a919ee16d32fcf98f73dc82a7555edac234b479f91268d4ead559299f1fa6ebf

Sharing

Copy URL Twitter E-mail

General

Target

a919ee16d32fcf98f73dc82a7555edac234b479f91268d4ead559299f1fa6ebf
Size

3.2MB
MD5

ae2278e7cb258d94ff510c98fc126c2c
SHA1

be71adc00bf9215854579c908d6be3e7c5c33d64
SHA256

a919ee16d32fcf98f73dc82a7555edac234b479f91268d4ead559299f1fa6ebf
SHA512

cd5441131a1072f1c802b20a7ffd4504aef84c1052e97aa8eaf160442ea6ea798433df61beed344790350050a8de71192a8236a17e59af8863559cc3e1d83b61
SSDEEP

49152:iZu/94V8pVlNQtzU3mLVWR50QXmJ/3k9LXogJfRfgrd/3:imXVlNqnchzgB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a919ee16d32fcf98f73dc82a7555edac234b479f91268d4ead559299f1fa6ebf

Files

a919ee16d32fcf98f73dc82a7555edac234b479f91268d4ead559299f1fa6ebf
.exe windows x64

910b11ba3856aa18b761f91d9d9b12dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegLoadKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
RegUnLoadKeyW

comctl32

InitCommonControlsEx
SetWindowSubclass

gdi32

BeginPath
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBitmap
CreateFontIndirectW
CreateSolidBrush
DeleteDC
DeleteObject
EndPath
GetDeviceCaps
GetObjectA
GetStockObject
PathToRegion
Rectangle
RoundRect
SelectObject
SetBkColor
SetBkMode
SetStretchBltMode
SetTextColor
StretchBlt
TextOutW

gdiplus

GdipBitmapGetPixel
GdipBitmapSetPixel
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateLineBrush
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipDeleteCustomLineCap
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeletePen
GdipDisposeImage
GdipDrawArc
GdipDrawEllipse
GdipDrawImageRect
GdipDrawImageRectRect
GdipDrawLine
GdipDrawPolygonI
GdipDrawRectangle
GdipFillEllipse
GdipFillPie
GdipFillPolygonI
GdipFillRectangle
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageHeight
GdipGetImageWidth
GdipGetMatrixElements
GdipGetPathGradientPointCount
GdipGetPenFillType
GdipSaveImageToFile
GdipSetImageAttributesRemapTable
GdipSetSmoothingMode
GdiplusShutdown
GdiplusStartup

kernel32

CloseHandle
CompareStringW
CopyFileA
CopyFileExA
CopyFileExW
CreateDirectoryW
CreateFileA
CreateFileW
DefineDosDeviceA
DeleteCriticalSection
DeleteFileW
DeviceIoControl
EnterCriticalSection
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceW
FreeLibrary
FreeResource
GetConsoleCP
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceExW
GetDriveTypeA
GetDriveTypeW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetFirmwareEnvironmentVariableW
GetLargestConsoleWindowSize
GetLastError
GetLocaleInfoA
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNativeSystemInfo
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessId
GetStartupInfoA
GetStdHandle
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LockResource
MoveFileW
MulDiv
MultiByteToWideChar
PeekConsoleInputA
QueryPerformanceCounter
ReadConsoleInputA
ReadFile
RemoveDirectoryW
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleWindowInfo
SetFileAttributesW
SetFilePointer
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleInputA
WriteFile
WritePrivateProfileStringW
__C_specific_handler

msvcrt

__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_controlfp
_errno
_findclose
_findfirst64
_findnext64
_fmode
_fpreset
_i64toa
_i64tow
_initterm
_itoa
_itow
_localtime64
_lock
_mkdir
_onexit
_snprintf
_snwprintf
_strdup
_strnicmp
_time64
_ui64toa
_ui64tow
_ultoa
_ultow
_unlock
abort
atexit
atoi
calloc
ceil
exit
floor
floorf
fprintf
fputs
free
fwrite
islower
isupper
iswctype
localeconv
log10
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
modf
pow
qsort
realloc
remove
setlocale
signal
sprintf
strchr
strcmp
strcpy
strlen
strncmp
strncpy
strtoul
tolower
toupper
towupper
vfprintf
wcscmp
wcscspn
wcslen
wcsncmp
wcsstr
wcstod
wcstombs

ole32

CreateStreamOnHGlobal

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen

shell32

SHFileOperationA
SHFileOperationW
SHGetPathFromIDListW
ShellExecuteExA
ShellExecuteExW

shlwapi

PathRemoveBackslashW

user32

AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
CallWindowProcW
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawIconEx
DrawTextW
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndPaint
EnumThreadWindows
EnumWindows
FillRect
FindWindowA
FindWindowW
FlashWindowEx
GetActiveWindow
GetClassLongPtrA
GetClassLongPtrW
GetClassNameA
GetClassNameW
GetClientRect
GetDC
GetDlgCtrlID
GetDlgItem
GetIconInfo
GetMenu
GetMessageA
GetMessageW
GetParent
GetPropW
GetScrollInfo
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongPtrA
GetWindowLongPtrW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InvalidateRect
IsDialogMessageA
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorA
LoadCursorW
LoadImageA
LoadImageW
MapVirtualKeyA
MapWindowPoints
MessageBoxW
MoveWindow
OpenIcon
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassExW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
SendMessageA
SendMessageW
SetClassLongPtrA
SetClassLongPtrW
SetCursor
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetParent
SetPropW
SetRect
SetScrollInfo
SetTimer
SetWindowLongPtrW
SetWindowPlacement
SetWindowPos
SetWindowRgn
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnregisterClassW
UpdateWindow
VkKeyScanA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

910b11ba3856aa18b761f91d9d9b12dc

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

gdiplus

kernel32

msvcrt

ole32

oleaut32

shell32

shlwapi

user32

version

Sections

.text Size: 433KB - Virtual size: 433KB

.data Size: 63KB - Virtual size: 63KB

.rdata Size: 34KB - Virtual size: 34KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1024B - Virtual size: 1008B

.bss Size: - Virtual size: 51KB

.idata Size: 15KB - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 104B

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 433KB - Virtual size: 433KB

.data
Size: 63KB - Virtual size: 63KB

.rdata
Size: 34KB - Virtual size: 34KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1024B - Virtual size: 1008B

.bss
Size: - Virtual size: 51KB

.idata
Size: 15KB - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 104B

.rsrc
Size: 2.6MB - Virtual size: 2.6MB