fa1b77268df8b3d09d26be38fd7fa85fec19bd70cf99541eed6d130f83ca2eff

Sharing

Copy URL

Twitter E-mail

General

Target

fa1b77268df8b3d09d26be38fd7fa85fec19bd70cf99541eed6d130f83ca2eff
Size

2.4MB
MD5

903f437d52d800fbac5a249d3bc4adc6
SHA1

5204ed483c693535878c90b6c980a58c1e608fea
SHA256

fa1b77268df8b3d09d26be38fd7fa85fec19bd70cf99541eed6d130f83ca2eff
SHA512

bb44008bbccb8187b64fd578783d45520769ded1ecd9ece4ca08dd58c60b80c29a93b724b4df642a2ecbe4d1ef89a6ba3b67ddbfb2201534742a03cc277b33d1
SSDEEP

49152:ZtIvBoolm5k+ElsAI6eSR161ZKrb9/vTz:uXeEsAxVrR/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa1b77268df8b3d09d26be38fd7fa85fec19bd70cf99541eed6d130f83ca2eff

Files

fa1b77268df8b3d09d26be38fd7fa85fec19bd70cf99541eed6d130f83ca2eff
.exe windows x86

65111ab0ac55dde455ff87f9ab3dba13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryOptionW
InternetSetOptionW
InternetGetConnectedState
HttpQueryInfoW
InternetCrackUrlW
InternetReadFile
InternetCloseHandle
InternetOpenW
HttpSendRequestW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW

kernel32

HeapAlloc
RaiseException
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CreateThread
ExitThread
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
HeapFree
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetDriveTypeA
GetLocaleInfoW
GetACP
GetOEMCP
SetEnvironmentVariableA
lstrcmpW
CloseHandle
CreateFileW
GetLastError
CreateMutexW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpynW
GetVersionExW
lstrlenW
GetModuleHandleW
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteFileW
MoveFileW
CopyFileW
LocalFree
FormatMessageW
GetShortPathNameW
InterlockedExchange
GetProfileStringA
GlobalAddAtomA
FindResourceA
RtlUnwind
ExitProcess
GetStartupInfoW
SetErrorMode
GetCurrentDirectoryW
FindResourceExW
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindNextFileW
GetProfileIntW
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
FindFirstFileW
FindClose
UnlockFile
LockFile
SetFilePointer
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GlobalFlags
lstrcmpiW
lstrcmpA
lstrcmpiA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameW
SuspendThread
LoadLibraryA
FindResourceW
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcpyW
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
lstrlenA
InterlockedDecrement
InterlockedIncrement
MulDiv
GetModuleHandleA
SetLastError
SizeofResource
LoadResource
LockResource
GlobalSize
TerminateThread
SetCurrentDirectoryW
GlobalFree
ResumeThread
FlushFileBuffers
GetFileAttributesExW
WriteFile
ReadFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
WritePrivateProfileStringW
GetPrivateProfileIntW
GetWindowsDirectoryW
GetTickCount
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
SetThreadPriority
SetEvent
CreateEventW
CreateProcessW
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
GetPrivateProfileStringW
GetCurrentProcess
GetTempPathW
CreateDirectoryW
IsValidLocale

