396e6e71e97ee793458bd25a47afa3f52e055cd08be0edf091efa2e5653ee514

Sharing

Copy URL

Twitter E-mail

General

Target

396e6e71e97ee793458bd25a47afa3f52e055cd08be0edf091efa2e5653ee514
Size

6.3MB
MD5

8a9436a65c33d83e0e180fe0994ff6b7
SHA1

61bfa88b18dcab5274daceb4aa0363a89e8f5ec9
SHA256

396e6e71e97ee793458bd25a47afa3f52e055cd08be0edf091efa2e5653ee514
SHA512

3675d2ed66167aec047dec6a78807ef957983d41fe9b4bc2db78601691f0662a3b4c12c21afce4f61e214ab064d121f15041964507b684dcbac25a597dc3de61
SSDEEP

98304:n/5pgU80QFIylc0xeTjzMyKzfBdwShfgxb+0g2HDE3EjErToZXTvgp:n/5u300dZhfi+7kuvrTO4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
396e6e71e97ee793458bd25a47afa3f52e055cd08be0edf091efa2e5653ee514

Files

396e6e71e97ee793458bd25a47afa3f52e055cd08be0edf091efa2e5653ee514
.exe windows x86

0236590402356e3ca9958d1dc78714d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInPrepareHeader
waveInClose
waveInAddBuffer
waveInStop
waveInUnprepareHeader
waveInStart
waveInGetErrorTextW
PlaySoundW
mmioAscend
mmioDescend
timeGetTime
mmioCreateChunk
waveInOpen
mmioWrite
waveInGetDevCapsW
waveInGetNumDevs
mmioClose
mmioRead
mmioSeek
mmioOpenW

rpcrt4

UuidCreate
UuidToStringW

psapi

GetModuleFileNameExW

wininet

HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetCanonicalizeUrlW
InternetQueryDataAvailable
InternetCrackUrlW
InternetGetConnectedState
InternetCloseHandle
InternetOpenW
InternetOpenUrlW
InternetReadFile
HttpAddRequestHeadersW

crashrpt1300

ord9
ord11
ord12
ord17
ord7

kernel32

GetFileAttributesExW
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
ReleaseSemaphore
CreateSemaphoreW
InterlockedIncrement
InterlockedDecrement
VirtualAlloc
VirtualFree
InterlockedExchange
GetCurrentThread
GlobalSize
CopyFileW
GetVersionExA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetPrivateProfileIntW
WritePrivateProfileStringW
HeapSize
MoveFileW
GetThreadLocale
GetVolumeInformationW
FindNextFileW
FileTimeToLocalFileTime
GlobalGetAtomNameW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCurrentDirectoryW
GetFileSizeEx
SetErrorMode
GetTempFileNameW
SearchPathW
GetProfileIntW
VirtualProtect
FindResourceExW
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
ExitProcess
RtlUnwind
RaiseException
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageA
GetSystemTimeAsFileTime
UnlockFileEx
WaitForSingleObjectEx
LockFile
UnlockFile
QueryPerformanceCounter
SystemTimeToFileTime
TryEnterCriticalSection
HeapCompact
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
GetDiskFreeSpaceA
IsBadWritePtr
GetCurrentThreadId
DuplicateHandle
ReadProcessMemory
GetFileSize
SetEndOfFile
SetFilePointer
ReadFile
GetUserDefaultLangID
GetWindowsDirectoryW
lstrcpyW
lstrcatW
LoadLibraryExW
lstrcmpW
WriteFile
GetSystemInfo
GlobalAlloc
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
FreeResource
GetCPInfo
lstrlenA
GetVersion
SetLastError
ResetEvent
OutputDebugStringA
GetModuleFileNameA
GetTempPathW
SetEvent
SetThreadPriority
CreateEventW
FlushViewOfFile
GetFileAttributesW
GetModuleFileNameW
IsWow64Process
LocalAlloc
lstrcmpiW
GetPrivateProfileStringW
LoadLibraryA
GetModuleHandleA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
CreateRemoteThread
GetModuleHandleW
GetCurrentProcess
Module32NextW
Module32FirstW
TerminateProcess
OpenProcess
CreateProcessW
FreeLibrary
GetProcAddress
LoadLibraryW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemDefaultLCID
GetSystemDefaultLangID
GetComputerNameW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileTime
CreateFileW
lstrcpynW
TerminateThread
CreateDirectoryW
GetCurrentProcessId
FormatMessageW
GetCommandLineW
GetLastError
GetVersionExW
GetTickCount
FindClose
FindFirstFileW
CreateThread
OutputDebugStringW
SleepEx
HeapFree
GetProcessHeap
HeapAlloc
DeleteFileW
WinExec
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
UnmapViewOfFile
WaitForSingleObject
OpenFileMappingW
OpenMutexW
CloseHandle
ReleaseMutex
MapViewOfFile
CreateFileMappingW
CreateMutexW
LocalFree
CreateFileMappingA
GetDiskFreeSpaceW
OpenEventW
LockFileEx
SuspendThread

