917d3e0d65e89c8580848765c4a9aeaed898d682ce3181e2e1088605f12606dc

Sharing

Copy URL Twitter E-mail

General

Target

917d3e0d65e89c8580848765c4a9aeaed898d682ce3181e2e1088605f12606dc
Size

1.0MB
MD5

a3ba5acc0c4d54146862ce6131922ce3
SHA1

dea227c3d2ca333219b703b274e76221d9be49be
SHA256

917d3e0d65e89c8580848765c4a9aeaed898d682ce3181e2e1088605f12606dc
SHA512

87864abaee6089a0d695ae03118d1ccb77e3f7102e5531352107e00ef697856a2b6b15da76d13a5bcb2c01552eda6dfe4453dac8a60f3eaff4a42ec558694818
SSDEEP

24576:ih68YvX7OZ8VcMwRC14g8gT+bJrvYdeFG3h1dP:7NaZ8hJOvZ1AdOGdP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
917d3e0d65e89c8580848765c4a9aeaed898d682ce3181e2e1088605f12606dc

Files

917d3e0d65e89c8580848765c4a9aeaed898d682ce3181e2e1088605f12606dc
.exe windows x86

1a144b191f667398569f6d893c062846

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA
AVIStreamGetFrame

winmm

midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
PlaySoundA
midiOutUnprepareHeader
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop

ws2_32

WSAAsyncSelect
closesocket
WSACleanup
accept
getpeername
inet_ntoa
recv
ioctlsocket
recvfrom

kernel32

GetVersion
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAddAtomA
GlobalGetAtomNameA
lstrcpynA
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFlags
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileTime
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
GetStartupInfoA
RtlUnwind
GetSystemTime
GetLocalTime
RaiseException
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetStdHandle
GetTimeZoneInformation
SetLastError
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
GetTempFileNameA
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
FindResourceA
LoadResource
LockResource
GetFullPathNameA
WritePrivateProfileStringA
CreateThread
CreateEventA
GetTempPathA
GetFileAttributesA
SetCurrentDirectoryA
GetCommandLineA
DeleteFileA
GetModuleFileNameA
Sleep
WideCharToMultiByte
MultiByteToWideChar
GetProfileStringA
CreateFileA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
SetEvent
GlobalAlloc
WaitForSingleObject
CloseHandle
MulDiv
GetCurrentThreadId
ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
FreeLibrary
GlobalSize
GlobalLock
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetTickCount
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
InterlockedExchange
GlobalFindAtomA

user32

GetSysColorBrush
LoadStringA
GetNextDlgGroupItem
PostThreadMessageA
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
CharUpperA
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
GetWindowTextA
FindWindowExA
GetDlgItem
GetClassNameA
GetDesktopWindow
DrawStateA
FrameRect
GetNextDlgTabItem
TranslateMessage
LoadIconA
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetSubMenu
EnableMenuItem
MapDialogRect
ReleaseDC
SetForegroundWindow
EqualRect
ValidateRect
MessageBeep
GetDlgCtrlID
EnumDisplaySettingsA
LoadImageA
MessageBoxA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
DrawFrameControl
DrawEdge
DrawFocusRect
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
ClientToScreen
WindowFromPoint
SystemParametersInfoA
ShowWindow
SetCursor
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetSystemMenu
GetCursorPos
SetCursorPos
GetMenu
SetMenu
PeekMessageA
IsIconic
SetActiveWindow
DestroyMenu
SetFocus
SetWindowPos
GetActiveWindow
GetTopWindow
GetWindow
IsChild
DestroyAcceleratorTable
DestroyCursor
SetWindowRgn
UpdateWindow
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
GetFocus
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
PostMessageA
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
IsWindow
IsRectEmpty
LoadCursorA
GetParent
SetParent
PtInRect
GetClientRect
OffsetRect
FillRect
IsWindowVisible
wsprintfA
EnableWindow
InvalidateRect
RedrawWindow
GetSystemMetrics
GetWindowRect
SendMessageA
GetWindowLongA
SetWindowLongA
GetSysColor
SetWindowContextHelpId
CharNextA
GetDC
DeleteMenu
UnregisterClassA

gdi32

DPtoLP
GetDeviceCaps
CreateDCA
CreateCompatibleBitmap
EndPage
StartPage
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
EndDoc
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
DeleteDC
CreateRectRgnIndirect
LPtoDP
GetTextMetricsA
GetClipBox
SaveDC
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SelectPalette
GetMapMode
RealizePalette
GetDIBits
SetBkColor
StartDocA
CreatePolygonRgn
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
CreateDIBSection
GetPixel
SetPixel
ExtCreateRegion
SetStretchBltMode
StretchBlt
CreateDIBitmap
GetClipRgn
SelectClipRgn
DeleteObject
SetTextColor
Rectangle
Ellipse
RoundRect
CombineRgn
CreateRectRgn
FillRgn
GetCurrentObject
SetBkMode
TextOutA
GetSystemPaletteEntries
CreateBitmap
GetTextExtentPoint32A
CreatePatternBrush
CreateCompatibleDC
SelectObject
CreateSolidBrush
BitBlt
GetObjectA
CreatePen
PatBlt
GetStockObject
MoveToEx
SetDIBitsToDevice
RestoreDC
CreateFontIndirectA
CreatePalette

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CoTaskMemFree
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoGetClassObject
OleInitialize
OleUninitialize
CLSIDFromString
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CoTaskMemAlloc

oleaut32

VariantCopy
VariantClear
RegisterTypeLi
UnRegisterTypeLi
VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnaccessData
SafeArrayAccessData
LoadTypeLi
SysAllocString
SafeArrayCreate
OleCreateFontIndirect
SysFreeString
SafeArrayGetElemsize
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy

oledlg

ord8

Sections

.text
Size: 604KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a144b191f667398569f6d893c062846

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

Sections

.text Size: 604KB - Virtual size: 600KB

.rdata Size: 220KB - Virtual size: 217KB

.data Size: 100KB - Virtual size: 307KB

.rsrc Size: 136KB - Virtual size: 133KB

.text
Size: 604KB - Virtual size: 600KB

.rdata
Size: 220KB - Virtual size: 217KB

.data
Size: 100KB - Virtual size: 307KB

.rsrc
Size: 136KB - Virtual size: 133KB