user32

EndDialog
CreateDialogIndirectParamW
GetActiveWindow
ValidateRect
WindowFromPoint
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetTopWindow
IsChild
WinHelpW
GetClassInfoW
RegisterClassW
TrackPopupMenu
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
DestroyWindow
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SystemParametersInfoW
GetWindowPlacement
GetMenuCheckMarkDimensions
ModifyMenuW
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
IntersectRect
wsprintfW
UnhookWindowsHookEx
EndPaint
BeginPaint
GetWindowDC
MessageBoxW
DrawAnimatedRects
AppendMenuW
RemovePropW
SetPropW
SetRectEmpty
SetMenu
DestroyMenu
GetMessageW
PeekMessageW
TranslateMessage
DispatchMessageW
GetMenuStringW
FindWindowW
ExitWindowsEx
EmptyClipboard
SetClipboardData
GetClipboardData
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
CloseClipboard
OpenClipboard
FindWindowExW
RedrawWindow
DrawFocusRect
IsWindowEnabled
SetFocus
RegisterWindowMessageW
GetWindowLongW
SetWindowLongW
GetDlgCtrlID
SetWindowPos
GetMenu
GetMenuItemCount
GetMenuItemID
DrawFrameControl
KillTimer
SetTimer
LoadAcceleratorsW
TranslateAcceleratorW
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsZoomed
SetRect
LoadStringW
SetParent
PostThreadMessageW
GetDC
ReleaseDC
ScreenToClient
GetWindow
GetPropW
IsIconic
GetLastActivePopup
UpdateWindow
DeleteMenu
GetDesktopWindow
GetKeyState
OffsetRect
GetSysColor
GetFocus
InflateRect
BeginDeferWindowPos
EndDeferWindowPos
GetWindowRect
GetCursorPos
ReleaseCapture
GetCapture
ClientToScreen
SetCursorPos
PtInRect
SetCursor
SetCapture
SetPropA
GetPropA
GetParent
TrackPopupMenuEx
GetSystemMenu
InsertMenuW
LockWindowUpdate
GetDCEx
IsClipboardFormatAvailable
CharUpperW
GetSysColorBrush
GetClassNameW
RegisterClipboardFormatW
ShowOwnedPopups
PostQuitMessage
MapDialogRect
GetAsyncKeyState
SetClassLongW
wvsprintfW
CheckMenuItem
DestroyIcon
LoadIconW
LoadImageW
PostMessageW
IsWindow
IsWindowVisible
InvalidateRect
GrayStringW
DrawTextW
TabbedTextOutW
CopyRect
LoadMenuW
GetClientRect
GetSubMenu
SetMenuDefaultItem
GetSystemMetrics
SendMessageW
SetForegroundWindow
EnableWindow
DestroyCursor
LoadBitmapW
LoadCursorW
CharNextA
DefWindowProcA
DefDlgProcA
GetClassInfoA
DrawTextA
GetWindowTextA
ExcludeUpdateRgn
ShowCaret
HideCaret
GetWindowTextLengthA
UnregisterClassW
GetMenuState

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
SetRectRgn
GetCharWidthW
CreateFontW
GetTextMetricsW
EnumFontFamiliesExW
CopyMetaFileW
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
CreateBitmap
SetBkColor
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
RestoreDC
CreateDIBSection
DeleteDC
PatBlt
DeleteObject
SelectObject
GetBkMode
GetTextExtentPoint32W
GetBkColor
GetTextColor
BitBlt
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectW
ExtTextOutA
GetTextExtentPointA
CreateDIBitmap
CreateFontIndirectW

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegCloseKey

shell32

DragAcceptFiles
DragQueryFileW
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
SHGetDesktopFolder
Shell_NotifyIconW
SHFileOperationW
ExtractIconW
SHGetFileInfoW
SHGetSpecialFolderPathW
DragFinish

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_GetImageInfo
ImageList_Draw
ImageList_AddMasked
ImageList_GetImageCount
_TrackMouseEvent
ImageList_SetBkColor
ImageList_Destroy
ImageList_Create
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_DrawIndirect
ImageList_BeginDrag

oledlg

OleUIBusyW

ole32

OleGetClipboard
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

VarBstrFromDate
SysFreeString
SysAllocString
VariantClear

shlwapi

PathGetCharTypeW
PathIsRootW
PathRemoveFileSpecW
PathFindExtensionW
PathFileExistsW
PathIsURLW
PathIsDirectoryW
PathFindFileNameW

Sections

.text
Size: 1.4MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 592KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65111ab0ac55dde455ff87f9ab3dba13

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

shlwapi

Sections

.text Size: 1.4MB - Virtual size: 1.3MB

.rdata Size: 228KB - Virtual size: 224KB

.data Size: 592KB - Virtual size: 610KB

.rsrc Size: 248KB - Virtual size: 247KB

.text
Size: 1.4MB - Virtual size: 1.3MB

.rdata
Size: 228KB - Virtual size: 224KB

.data
Size: 592KB - Virtual size: 610KB

.rsrc
Size: 248KB - Virtual size: 247KB