83767afef152c6b8c72550be421607c32a03bd1e02ce5ed2dae6a48f7643ce87

Sharing

Copy URL Twitter E-mail

General

Target

83767afef152c6b8c72550be421607c32a03bd1e02ce5ed2dae6a48f7643ce87
Size

1.3MB
MD5

e88bb0ca4a6ceecc42906c2006ea104b
SHA1

3901dec09bd968fed7eaea872f005f5d7261058e
SHA256

83767afef152c6b8c72550be421607c32a03bd1e02ce5ed2dae6a48f7643ce87
SHA512

559998f89491d91abaffb19fa48e783e28ab17078cf8ee557e3cbe22db6d5048b39ef38b6c52aeeb96061ab4722c47fbca261fc82235650452a4efb924cdcfd4
SSDEEP

24576:xSbY8EyPaAfxSzEN9GOuxv6eTmvbrNbXUmysqaF:U085SgbuxZ4XUmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83767afef152c6b8c72550be421607c32a03bd1e02ce5ed2dae6a48f7643ce87

Files

83767afef152c6b8c72550be421607c32a03bd1e02ce5ed2dae6a48f7643ce87
.exe windows x64

164f6b55059b1411c1153e8de0340e02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

GetMetaRgn
GetDIBits
GetClipRgn
PtVisible
RectVisible
TextOutW
GetStockObject
ExtTextOutW
GetObjectW
SetTextColor
SetBkMode
SetBkColor
Escape
EqualRgn
CreateRectRgn
GetTextExtentPointW
GetLayout
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateDIBSection
GdiFlush
PatBlt
CreateSolidBrush
ModifyWorldTransform
GetWorldTransform
SetStretchBltMode
StretchBlt
CreateCompatibleDC
BitBlt
SetRectRgn
GetRgnBox
CombineRgn
SetWorldTransform
SetGraphicsMode
SaveDC
RestoreDC
SelectObject
GetTextExtentPoint32W
CreateFontIndirectW
GetDeviceCaps
TranslateCharsetInfo
CreateDCW
GetTextMetricsW
RemoveFontResourceW
RemoveFontMemResourceEx
DeleteObject
SetLayout
CreateBitmap
CreatePatternBrush
GetClipBox
GetPixel
SetMapMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteDC

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

rpcrt4

RpcStringFreeW
UuidCreate
UuidToStringW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSQueryUserToken

kernel32

SetFilePointer
SetEndOfFile
CreateDirectoryW
FindNextFileW
GetFileAttributesExW
CreateProcessW
FileTimeToLocalFileTime
FindClose
IsDebuggerPresent
TerminateProcess
GetExitCodeProcess
GetSystemTimeAsFileTime
GetLocalTime
GlobalHandle
EnumResourceLanguagesW
FileTimeToSystemTime
GetCurrentDirectoryW
GetTempPathW
WriteProfileStringW
SystemTimeToTzSpecificLocalTime
IsBadReadPtr
GetLocaleInfoW
GetModuleFileNameW
VerSetConditionMask
GetVersion
GetVersionExW
VerifyVersionInfoW
GetUserDefaultUILanguage
CreateToolhelp32Snapshot
Thread32First
Thread32Next
FlushInstructionCache
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetFileSize
GetACP
OutputDebugStringA
GetModuleHandleExW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
EncodePointer
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
SuspendThread
lstrcmpA
GetFullPathNameW
GetVolumeInformationW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LocalReAlloc
GlobalFlags
GetSystemDefaultUILanguage
SetErrorMode
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
GetStartupInfoW
GetFileType
ExitProcess
GetStdHandle
HeapQueryInformation
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
GlobalLock
GlobalSize
GlobalReAlloc
GlobalAlloc
MoveFileExW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProfileStringW
GetWindowsDirectoryW
WaitNamedPipeW
SetNamedPipeHandleState
DisconnectNamedPipe
CreateFileW
GetComputerNameW
ExpandEnvironmentStringsW
CopyFileW
GetTempFileNameW
DeleteFileW
IsDBCSLeadByteEx
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThread
GetCurrentProcess
FindFirstFileW
ResumeThread
SetThreadPriority
TryEnterCriticalSection
InitializeCriticalSection
LoadLibraryW
FreeLibrary
GetFileAttributesW
GlobalGetAtomNameW
FormatMessageW
GetCurrentThreadId
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
CreateNamedPipeW
ConnectNamedPipe
PeekNamedPipe
ReadFile
SetLastError
SetFileAttributesW
LocalFree
LocalAlloc
TransactNamedPipe
GetTickCount
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
GetSystemDirectoryW
RemoveDirectoryW
DeleteCriticalSection
GetProcAddress
GetModuleHandleW
GetCurrentProcessId
MulDiv
GlobalFree
GlobalUnlock
WriteFile
FlushFileBuffers
WaitForMultipleObjects
SetEvent
GetNamedPipeHandleStateW
CreateEventW
CreateMutexW
SleepEx
WaitForSingleObject
ReleaseMutex
ResetEvent
GetLastError
CloseHandle
SetCurrentDirectoryW
GetCommandLineW
FindResourceW
SizeofResource
LockResource
LoadResource
LCMapStringW
GetDriveTypeW
GetTimeZoneInformation
GetStringTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
SetFilePointerEx
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
EnumResourceNamesW

