a6e982bd6dcbe8f8f3cf72b0817cce31f30199f3f5ab360d6fb50debd839cff9

Sharing

Copy URL

Twitter E-mail

General

Target

a6e982bd6dcbe8f8f3cf72b0817cce31f30199f3f5ab360d6fb50debd839cff9
Size

5.5MB
MD5

e0ff732afdd2d894636cb0667049a48a
SHA1

2a6ff954d8a66a1da8589927dc8e5ed311a848be
SHA256

a6e982bd6dcbe8f8f3cf72b0817cce31f30199f3f5ab360d6fb50debd839cff9
SHA512

0d140998e47e0d3614fe57a63d2022598cb4caf9116bc654ff4e2b069446d9818e87d695baed6dbace45b33213b35a818b86931e6fc8ded7c1c30c00d9f2332f
SSDEEP

98304:pujfdm9OxGVrekYFLOAkGkzdnEVomFHKnPc:yfdmgxGuFLOyomFHKnPc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6e982bd6dcbe8f8f3cf72b0817cce31f30199f3f5ab360d6fb50debd839cff9

Files

a6e982bd6dcbe8f8f3cf72b0817cce31f30199f3f5ab360d6fb50debd839cff9
.exe windows x86

fadaac422a21fe6df0951acb612eb39e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetModuleHandleExW
HeapValidate
GetSystemInfo
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
VirtualAlloc
QueryPerformanceFrequency
HeapQueryInformation
GetStdHandle
GetFileType
WriteConsoleW
SetStdHandle
ExitProcess
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
VirtualQuery
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
OutputDebugStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
FindResourceExW
GetWindowsDirectoryA
GetTempFileNameA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SearchPathA
GetTickCount
Sleep
ResetEvent
FileTimeToSystemTime
GetCPInfo
GetOEMCP
GetTempPathA
VirtualProtect
GetProfileIntA
GetACP
GetThreadLocale
lstrcmpiA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
GetVolumeInformationA
UnlockFile
TerminateProcess
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetFileSize
GetFileAttributesA
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CopyFileA
FormatMessageA
LocalFree
GlobalSize
MulDiv
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
ResumeThread
SetThreadPriority
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
SetErrorMode
FindResourceA
GlobalFree
GlobalUnlock
FreeResource
GlobalAddAtomA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExA
GetCurrentThread
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
GetCurrentThreadId
WaitForSingleObject
SetEvent
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
HeapFree
SizeofResource
GetModuleFileNameA
GetComputerNameA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
CloseHandle
HeapReAlloc
CreateFileA
GetLastError
MultiByteToWideChar
HeapSize
OpenProcess
GetVolumeNameForVolumeMountPointA
InitializeCriticalSectionEx
LeaveCriticalSection
WriteFile
EnterCriticalSection
SetLastError
SetFilePointer
CreateFileW

user32

GetClassLongA
SetWindowLongA
EqualRect
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ScrollWindow
TrackPopupMenu
SetMenu
GetMenu
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
NotifyWinEvent
LoadIconW
LoadIconA
GetTopWindow
SetParent
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
HideCaret
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
LockWindowUpdate
RedrawWindow
InvalidateRgn
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetCapture
OpenClipboard
GetNextDlgTabItem
SetScrollInfo
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageA
GetWindowTextLengthA
GetWindowTextA
LoadImageA
SetScrollPos
SetFocus
GetClassNameA
EnumDisplayMonitors
GetMonitorInfoA
SystemParametersInfoA
LoadCursorW
LoadCursorA
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoA
DefWindowProcA
GetMenuCheckMarkDimensions
GetFocus
LoadBitmapW
InvertRect
FrameRect
DrawFocusRect
DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
SetMenuItemBitmaps
DeleteMenu
LoadImageW
CopyImage
MonitorFromPoint
TrackMouseEvent
FindWindowA
UnregisterClassA
GetWindowThreadProcessId
PostQuitMessage
PeekMessageA
RemoveMenu
ModifyMenuA
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
GetMenuState
GetMenuStringA
LoadMenuW
LoadMenuA
IsMenu
DrawFrameControl
DrawEdge
GetWindow
GetScrollInfo
WinHelpA
MonitorFromWindow
ShowWindow
MoveWindow
CheckDlgButton
SendDlgItemMessageA
SetWindowTextA
SetWindowContextHelpId
SetWindowPos
IsDialogMessageA
GetClipboardFormatNameA
UnpackDDElParam
IntersectRect
CloseClipboard
SetClipboardData
EmptyClipboard
GetNextDlgGroupItem
GetSystemMetrics
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
RegisterWindowMessageA
GetSysColor
GetSysColorBrush
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
SetCursor
SendMessageA
EnableWindow
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetActiveWindow
SetActiveWindow
GetDesktopWindow
PtInRect
UnhookWindowsHookEx
PostMessageA
TabbedTextOutA
MapDialogRect
CharUpperA
GetAsyncKeyState
ReleaseCapture
MessageBeep
DestroyIcon
SetCursorPos
SetRect
UnionRect
DestroyMenu
GetDoubleClickTime
GetIconInfo
CopyIcon
DestroyAcceleratorTable
SetClassLongA
RealChildWindowFromPoint
LoadAcceleratorsW
WaitMessage
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
UpdateLayeredWindow
CharNextA
CopyAcceleratorTableA
GetKeyNameTextA
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
SubtractRect
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
GetScrollPos
DestroyCursor

gdi32

CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetDeviceCaps
GetMapMode
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
GetObjectA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
CreateDIBitmap
DeleteObject
EnumFontFamiliesA
GetTextCharsetInfo
SetBkColor
SetTextColor
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
CreateEllipticRgn
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
BitBlt
ExtTextOutA
CreateHatchBrush
GetTextMetricsA
CopyMetaFileA
EnumFontFamiliesExA
GetSystemPaletteEntries
SetDIBColorTable
CreateDIBSection
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

ConvertSidToStringSidA
OpenProcessToken
RegSetValueExA
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegEnumKeyExA
GetTokenInformation

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileA
ShellExecuteA
SHGetFileInfoA
DragFinish
SHGetMalloc

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathIsUNCA
PathFindFileNameA

uxtheme

GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsAppThemed

ole32

OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
CoRegisterMessageFilter
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoLockObjectExternal
OleFlushClipboard
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
StringFromGUID2
CoGetClassObject
CoInitializeEx
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoRevokeClassObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysAllocString
VariantCopy
VarBstrFromDate
LoadTypeLi
SysAllocStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysFreeString
SysAllocStringLen

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 451KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fadaac422a21fe6df0951acb612eb39e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 451KB - Virtual size: 450KB

.data Size: 23KB - Virtual size: 50KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 193KB - Virtual size: 192KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 451KB - Virtual size: 450KB

.data
Size: 23KB - Virtual size: 50KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 193KB - Virtual size: 192KB