7e0167c2991772fa5f51341240b74ae42cc4789c8159db0126671034898816a9

Sharing

Copy URL Twitter E-mail

General

Target

7e0167c2991772fa5f51341240b74ae42cc4789c8159db0126671034898816a9
Size

1.9MB
MD5

293a1e0e3aa4a99433f01d563bfec89f
SHA1

8eea7f4b4783bd62b338ffc89a181e1aa17c2d1d
SHA256

7e0167c2991772fa5f51341240b74ae42cc4789c8159db0126671034898816a9
SHA512

f74cc1c57b7bc2a6253d4e02b061469c42059960a4990a2c2cb2a9b7758e3c368d5da6a83ff124123015f232f1f285dc7247365c7c2db3f92059a76f0f3035df
SSDEEP

49152:1wl285KszDY6fCpB+RtV6hmQ/x5LGR/jnDlvFRvxAN6GJwXVg2k+b4s:WlzvzDYzpB+fV0/x5LGR/jnDlvFN8pil

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e0167c2991772fa5f51341240b74ae42cc4789c8159db0126671034898816a9

Files

7e0167c2991772fa5f51341240b74ae42cc4789c8159db0126671034898816a9
.exe windows x86

11692c62b2e4daca819ab3f0eb43f502

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

lstrcpyA
LocalFileTimeToFileTime
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
WideCharToMultiByte
FindResourceW
LoadResource
lstrlenA
SizeofResource
GetSystemInfo
CreateFileA
CloseHandle
FindFirstFileA
FindClose
GetLastError
lstrcatA
SystemTimeToFileTime
LockResource
CreateDirectoryA
GetFileInformationByHandle
GetDriveTypeA
MulDiv
lstrlenW
GlobalUnlock
GlobalLock
GlobalSize
CopyFileA
FreeResource
FindResourceA
lstrcmpW
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
SetThreadPriority
ResumeThread
WaitForSingleObject
lstrcmpA
GetCurrentProcessId
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetThreadLocale
GlobalFlags
GetACP
GetCPInfo
GetOEMCP
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetWindowsDirectoryA
GetNumberFormatA
SetErrorMode
GetTempFileNameA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitProcess
DecodePointer
ExitThread
EncodePointer
GetTimeFormatA
GetDateFormatA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
GetConsoleCP
GetConsoleMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
IsValidCodePage
GetTimeZoneInformation
HeapCreate
GetStdHandle
GetStringTypeW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetDriveTypeW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetFileAttributesA
GetCurrentDirectoryA
SetFileTime
WriteFile
GlobalFree
GetQueuedCompletionStatus
Sleep
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetTempPathA
GetTickCount
InterlockedDecrement
FormatMessageA
LocalAlloc
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
LocalFree
MultiByteToWideChar
DeleteFileA
GetModuleFileNameA
InitializeCriticalSection
CreateIoCompletionPort
CreateThread
GlobalAlloc
ReadFile
GetCurrentThreadId
FindFirstFileExA

user32

PostQuitMessage
ShowOwnedPopups
GetKeyNameTextA
MapVirtualKeyA
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
RealChildWindowFromPoint
UnregisterClassA
SetRectEmpty
InvalidateRect
IntersectRect
DeleteMenu
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
WindowFromPoint
WaitMessage
DestroyIcon
CharUpperA
CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetMenuDefaultItem
CreatePopupMenu
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetIconInfo
CopyImage
LoadImageA
DrawIconEx
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
SetClassLongA
DrawStateA
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
RegisterWindowMessageA
FrameRect
EndPaint
CopyIcon
CharUpperBuffA
GetDoubleClickTime
DrawTextA
DestroyCursor
GetWindowRgn
GetFocus
SetFocus
SetWindowPos
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringA
InsertMenuA
GetMenuItemCount
RemoveMenu
TabbedTextOutA
FillRect
GetWindowThreadProcessId
SystemParametersInfoA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
DestroyMenu
GetMenuItemInfoA
InflateRect
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
GetUpdateRect
DrawTextExA
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowTextLengthA
ModifyMenuA
SubtractRect
CheckMenuItem
MessageBoxA
GetWindowLongA
SetWindowLongA
IsWindow
GetSystemMetrics
GetClientRect
IsIconic
GetSystemMenu
EnableMenuItem
AppendMenuA
DrawIcon
LoadBitmapW
ReleaseCapture
LoadCursorA
SetCursor
GetParent
SetCapture
RedrawWindow
ScreenToClient
ClientToScreen
GetWindowRect
wsprintfA
GetCursorPos
TrackPopupMenu
SetMenuDefaultItem
LoadIconW
SetForegroundWindow
KillTimer
SetTimer
PostMessageA
SendMessageA
LoadMenuW
GetSubMenu
GetMenuItemID
LoadIconA
EnableWindow
IsClipboardFormatAvailable
GetWindowTextA

gdi32

SetTextColor
SetBkColor
GetObjectA
CreateBitmap
CreateFontIndirectA
CreateCompatibleDC
BitBlt
ExtTextOutA
GetTextExtentPoint32A
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
OffsetRgn
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
CreateSolidBrush
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
CreateDCA
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
SetTextAlign
CopyMetaFileA
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateCompatibleBitmap
GetTextMetricsA
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
CreateRectRgn

shell32

Shell_NotifyIconA
SHAppBarMessage
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
ShellExecuteA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
OleInitialize
CoGetClassObject
CoInitialize
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysAllocStringByteLen
VariantInit
VariantCopy
VariantChangeType
VariantClear
SysFreeString
VarBstrFromDate
SysStringLen
SysAllocStringLen
OleCreateFontIndirect
GetErrorInfo
SafeArrayDestroy

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

ws2_32

htonl
bind
listen
WSAAccept
WSAIoctl
htons
WSASend
ntohs
inet_ntoa
getpeername
shutdown
WSASocketA
gethostname
ioctlsocket
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
getsockopt
getsockname
setsockopt
send
recv
select
__WSAFDIsSet
WSASetLastError
WSACleanup
WSARecv
closesocket
WSAGetLastError
WSAStartup
ntohl

wldap32

ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord41
ord46
ord26
ord50
ord60
ord143
ord211
ord22
ord30

crypt32

CertFreeCertificateContext

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipBitmapLockBits

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

CryptHashData
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
RegCloseKey
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11692c62b2e4daca819ab3f0eb43f502

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

ws2_32

wldap32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

advapi32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 337KB - Virtual size: 336KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 337KB - Virtual size: 336KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 15KB - Virtual size: 16KB