db79eeaa7618cc7b28e8577a40629f78a27ee55bdebc9294a15a5946cf37e161

Sharing

Copy URL Twitter E-mail

General

Target

db79eeaa7618cc7b28e8577a40629f78a27ee55bdebc9294a15a5946cf37e161
Size

6.2MB
MD5

7af1a4b34ecc203f3afec87a478497f0
SHA1

274cd711c2b65732ebe6f465f793425762594d2a
SHA256

db79eeaa7618cc7b28e8577a40629f78a27ee55bdebc9294a15a5946cf37e161
SHA512

191c7b40a54a0dde05744df3a082939a9cee0ee11b6bc25a486cd47741c2f459b32466ca8fb4c9c67f6ca940e6ead26a2f34e083907c79316220d919e1d0514e
SSDEEP

98304:wFQ6TfbL3z44Pp8gtvcbNr/WpNeFgqMw0wB9RoAiEL4YeB/b/EEhh4+Qa4+QbGGX:wjL3TlcwpGMw0wpNMr/QGQTnhXCI1sM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db79eeaa7618cc7b28e8577a40629f78a27ee55bdebc9294a15a5946cf37e161

Files

db79eeaa7618cc7b28e8577a40629f78a27ee55bdebc9294a15a5946cf37e161
.exe windows x86

bb33dea3d7020830440290172e6d0fa4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
SetFileTime
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
WinExec
FreeLibrary
GetWindowsDirectoryA
DeleteFileA
FindClose
FindFirstFileA
GetSystemInfo
UnmapViewOfFile
Sleep
WriteFile
CreateFileA
WritePrivateProfileStringA
lstrcatA
lstrcpyA
GetModuleFileNameA
CloseHandle
lstrcmpiA
FreeResource
FindResourceA
FindResourceW
LoadResource
LockResource
SizeofResource
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
DeactivateActCtx
SetLastError
GetCPInfo
WideCharToMultiByte
lstrlenW
GetDriveTypeW
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
SetEnvironmentVariableA
CreateFileW
GetProcessHeap
WriteConsoleW
GetTimeZoneInformation
CompareStringW
GetStringTypeW
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsProcessorFeaturePresent
GetConsoleMode
GetConsoleCP
LCMapStringW
IsValidCodePage
MultiByteToWideChar
lstrlenA
GetVersionExA
GetVersion
MulDiv
GlobalUnlock
GlobalLock
GetCurrentProcessId
LocalFree
FormatMessageA
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
SetThreadPriority
ResumeThread
GetCurrentThreadId
WaitForSingleObject
lstrcmpW
LoadLibraryW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
GetPrivateProfileStringA
GlobalFlags
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
FileTimeToSystemTime
GetOEMCP
GetACP
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetNumberFormatA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
InitializeCriticalSectionAndSpinCount
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
HeapAlloc
HeapFree
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
HeapCreate

user32

SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SetFocus
GetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
ShowOwnedPopups
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
IsIconic
LoadAcceleratorsA
ReleaseCapture
LoadMenuA
DeferWindowPos
UnpackDDElParam
RealChildWindowFromPoint
UnregisterClassA
IsRectEmpty
GetSystemMenu
SetParent
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
CharUpperA
UnionRect
RedrawWindow
GetMenuDefaultItem
SetCapture
GetAsyncKeyState
InvertRect
HideCaret
EnableScrollBar
NotifyWinEvent
CopyImage
GetNextDlgGroupItem
LockWindowUpdate
IsZoomed
DestroyAcceleratorTable
SetClassLongA
ShowScrollBar
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
MonitorFromPoint
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
SetMenuDefaultItem
IsClipboardFormatAvailable
GetUpdateRect
RegisterClipboardFormatA
CharUpperBuffA
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
GetWindowRgn
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
UnhookWindowsHookEx
DestroyMenu
MapVirtualKeyA
GetKeyNameTextA
GetMenuStringA
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EndPaint
GetMenuItemInfoA
DrawTextA
SystemParametersInfoA
DrawIconEx
DestroyIcon
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
AppendMenuA
GetMenuItemCount
InsertMenuA
ModifyMenuA
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
BeginPaint
SetRectEmpty
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
LoadMenuW
EqualRect
SetRect
DrawEdge
FillRect
GetSysColor
CopyRect
ReuseDDElParam
wsprintfA
CopyIcon
LoadCursorA
IsWindow
PtInRect
ScreenToClient
GetMessagePos
SetTimer
MessageBeep
SetWindowLongA
KillTimer
EnableMenuItem
LoadIconW
FrameRect
CreateIconIndirect
GetIconInfo
DrawStateA
OffsetRect
DrawFocusRect
InflateRect
GetActiveWindow
WindowFromPoint
ClientToScreen
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetWindowRect
LoadImageA
GetWindowDC
GetClientRect
InvalidateRect
PostMessageA
SetWindowRgn
GrayStringA
DrawTextExA
TabbedTextOutA
RemoveMenu
DeleteMenu
GetSubMenu
EnableWindow
IntersectRect

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
GetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
OffsetViewportOrgEx
SetViewportOrgEx
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
GetRgnBox
OffsetRgn
SetDIBColorTable
Polygon
Polyline
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
CreateRoundRectRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
CreateSolidBrush
CreatePen
GetBkMode
CreateFontIndirectA
GetTextExtentPoint32W
GetTextExtentPoint32A
Ellipse
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetObjectA
CreateDCA
SetPixel
PatBlt
CreateHatchBrush
Rectangle
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetBkColor
StretchBlt
CreateRectRgn
CombineRgn
GetDIBits
GetStockObject
CreateBitmap
SetBkColor
SetTextColor
RoundRect
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetTextMetricsA
DPtoLP
SaveDC
StretchDIBits
CreateFontA
GetCharWidthA
EnumFontFamiliesExA
GetWindowExtEx
CopyMetaFileA
GetPixel
SetRectRgn
CreateRectRgnIndirect

advapi32

RegSetValueExA
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
CryptImportKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegEnumKeyExA

shell32

SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
DragQueryFileA
ShellExecuteA
DragFinish
ShellExecuteExA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathStripPathA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

winmm

PlaySoundA

wldap32

ord41
ord27
ord301
ord33
ord46
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord79

ws2_32

WSAIoctl
getsockname
WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
ntohs
bind
htons
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
setsockopt
ntohl

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdiplusStartup
GdipGetImageGraphicsContext

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysStringLen

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb33dea3d7020830440290172e6d0fa4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msimg32

comctl32

shlwapi

winmm

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winspool.drv

comdlg32

ole32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 322KB - Virtual size: 322KB

.data Size: 23KB - Virtual size: 53KB

.rsrc Size: 4.5MB - Virtual size: 4.5MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 322KB - Virtual size: 322KB

.data
Size: 23KB - Virtual size: 53KB

.rsrc
Size: 4.5MB - Virtual size: 4.5MB