fbd65b1a8ef1ea8c27e5da278ebe3e48990985737aacaa5bf2e9a5bc747bf813

Sharing

Copy URL Twitter E-mail

General

Target

fbd65b1a8ef1ea8c27e5da278ebe3e48990985737aacaa5bf2e9a5bc747bf813
Size

6.3MB
MD5

b36ffe25af63a496e66e19fb392d68a7
SHA1

b01970d1f8150833213398836f29bbabba06bd28
SHA256

fbd65b1a8ef1ea8c27e5da278ebe3e48990985737aacaa5bf2e9a5bc747bf813
SHA512

050ab0eed56d91177782b71320bcbe0234945cc6b308377b1b6ddf94e8287ba772f48a16545f098c0bf11b0c4f4c95dced7ac8fc2141ba1bee23cc22b1b6c7e8
SSDEEP

98304:jOxuNoZh+ZjUtRJ+SBFpZ9tM9o/moRSDHmEuc:jOZYUtRJ+SBFx5E7lH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbd65b1a8ef1ea8c27e5da278ebe3e48990985737aacaa5bf2e9a5bc747bf813

Files

fbd65b1a8ef1ea8c27e5da278ebe3e48990985737aacaa5bf2e9a5bc747bf813
.exe windows x86

fa1e1a72883a137af91e619103c1e182

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_BeginDrag
ImageList_EndDrag
ImageList_SetIconSize
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Remove
ImageList_AddMasked
ord17
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_Draw
ord413
ord412
ImageList_DragEnter
ord410

shlwapi

PathMatchSpecW
ColorRGBToHLS
PathStripPathW
PathAppendW
PathAddExtensionW
PathRemoveExtensionW
PathIsDirectoryW
PathCombineW
AssocQueryStringW
PathFindFileNameW
PathIsRelativeW
PathGetDriveNumberW
PathCompactPathExW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
ColorHLSToRGB

shell32

SHFileOperationW
SHCreateItemFromParsingName
DragQueryPoint
DragFinish
ShellExecuteW
ord165
SHGetFolderPathW
DragQueryFileW
Shell_NotifyIconW

dbghelp

ImageNtHeader

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

crypt32

CryptQueryObject
CertGetNameStringW
CertNameToStrW
CertGetCertificateContextProperty
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose

wintrust

WinVerifyTrust

sensapi

IsDestinationReachableW
IsNetworkAlive

wininet

InternetCrackUrlW

imm32

ImmSetCompositionStringW
ImmEscapeW
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmNotifyIME
ImmSetCandidateWindow

msimg32

AlphaBlend

kernel32

GlobalLock
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
SetFilePointerEx
WriteFile
GetLocalTime
GlobalAlloc
FormatMessageW
GetTimeFormatEx
GetDateFormatEx
LCMapStringW
CloseHandle
ExpandEnvironmentStringsW
SetCurrentDirectoryW
FreeLibrary
LoadResource
LockResource
SizeofResource
FindResourceW
GetCurrentThreadId
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
CreateThread
CopyFileW
GetCurrentProcess
GetCurrentProcessId
LoadLibraryW
ReleaseMutex
DeleteFileW
Sleep
GlobalSize
lstrcpynW
WaitForMultipleObjects
CopyFileExW
GetSystemInfo
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetTempPathW
SetLastError
CancelIo
SleepEx
WaitForSingleObjectEx
QueueUserAPC
ReadDirectoryChangesW
GetLocaleInfoA
GetTickCount
LoadLibraryA
GetStringTypeExW
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
GetCurrentThread
GetTimeFormatW
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
CompareStringW
GetCPInfo
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
QueryPerformanceCounter
RaiseException
DecodePointer
EncodePointer
GetStringTypeW
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryW
CompareFileTime
lstrlenW
lstrcmpW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
WideCharToMultiByte
MultiByteToWideChar
GetACP
GlobalFree
GetModuleFileNameW
GetVersion
MulDiv
LocalFree
LocalAlloc
GetDateFormatW
GetLastError
OutputDebugStringW
lstrcmpiW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
VirtualProtect
VirtualAlloc
VirtualFree
GlobalUnlock
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileExW
lstrcpyW
SetFileAttributesW
GetLongPathNameW
GetFullPathNameW
UnregisterWait
GetFileAttributesExW
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
RtlUnwind
ReadFile
ExitProcess
GetModuleHandleExW
ExitThread
GetStdHandle
HeapAlloc
HeapFree
GetFileType
GetConsoleMode
ReadConsoleW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
GetFileSizeEx
IsValidCodePage
GetOEMCP
HeapReAlloc
FindFirstFileExW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
HeapSize
SetEndOfFile
WriteConsoleW
CreateMutexW