user32

CharUpperBuffW
SubtractRect
GetDoubleClickTime
GetWindowRgn
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
CharUpperW
ShowOwnedPopups
GetMessageW
ValidateRect
SetWindowContextHelpId
MapDialogRect
WaitMessage
MessageBeep
IsZoomed
MapVirtualKeyW
GetKeyNameTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
UpdateWindow
GetClassInfoExW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetWindowTextLengthW
GetScrollPos
SetScrollPos
SetFocus
GetLastActivePopup
EndPaint
BeginPaint
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
GetDlgItem
EndDialog
GetMenuStringW
PostThreadMessageW
IsWindowEnabled
ChildWindowFromPoint
EqualRect
GetClassInfoW
CopyIcon
IsWindow
GetUpdateRect
SetWindowRgn
SetCapture
RegisterClipboardFormatW
SetWindowLongW
LoadCursorW
FrameRect
LoadImageW
CreateIconIndirect
GetIconInfo
DrawStateW
OffsetRect
DrawFocusRect
GetActiveWindow
WindowFromPoint
SetCursor
GetNextDlgTabItem
DestroyCursor
RemoveMenu
GetSysColorBrush
CreateMenu
GetMenuItemID
GetMenuState
InsertMenuW
DestroyIcon
DrawIconEx
GetMenuItemInfoW
SetRect
DrawEdge
InflateRect
UnionRect
GrayStringW
DrawTextExW
TabbedTextOutW
SetClassLongW
DrawTextW
GetFocus
GetWindowLongW
SendNotifyMessageW
DefWindowProcW
PostQuitMessage
DestroyWindow
CreateWindowExW
UnregisterClassW
RegisterClassW
RegisterWindowMessageW
MessageBoxA
EnumChildWindows
GetWindowTextW
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
GetClassNameW
GetWindowThreadProcessId
EnumWindows
DrawMenuBar
DeleteMenu
GetMenuItemCount
TrackMouseEvent
ClientToScreen
PtInRect
GetWindowDC
ReleaseDC
GetDC
DestroyMenu
TrackPopupMenu
CheckMenuItem
ModifyMenuW
GetSubMenu
LoadMenuW
MessageBoxW
UnregisterDeviceNotification
DrawIcon
GetSystemMetrics
IsIconic
IsRectEmpty
IntersectRect
SystemParametersInfoW
GetSystemMenu
RegisterDeviceNotificationW
ShowWindow
SetParent
SetRectEmpty
FillRect
wsprintfW
AppendMenuW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
SetCursorPos
DrawFrameControl
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
CreatePopupMenu
IsWindowVisible
ScreenToClient
GetCursorPos
InvalidateRect
RedrawWindow
FindWindowW
LoadIconW
CopyRect
SetTimer
GetParent
SendMessageW
EnableWindow
KillTimer
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
GetWindow
OpenClipboard
GetSysColor
GetClientRect
SetWindowPos
GetWindowRect
SetForegroundWindow
LoadBitmapW
PostMessageW
LockWindowUpdate
BringWindowToTop
NotifyWinEvent
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
ReleaseCapture
GetAsyncKeyState
IsMenu

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateRectRgnIndirect
SetViewportOrgEx
GetDCOrgEx
CreateBitmap
CreateEllipticRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreatePolygonRgn
GetTextColor
SetDIBColorTable
RealizePalette
Polyline
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
OffsetRgn
SelectClipRgn
FrameRgn
SetTextJustification
SetRectRgn
SetBkColor
SetBkMode
LineTo
MoveToEx
SetDIBits
Rectangle
CreateHatchBrush
PatBlt
DeleteDC
CreateDIBSection
Ellipse
GetBkMode
CreatePen
GetDeviceCaps
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
CreateFontW
GetDIBits
DeleteObject
CombineRgn
CreateRectRgn
FillRgn
CreateRoundRectRgn
SelectObject
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
GetTextExtentPoint32W
CreateFontIndirectW
GetCurrentObject
StretchBlt
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
BitBlt
GetObjectW
CreateCompatibleDC
DPtoLP
LPtoDP
GetTextMetricsW
GetMapMode
SetPixel
GetPixel
SetTextColor
CopyMetaFileW

msimg32

GradientFill
TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteKeyW
ConvertStringSidToSidW
SetEntriesInAclW
SetNamedSecurityInfoW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW
RegOpenKeyW
RegEnumKeyW
GetNamedSecurityInfoW
RegQueryValueW
RegCreateKeyW
RegDeleteValueW

shell32

Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHCreateDirectoryExW
SHFileOperationW
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW
ShellExecuteExW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
ImageList_Draw
ord17
ImageList_GetImageCount
ImageList_GetIcon

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsW
UrlUnescapeW

oledlg

OleUIBusyW

ole32

CoCreateInstance
CoTaskMemFree
PropVariantClear
CoInitialize
CoUninitialize
CoInitializeEx
OleRun
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoTaskMemAlloc
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
ReleaseStgMedium

oleaut32

VariantInit
SysStringLen
VariantChangeType
SafeArrayDestroy
VariantCopy
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
OleCreatePropertyFrame
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
GetErrorInfo

gdiplus

GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipGetImageHeight
GdipGetImageWidth
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateFromHDC
GdiplusShutdown
GdipFree
GdipImageSelectActiveFrame
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusStartup
GdipDrawImageRectI
GdipAlloc
GdipDeleteGraphics

ws2_32

listen
bind
htons
WSAEventSelect
closesocket
WSACreateEvent
WSAEnumNetworkEvents
WSAAccept
WSARecv
WSACloseEvent
WSAWaitForMultipleEvents
WSASend
shutdown
inet_addr
WSACleanup
WSASetLastError
WSAStartup
socket
WSAGetLastError

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

d3d9

Direct3DCreate9

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteVBRHeader

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0236590402356e3ca9958d1dc78714d0

Headers

DLL Characteristics

File Characteristics

Imports

winmm

rpcrt4

psapi

wininet

crashrpt1300

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

version

d3d9

imm32

Exports

Exports

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rodata Size: 512B - Virtual size: 16B

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 47KB - Virtual size: 151KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 227KB - Virtual size: 226KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rodata
Size: 512B - Virtual size: 16B

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 47KB - Virtual size: 151KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 227KB - Virtual size: 226KB