e37d2df8e259f89fa96e59deab9deb6cbc1d201eb13eb89f7e35ac1e44e286e0

Sharing

Copy URL Twitter E-mail

General

Target

e37d2df8e259f89fa96e59deab9deb6cbc1d201eb13eb89f7e35ac1e44e286e0
Size

11.1MB
MD5

f413f1b9d3053187c9ffd4d64c638ec9
SHA1

fb9c00e97b4a73fe953dcf0097bd753a570e1474
SHA256

e37d2df8e259f89fa96e59deab9deb6cbc1d201eb13eb89f7e35ac1e44e286e0
SHA512

db6b53637d145e7fcf86b2139bbaf4be9206d6e4cc1af4e0cfa259e510f7e1b210dbdf0e71193005e8a5a2e8037c09988dfc179597115ec85d8c4dac42ff0564
SSDEEP

196608:dYn/a/bCcTJqHgfjcBtM05DksAj0GQGsGmGRGUGmGsGIGLGrGfGzG120FLOyomFI:dYn/2oKAB/oRtZ/Ux/ZVqKuCw0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e37d2df8e259f89fa96e59deab9deb6cbc1d201eb13eb89f7e35ac1e44e286e0

Files

e37d2df8e259f89fa96e59deab9deb6cbc1d201eb13eb89f7e35ac1e44e286e0
.exe windows x86

93847a366e057cf856924378e03dbc66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

bcrypt

BCryptDestroyHash
BCryptFinishHash
BCryptHashData
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptGetProperty
BCryptOpenAlgorithmProvider

crypt32

CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertGetCertificateChain
CryptUnprotectMemory
CertSetCertificateContextProperty
CertCreateCertificateContext
CertFindExtension
CertGetCertificateContextProperty
CertOpenStore
CertCompareCertificate
CertGetNameStringW
CertCloseStore
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertOpenSystemStoreW
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptDecodeObject
CertDeleteCertificateFromStore
CertCompareCertificateName

winhttp

WinHttpWriteData
WinHttpQueryDataAvailable
WinHttpQueryOption
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpSetCredentials
WinHttpQueryAuthSchemes
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpSetOption
WinHttpGetProxyForUrl
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpGetDefaultProxyConfiguration
WinHttpSetStatusCallback
WinHttpGetIEProxyConfigForCurrentUser

ws2_32

WSAGetLastError
WSASetLastError
send
recv
closesocket
WSAStartup
WSACleanup
shutdown

shell32

ShellExecuteW
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
SHGetFileInfoW
Shell_NotifyIconW

advapi32

RegCreateKeyExW
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW
GetUserNameW
CryptAcquireContextW
CryptReleaseContext
RegQueryValueW
RegOpenKeyExW
RegSetValueExW
RegCloseKey

gdi32

SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
EnumFontFamiliesW
CreateDIBitmap
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
GetTextColor
GetBkColor
DPtoLP
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CombineRgn
CreateFontIndirectW
RemoveFontMemResourceEx
DeleteDC
GetDeviceCaps
GetViewportOrgEx
CreateSolidBrush
DeleteObject
GetObjectW
SetViewportOrgEx
Rectangle
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
StretchBlt
PatBlt
SelectObject
CreateDIBSection
SetDIBitsToDevice
StretchDIBits
RealizePalette
CreatePalette
CreateBitmap
SetBkMode
GetTextExtentPoint32W
GetPixel
MoveToEx
CreatePen
LineTo
SetTextColor
SetBkColor
SetTextJustification
TextOutW
GetTextMetricsW
CreateFontW
SetDIBColorTable
ExtTextOutW
GetCurrentObject
CreateDCW
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
CopyMetaFileW
SetWindowOrgEx
SetTextAlign
SetViewportExtEx
SetWindowExtEx
GetTextCharsetInfo
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
GetTextFaceW
SetPixelV
GetWindowOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExW
GetPaletteEntries
RoundRect
OffsetRgn
SetPixel
GetRgnBox
CreateRoundRectRgn
ScaleWindowExtEx