user32

IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
GetClassNameA
CreateAcceleratorTableW
FindWindowW
ShowCursor
CreateDialogIndirectParamW
MonitorFromRect
TrackMouseEvent
GetCapture
SetRectEmpty
LoadBitmapW
AppendMenuW
RegisterWindowMessageW
CreateCursor
DestroyCursor
ScrollWindow
GetPropW
RemovePropW
LoadStringW
InsertMenuItemW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
KillTimer
GetCaretBlinkTime
AppendMenuA
GetMessageTime
GetKeyboardLayout
ValidateRect
SetTimer
MsgWaitForMultipleObjects
NotifyWinEvent
GetUpdateRgn
SystemParametersInfoA
GetDoubleClickTime
DrawTextA
CopyImage
MonitorFromPoint
AdjustWindowRectEx
LoadStringA
GetMenuItemID
DispatchMessageW
TranslateMessage
GetMessageW
BringWindowToTop
ReleaseCapture
GetActiveWindow
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetParent
RedrawWindow
GetDlgCtrlID
IsChild
FindWindowExW
IsWindowEnabled
GetAsyncKeyState
GetClassInfoExW
SetMenuItemInfoW
InsertMenuW
GetMenuItemCount
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
CreateMenu
GetMenuState
EmptyClipboard
SetClipboardData
IsWindow
GetDlgItemInt
FrameRect
CreateDialogParamW
InflateRect
GetSysColor
ClientToScreen
IsWindowVisible
ShowWindow
IsClipboardFormatAvailable
GetSubMenu
GetClipboardData
ChangeClipboardChain
SetClipboardViewer
CloseClipboard
OpenClipboard
LoadCursorW
GetParent
SetCaretPos
ShowCaret
CharUpperW
DestroyCaret
CreateCaret
SetCursor
MessageBeep
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetDC
UpdateWindow
DrawTextExW
GetMenu
GetSystemMetrics
ToAscii
GetKeyboardState
GetFocus
SetWindowPlacement
GetWindowPlacement
DestroyWindow
CreateWindowExW
RegisterClassW
PostMessageW
DrawFrameControl
DrawEdge
SetFocus
MoveWindow
DrawIconEx
LoadImageW
EnableWindow
GetKeyState
RemoveMenu
GetIconInfo
CreateIconIndirect
LoadIconW
GetDesktopWindow
DrawIcon
GetDlgItemTextA
LoadMenuW
IsDialogMessageW
SetMenu
GetMonitorInfoW
MonitorFromWindow
WindowFromPoint
LockWindowUpdate
GetDCEx
CheckMenuRadioItem
ChildWindowFromPointEx
SetForegroundWindow
SetMenuItemBitmaps
DeleteMenu
DrawMenuBar
GetMenuStringW
TranslateAcceleratorW
DestroyAcceleratorTable
IsZoomed
IsIconic
mouse_event
SetDlgItemInt
GetScrollInfo
SetScrollInfo
DestroyIcon
SendDlgItemMessageW
EndDialog
DialogBoxIndirectParamW
DialogBoxParamW
GetComboBoxInfo
GetMenuBarInfo
GetClassNameW
EnumChildWindows
PtInRect
OffsetRect
IntersectRect
FillRect
DrawFocusRect
MapWindowPoints
ScreenToClient
GetCursorPos
GetWindowRect
GetClientRect
GetWindowTextW
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
DrawTextW
GetMenuItemInfoW
SetWindowPos
DefWindowProcW
SetWindowLongW
GetWindowLongW
SetWindowTextW
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemTextA
GetDlgItem
CallWindowProcW
SendMessageW
MessageBoxW
wsprintfW
GetAncestor
SystemParametersInfoW
SetPropW
GetSysColorBrush
MessageBoxA
GetWindowTextLengthW
TrackPopupMenu
FlashWindowEx
CharLowerW
HideCaret
ModifyMenuW
RegisterClassExW
UnregisterClassW
RegisterClipboardFormatW
PostQuitMessage
SetCapture

gdi32

DeleteDC
GetDeviceCaps
GetPixel
BitBlt
CreateCompatibleDC
SaveDC
GetObjectW
SelectObject
CreateCompatibleBitmap
MoveToEx
LineTo
CreateHatchBrush
GetTextMetricsW
SetROP2
GetROP2
CreateFontW
ExtTextOutW
RestoreDC
OffsetWindowOrgEx
CreateBitmap
CreatePatternBrush
PatBlt
SetBrushOrgEx
GetDIBits
SetDIBits
EnumFontFamiliesExW
SetTextAlign
StartDocW
EndDoc
StartPage
EndPage
DPtoLP
GetTextExtentPointW
StretchBlt
CombineRgn
IntersectClipRect
RoundRect
Ellipse
Polygon
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPoint32A
CreateDIBSection
ExtTextOutA
SetTextColor
SetBkMode
Polyline
SelectClipRgn
Rectangle
GetTextExtentPoint32W
GetStockObject
GetClipRgn
ExcludeClipRect
DeleteObject
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreateFontIndirectW
SetBkColor
SetWindowOrgEx
CreateFontA

comdlg32

ChooseColorW
PrintDlgW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
IsTextUnicode

ole32

CLSIDFromProgID
RegisterDragDrop
OleInitialize
DoDragDrop
OleUninitialize
ReleaseStgMedium
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
RevokeDragDrop

oleaut32

SysAllocString
SysFreeString

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
GetThemePartSize
GetThemeFont
SetWindowTheme
EnableThemeDialogTexture
DrawThemeParentBackground
GetThemeTransitionDuration
BufferedPaintRenderAnimation
EndBufferedAnimation
BeginBufferedAnimation
BufferedPaintStopAllAnimations
DrawThemeTextEx

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa1e1a72883a137af91e619103c1e182

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

shell32

dbghelp

version

crypt32

wintrust

sensapi

wininet

imm32

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

uxtheme

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 627KB - Virtual size: 626KB

.data Size: 50KB - Virtual size: 123KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 123KB - Virtual size: 123KB

.text Size: 2KB - Virtual size: 1KB

.idata Size: 13KB - Virtual size: 12KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 123KB - Virtual size: 123KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 627KB - Virtual size: 626KB

.data
Size: 50KB - Virtual size: 123KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 123KB - Virtual size: 123KB

.text
Size: 2KB - Virtual size: 1KB

.idata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 123KB - Virtual size: 123KB