6d92db301ada16d44f574c19dc08eb264be6e9e86712a150a05ce7086baa452d

Sharing

Copy URL Twitter E-mail

General

Target

6d92db301ada16d44f574c19dc08eb264be6e9e86712a150a05ce7086baa452d
Size

4.2MB
MD5

2cf3701c2b283c6e752c0cdef8594829
SHA1

cabd61998056d23dcd720232ac586c2b74adc0bf
SHA256

6d92db301ada16d44f574c19dc08eb264be6e9e86712a150a05ce7086baa452d
SHA512

c4e747e08036de650a990b2ac286e3b45f381f8af95d92f0d7f5030ae14be0b97978969866b110cccc6c483400b0f8aec1872ea7324347390cea28d1b1b9afe8
SSDEEP

98304:S8ZwQougDLPdOuilayWYolzgpn5vwPov3Dj2eE9BKa6QzELMHb1rauetO:S8FougDLblcz3bj+ZFsMHb1itO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d92db301ada16d44f574c19dc08eb264be6e9e86712a150a05ce7086baa452d

Files

6d92db301ada16d44f574c19dc08eb264be6e9e86712a150a05ce7086baa452d
.exe windows x86

73398c70f691faba1d50d76f595533c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pdflib

PDF_get_errnum
PDF_get_apiname
pdf_catch
PDF_end_document
PDF_delete_table
PDF_end_page_ext
PDF_fit_table
PDF_stroke
PDF_rect
PDF_show_xy
PDF_setfont
PDF_begin_page_ext
PDF_add_table_cell
PDF_load_font
PDF_set_info
PDF_get_errmsg
PDF_begin_document
PDF_set_parameter
pdf_jbuf
PDF_delete
PDF_new

kernel32

IsValidCodePage
IsProcessorFeaturePresent
GetTimeZoneInformation
GetLocaleInfoW
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
SetHandleCount
LCMapStringW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
CompareStringW
GetConsoleCP
GetConsoleMode
IsDebuggerPresent
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetSystemDirectoryA
GetPrivateProfileSectionNamesA
EnumResourceTypesA
EnumResourceNamesA
EnumResourceLanguagesA
GetExitCodeThread
TerminateThread
lstrcpynA
GetDateFormatA
GetTimeFormatA
UnhandledExceptionFilter
HeapSize
GetCurrentDirectoryW
HeapQueryInformation
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
SetLastError
DeactivateActCtx
GetLastError
LoadLibraryA
GetModuleHandleA
GetProcAddress
ActivateActCtx
Sleep
DeleteFileA
CreateDirectoryA
AllocConsole
GetStdHandle
CreateThread
MultiByteToWideChar
GetCurrentDirectoryA
OutputDebugStringA
CloseHandle
WaitForMultipleObjects
ResetEvent
InterlockedIncrement
InterlockedDecrement
GetWindowsDirectoryA
GetModuleFileNameA
SetUnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
GetLocalTime
GetCurrentThread
GetCurrentProcess
CreateFileA
GetCurrentThreadId
EnterCriticalSection
GetCurrentProcessId
LeaveCriticalSection
TerminateProcess
MulDiv
DeviceIoControl
SetEvent
CreateEventA
SetCommTimeouts
SetCommMask
GetCommState
BuildCommDCBA
SetCommState
PurgeComm
WaitCommEvent
ClearCommError
GetCommMask
ResumeThread
SuspendThread
FormatMessageA
LocalFree
WriteFile
GetOverlappedResult
ReadFile
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
FreeLibrary
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
lstrcmpW
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrlenA
lstrlenW
GlobalAlloc
GlobalSize
CopyFileA
FileTimeToSystemTime
SystemTimeToFileTime
FindClose
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
GetStringTypeExA
GetThreadLocale
lstrcmpiA
MoveFileA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GlobalReAlloc
GetTickCount
GetPrivateProfileIntA
SetThreadPriority
WaitForSingleObject
GetUserDefaultLCID
GetFileAttributesA
ReplaceFileA
SetFileTime
GetFileTime
GetTempFileNameA
GetDiskFreeSpaceA
LocalAlloc
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
lstrcpyA
GetNumberFormatA
GetTempPathA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
SetStdHandle
GetFileType
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitProcess
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread

user32

SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
GetWindowThreadProcessId
IsWindowEnabled
GetClassNameA
RegisterWindowMessageA
wsprintfA
GetDCEx
GetWindow
ReleaseDC
GetClassLongA
FillRect
GetWindowLongA
ClientToScreen
IsDialogMessageA
SetWindowTextA
MoveWindow
IsRectEmpty
EndDeferWindowPos
LoadStringA
GetClipboardData
SendMessageTimeoutA
IsWindowUnicode
BeginDeferWindowPos
SystemParametersInfoA
IsChild
GetKeyState
GetSysColor
InflateRect
CopyRect
GetParent
LoadIconW
MessageBoxA
RemoveMenu
GetSystemMenu
GetFocus
GetUpdateRect
SetCapture
ReleaseCapture
IsZoomed
PtInRect
DrawFocusRect
LoadCursorW
InsertMenuA
AppendMenuA
GetMenuStringA
GetDC
GetKeyNameTextA
MapVirtualKeyA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
CharUpperA
GetMenuItemInfoA
KillTimer
GetClassInfoA
GetWindowLongW
DestroyMenu
PostQuitMessage
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
ValidateRect
TranslateMessage
SetWindowLongW
GetMessageA
ShowOwnedPopups
GetNextDlgGroupItem
SetRectEmpty
TranslateAcceleratorA
BringWindowToTop
IntersectRect
CreatePopupMenu
GetCursor
GetMenuStringW
LoadBitmapA
LookupIconIdFromDirectoryEx
mouse_event
ShowCaret
GetKeyboardLayoutList
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
CreateIconFromResourceEx
CreateIconIndirect
EnableWindow
SendMessageA
SetTimer
InvalidateRect
GetClientRect
OffsetRect
PostMessageA
ShowWindow
LoadBitmapW
GetCursorPos
LoadMenuW
GetSubMenu
UpdateWindow
GetWindowRect
GetSysColorBrush
GetSystemMetrics
LoadCursorA
SetCursor
RedrawWindow
InsertMenuItemA
IsIconic
LoadAcceleratorsA
DestroyIcon
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
SetRect
DestroyCursor
WindowFromPoint
WaitMessage
DrawStateA
DeleteMenu
SetParent
UnregisterClassA
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
PostThreadMessageA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetTabbedTextExtentA
GetWindowRgn
SubtractRect
GetDoubleClickTime
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
MapVirtualKeyExA
IsCharLowerA
CharUpperBuffA
CopyIcon
FrameRect
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawEdge
SetClassLongA
DestroyAcceleratorTable
DrawIconEx
CopyImage
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
GetAsyncKeyState
NotifyWinEvent
GetTabbedTextExtentW
CreateMenu
SetWindowRgn
DrawIcon
UnionRect
LoadAcceleratorsW
MessageBeep
GetLastActivePopup

gdi32

StrokeAndFillPath
EndPath
CloseFigure
BeginPath
GetBitmapBits
ExtCreateRegion
ExtTextOutW
StrokePath
CreateFontA
SetPixelV
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
SetPaletteEntries
ExtFloodFill
RoundRect
EnumFontFamiliesExA
SetPixel
StretchBlt
GetDIBits
SetDIBColorTable
OffsetRgn
Polygon
Polyline
CreatePolygonRgn
GetCurrentObject
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
CreateRoundRectRgn
GetWindowOrgEx
GetTextExtentPoint32W
GetTextExtentPointA
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
Ellipse
LPtoDP
CreateEllipticRgn
GetRgnBox
GetTextCharsetInfo
CreateDIBitmap
StretchDIBits
GetCharWidthA
GetTextMetricsA
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
Rectangle
GetViewportOrgEx
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetTextExtentPoint32A
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
PolyBezierTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
CreateBitmap
SetBkColor
SetTextColor
PatBlt
GetTextColor
EnumFontFamiliesA
GetDeviceCaps
ResetDCA
CreateDIBSection
CreateICA
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
CreateFontIndirectA
GetObjectA
FillPath

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

OpenProcessToken
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
OpenThreadToken
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegEnumKeyExA
RegSetValueA
AdjustTokenPrivileges
RegOpenKeyExW
LookupPrivilegeValueA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
DragAcceptFiles
ShellExecuteA
SHGetMalloc
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs
DragQueryFileA
DragFinish
SHGetFileInfoA
SHCreateDirectoryExA

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_Draw
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_DrawEx
InitCommonControlsEx

shlwapi

PathRemoveExtensionA
PathFindExtensionA
PathStripToRootA
PathRemoveFileSpecW
PathFileExistsA
PathFindFileNameA
PathIsUNCA

ole32

CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
CoLockObjectExternal
RevokeDragDrop
RegisterDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleGetClipboard
DoDragDrop
CoGetClassObject
CoInitialize
CoDisconnectObject
CoInitializeEx
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree

oleaut32

OleCreateFontIndirect
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit
SysAllocStringLen
SystemTimeToVariantTime
SysFreeString
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
VarDateFromStr
SysStringLen
LoadTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayDestroy
VarBstrFromDate
SysAllocString
OleLoadPicturePath
VarUdateFromDate
VariantChangeTypeEx

oledlg

ord8
ord1

odbc32

ord17
ord41
ord10
ord61
ord3
ord16
ord2
ord1
ord23
ord15
ord9
ord14
ord20
ord8
ord48
ord49
ord11
ord19
ord12
ord46
ord18
ord13
ord59
ord43
ord68
ord44
ord45
ord50
ord51
ord5

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDrawRectangleI
GdipFillPolygon
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipFillRectangle
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipFillRectangleI
GdipCloneBrush
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetPageUnit
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 681KB - Virtual size: 681KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 24.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73398c70f691faba1d50d76f595533c0

Headers

DLL Characteristics

File Characteristics

Imports

pdflib

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

odbc32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 681KB - Virtual size: 681KB

.data Size: 54KB - Virtual size: 24.0MB

.rsrc Size: 287KB - Virtual size: 286KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 681KB - Virtual size: 681KB

.data
Size: 54KB - Virtual size: 24.0MB

.rsrc
Size: 287KB - Virtual size: 286KB