user32

GetComboBoxInfo
CreateMenu
GetWindowRgn
GetMenuItemID
SetActiveWindow
EnumChildWindows
TrackPopupMenu
GetSubMenu
DestroyIcon
SetMenuDefaultItem
FindWindowW
GetClassNameW
SetParent
SystemParametersInfoW
RegisterWindowMessageW
SetForegroundWindow
LoadImageW
GetCursorPos
GetWindowRect
FillRect
IsWindow
OffsetRect
SetTimer
RedrawWindow
GetSysColor
SetCursor
GetClientRect
KillTimer
GetParent
UpdateWindow
InvalidateRect
LoadIconW
MessageBoxW
SendMessageW
UnregisterClassW
PostQuitMessage
WaitMessage
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetCursorPos
RegisterClipboardFormatW
SetClipboardData
CloseClipboard
OpenClipboard
TranslateMDISysAccel
SetRect
InvalidateRgn
CopyAcceleratorTableW
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
IsZoomed
TrackMouseEvent
GetAsyncKeyState
CopyImage
EnableWindow
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
ShowOwnedPopups
IsRectEmpty
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
WindowFromPoint
CharUpperW
CharNextW
UnpackDDElParam
ReuseDDElParam
PostThreadMessageW
SubtractRect
IsClipboardFormatAvailable
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
MapVirtualKeyW
GetKeyNameTextW
MapDialogRect
SetWindowContextHelpId
DestroyMenu
IntersectRect
InflateRect
TranslateMessage
GetMessageW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
RemoveMenu
DefMDIChildProcW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
HideCaret
InvertRect
GetNextDlgGroupItem
FrameRect
GetMenuState
GetMenuStringW
SetRectEmpty
SendDlgItemMessageA
GetNextDlgTabItem
EmptyClipboard
DefFrameProcW
WinHelpW
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
GetMonitorInfoW
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
GetMenuItemInfoW
ModifyMenuW
IsWindowVisible
DrawIcon
SetMenuItemInfoW
SetMenuInfo
DrawIconEx
IsIconic
GetWindowThreadProcessId
LoadBitmapW
AppendMenuW
GetMenuItemCount
DeleteMenu
InsertMenuW
ShowWindow
PeekMessageW
GetCursor
AdjustWindowRectEx
GetWindow
GetDlgCtrlID
ClientToScreen
GetWindowLongW
GetLastActivePopup
GetSystemMenu
DestroyWindow
SetWindowPos
CreateWindowExW
ScreenToClient
EndDialog
MessageBeep
GetActiveWindow
DrawStateW
DialogBoxIndirectParamW
MoveWindow
MonitorFromWindow
EnableMenuItem
DrawEdge
BeginPaint
EndPaint
GetSystemMetrics
DestroyCursor
LoadStringW
CopyIcon
GetIconInfo
CreateIconIndirect
GetDC
ReleaseDC
LoadCursorW
SetCapture
SetWindowLongW
PtInRect
ReleaseCapture
GetDesktopWindow
CopyRect
GetForegroundWindow
wsprintfW
GetFocus
GetTopWindow
SetFocus
DrawAnimatedRects
LoadMenuW
PostMessageW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
DispatchMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetKeyState
GetCapture
GetMenu
SetMenu
ValidateRect
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
MapWindowPoints
EqualRect
GetClassLongW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo

iphlpapi

GetAdaptersInfo

wininet

InternetOpenUrlW
InternetOpenW
InternetCloseHandle
InternetCanonicalizeUrlW
InternetReadFile
InternetGetConnectedState