user32

GetMenuItemID
GetSubMenu
SetRectEmpty
SendDlgItemMessageA
GetWindowThreadProcessId
GetWindowLongPtrW
GetMonitorInfoW
MonitorFromWindow
TabbedTextOutW
GrayStringW
DrawTextExW
CharUpperBuffA
EnumChildWindows
SetWindowLongPtrW
RemovePropW
GetPropW
SetPropW
CallWindowProcW
IsZoomed
CallNextHookEx
UnhookWindowsHookEx
SetForegroundWindow
GetForegroundWindow
GetSysColorBrush
CopyImage
GetClassLongPtrW
RedrawWindow
GetWindowTextW
DrawTextW
CharLowerBuffA
GetDesktopWindow
IsWindowEnabled
IntersectRect
FillRect
MapDialogRect
GetWindowTextLengthW
SetWindowTextW
CharUpperW
SystemParametersInfoW
MsgWaitForMultipleObjects
CheckMenuItem
UnpackDDElParam
DispatchMessageW
TranslateMessage
CharUpperBuffW
RegisterClipboardFormatW
RegisterWindowMessageW
EnumWindows
GetFocus
IsRectEmpty
GetSystemMetrics
IsWindow
SendMessageW
EnableMenuItem
ReuseDDElParam
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessagePos
GetMessageTime
GetClassInfoExW
EqualRect
SetProcessDefaultLayout
LoadStringW
PostThreadMessageW
GetMenuItemInfoW
RealChildWindowFromPoint
GetWindowDC
SetWindowsHookExW
GetWindowLongW
SetWindowLongW
LoadImageW
GetDlgItem
SetFocus
EnableWindow
DestroyIcon
PeekMessageW
PostQuitMessage
SetTimer
KillTimer
PostMessageW
CharLowerW
DefWindowProcW
LoadCursorW
LoadIconW
UnregisterClassW
SendMessageTimeoutW
FindWindowW
InflateRect
GetDC
ReleaseDC
GetMenuItemCount
OffsetRect
RegisterClassW
GetClassInfoW
CreateWindowExW
DestroyWindow
SetWindowPos
DeferWindowPos
GetDlgCtrlID
InvalidateRect
GetClientRect
GetWindowRect
AdjustWindowRectEx
GetCursorPos
ClientToScreen
ScreenToClient
PtInRect
GetParent
GetClassNameW
GetLastActivePopup
GetWindow
UpdateWindow
CopyRect
InsertMenuItemW
DestroyMenu
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
BringWindowToTop
ShowOwnedPopups
GetMessageW
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
WinHelpW
GetTopWindow
GetSysColor
MapWindowPoints
GetScrollPos
ValidateRect
EndPaint
BeginPaint
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
IsChild
GetKeyState
ShowWindow
SetRect
MessageBoxW
SetCursor
EnumThreadWindows
CharLowerBuffW
IsMenu
IsDialogMessageW

