuItemCount
GetMenuStringA
DrawMenuBar
PeekMessageA
MessageBeep
LoadStringW
LoadStringA
AdjustWindowRectEx
TranslateAcceleratorA
CreateAcceleratorTableA

gdi32

SetMapMode
GetMapMode
ExtTextOutA
GetClipBox
GetClipRgn
CreateRectRgn
DPtoLP
LPtoDP
SaveDC
RestoreDC
SelectClipRgn
SelectPalette
Polyline
SetWindowOrgEx
Polygon
ExtSelectClipRgn
CreateRectRgnIndirect
GetTextColor
Ellipse
GetTextExtentExPointA
SetGraphicsMode
TextOutA
RealizePalette
CreateRoundRectRgn
CreateDIBSection
SetBkColor
SetBrushOrgEx
GetViewportOrgEx
SetViewportOrgEx
CreateBitmap
CreatePen
GetTextMetricsA
Rectangle
LineTo
MoveToEx
SetTextColor
SetBkMode
GetTextExtentPoint32A
CreateFontIndirectA
PatBlt
CreatePatternBrush
GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
IntersectClipRect
DeleteDC
BitBlt

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegNotifyChangeKeyValue
RegOpenKeyExA

shell32

ShellExecuteA
ExtractIconExA

ole32

OleSetContainedObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoUninitialize
OleLockRunning
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
OleCreateStaticFromData
StringFromGUID2
CreateILockBytesOnHGlobal

oleaut32

SysStringLen
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
VarUdateFromDate
VarUI4FromStr
SystemTimeToVariantTime
DispCallFunc
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_SetImageCount
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_LoadImageA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_GetIconSize
_TrackMouseEvent

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFileICM
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipSaveImageToStream
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromFile
GdipDrawImageRectI
GdipLoadImageFromFileICM
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipCreateBitmapFromFile
GdipDisposeImageAttributes

ws2_32

htons
WSACleanup
gethostname
gethostbyname
connect
socket
inet_addr
WSAStartup
send
recv
WSAGetLastError
WSAAsyncSelect
closesocket

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

crashrpt

Uninstall
Install

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cb7b81567d8c5928f20416e329b1d6c

Headers

File Characteristics

Imports

wininet

sqlite3

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

ws2_32

version

iphlpapi

crashrpt

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 168KB - Virtual size: 164KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 168KB - Virtual size: 164KB