cryptui

CryptUIDlgViewContext

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

LCMapStringW
GetCPInfo
CreateTimerQueue
QueryPerformanceFrequency
SwitchToThread
CreateThread
GetThreadPriority
GetLogicalProcessorInformation
SignalObjectAndWait
GetStringTypeW
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
VirtualAlloc
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
SizeofResource
HeapFree
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
HeapSize
Sleep
GetLastError
LockResource
HeapReAlloc
RaiseException
LoadResource
FindResourceW
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
MulDiv
GetCommandLineW
GetModuleFileNameW
CreateMutexW
WaitForSingleObject
ReleaseMutex
lstrcatW
CloseHandle
CreateProcessW
GetVersionExW
GetVersion
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetCurrentProcess
WriteFile
LocalAlloc
CreateFileW
GetFileAttributesW
GetComputerNameExW
GetModuleHandleA
SetFileAttributesW
FileTimeToSystemTime
DeleteFileW
GlobalFree
GetProcAddress
LocalFree
GetModuleHandleW
SystemTimeToTzSpecificLocalTime
FormatMessageA
LoadLibraryW
GetWindowsDirectoryW
FreeLibrary
lstrlenW
lstrcpyW
WinExec
LoadLibraryExW
GetFullPathNameW
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
ReadFile
GetCurrentThread
GetFileSize
GetTempPathW
InterlockedExchange
FindFirstFileW
FindNextFileW
FindClose
GetSystemTimeAsFileTime
FormatMessageW
VerSetConditionMask
SetEvent
WaitForMultipleObjects
QueueUserAPC
TerminateThread
TlsAlloc
TlsFree
VerifyVersionInfoW
GetStdHandle
GetFileType
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
TryEnterCriticalSection
LoadLibraryA
GlobalMemoryStatus
FlushConsoleInputBuffer
GetSystemTime
SystemTimeToFileTime
OutputDebugStringA
EncodePointer
GetSystemDirectoryW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
GlobalSize
CopyFileW
CreateEventW
SetThreadPriority
SuspendThread
ResumeThread
lstrcmpA
GetThreadLocale
FlushFileBuffers
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
FileTimeToLocalFileTime
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalFlags
GlobalGetAtomNameW
InitializeCriticalSection
TlsGetValue
TlsSetValue
GlobalReAlloc
GlobalHandle
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetCurrentDirectoryW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetErrorMode
GetTempFileNameW
FindResourceExW
SearchPathW
GetProfileIntW
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
GetDriveTypeW
PeekNamedPipe
GetSystemInfo
VirtualQuery
GetACP
ExitProcess
GetModuleHandleExW
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
ExitThread
GetCommandLineA
HeapQueryInformation
SetStdHandle
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
GetConsoleCP
IsValidCodePage
GetOEMCP
FindFirstFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
QueueUserWorkItem
GetTickCount
OutputDebugStringW

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIcon
ord17
ImageList_GetImageCount

shlwapi

PathQuoteSpacesW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
StrFormatKBSizeW
PathRemoveFileSpecW
StrStrW

uxtheme

DrawThemeText
GetThemePartSize
GetCurrentThemeName
GetThemeColor
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
GetWindowTheme
DrawThemeBackground
CloseThemeData
OpenThemeData
IsAppThemed
GetThemeSysColor

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoRevokeClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CLSIDFromProgID

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
SysStringLen
SysAllocString
OleCreateFontIndirect
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdiplusShutdown
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93847a366e057cf856924378e03dbc66

Headers

DLL Characteristics

File Characteristics

Imports

bcrypt

crypt32

winhttp

ws2_32

shell32

advapi32

gdi32

user32

iphlpapi

wininet

cryptui

version

kernel32

msimg32

comdlg32

winspool.drv

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 3.5MB - Virtual size: 3.5MB

.data Size: 149KB - Virtual size: 195KB

.gfids Size: 111KB - Virtual size: 111KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 3.3MB - Virtual size: 3.3MB

.reloc Size: 246KB - Virtual size: 245KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 149KB - Virtual size: 195KB

.gfids
Size: 111KB - Virtual size: 111KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

.reloc
Size: 246KB - Virtual size: 245KB