msimg32

AlphaBlend

winspool.drv

SetPrinterW
DocumentPropertiesW
GetPrinterDriverW
EnumPrinterDriversW
EnumPrintersW
GetPrinterDriverDirectoryW
DeviceCapabilitiesW
GetJobW
OpenPrinterW
GetPrinterW
ClosePrinter

advapi32

CreateProcessAsUserW
GetSecurityDescriptorSacl
RegQueryValueW
RegEnumKeyW
RegUnLoadKeyW
RegLoadKeyW
SetSecurityDescriptorOwner
RegOpenKeyW
RegNotifyChangeKeyValue
RegDeleteKeyW
RegOpenKeyExW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
GetServiceDisplayNameW
CloseServiceHandle
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
GetUserNameW
ConvertSidToStringSidW
LookupPrivilegeValueW
LookupAccountNameW
LookupAccountSidW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
EqualSid
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerW
RevertToSelf
ImpersonateNamedPipeClient
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHParseDisplayName
SHBindToParent
SHGetFolderPathW
SHChangeNotify
DragFinish
DragQueryFileW
ord21
ord155
ord25
ord18
SHGetDesktopFolder
SHGetSpecialFolderLocation
ord23
ord24
ShellExecuteW

comctl32

ord17
InitCommonControlsEx

shlwapi

AssocQueryStringW
AssocQueryStringByKeyW
PathFindExtensionW
PathCreateFromUrlW
PathIsUNCW
PathStripToRootW
PathFindFileNameW

uxtheme

IsThemeDialogTextureEnabled
EnableThemeDialogTexture

ole32

CoGetMalloc
CoTaskMemFree
CoUninitialize
CoCreateGuid
CoInitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoCreateInstance

oleaut32

SysAllocString
VariantChangeType
VariantClear
VariantInit
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipSetPenLineJoin
GdipSetPenCustomStartCap
GdipSetPenCustomEndCap
GdipSetPenMiterLimit
GdipDeleteCustomLineCap
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin
GdipCreateAdjustableArrowCap
GdipSetAdjustableArrowCapMiddleInset
GdipCreateFromHDC
GdipDeleteBrush
GdipSetClipHrgn
GdipGetDC
GdipReleaseDC
GdipSetWorldTransform
GdipDeleteMatrix
GdipCreateMatrix
GdipAddPathBeziersI
GdipAddPathLine2I
GdipClosePathFigure
GdipStartPathFigure
GdipCreateRegion
GdipCreatePath
GdipGetWorldTransform
GdipAlloc
GdipDeleteGraphics
GdipDeletePen
GdipDeleteRegion
GdipDeletePath
GdipFree
GdipSetPenEndCap
GdipSetPenStartCap
GdipCreatePen1
GdipCreateSolidFill
GdipCloneBrush
GdipSetMatrixElements
GdipFillPath
GdipDrawPath
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipSetPenDashStyle
GdipSetPenMode
GdipGetPathWorldBoundsI
GdipGetClip
GdipSetClipRegion
GdipSetPageUnit

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 686KB - Virtual size: 685KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

164f6b55059b1411c1153e8de0340e02

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

mpr

rpcrt4

version

wtsapi32

kernel32

user32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

Sections

.text Size: 686KB - Virtual size: 685KB

.rdata Size: 211KB - Virtual size: 211KB

.data Size: 10KB - Virtual size: 39KB

.pdata Size: 42KB - Virtual size: 41KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 363KB - Virtual size: 363KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 686KB - Virtual size: 685KB

.rdata
Size: 211KB - Virtual size: 211KB

.data
Size: 10KB - Virtual size: 39KB

.pdata
Size: 42KB - Virtual size: 41KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 363KB - Virtual size: 363KB

.reloc
Size: 8KB - Virtual size: 8KB