47f868b2180e68cbd604bfd8e636041fd16c6f5555c0eb5267268fb5ebabc4e7

Sharing

Copy URL Twitter E-mail

General

Target

47f868b2180e68cbd604bfd8e636041fd16c6f5555c0eb5267268fb5ebabc4e7
Size

2.9MB
MD5

bb4c65533d138b9f1d80ef5f78017239
SHA1

90958a5a6c643e6fe7bf9af1e5ae5218ce667a25
SHA256

47f868b2180e68cbd604bfd8e636041fd16c6f5555c0eb5267268fb5ebabc4e7
SHA512

4fff55cd18fcd10bf29ff5319da0e2f67fe9a7eb163c91dfeadb75f9e4fe46a9f9afc6930246788a51aebc3dd7bd6f676be4252e93b68f7a0c1654fdf464346e
SSDEEP

49152:2euhFHZsDR+9VtcYziKSA5eToEyOmpXY/9btLN8T5T:2HF50HA5eX/9h+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47f868b2180e68cbd604bfd8e636041fd16c6f5555c0eb5267268fb5ebabc4e7

Files

47f868b2180e68cbd604bfd8e636041fd16c6f5555c0eb5267268fb5ebabc4e7
.exe windows x86

f5b55a911cb4783d8b8652a8ece68f14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
CompareStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
CreateFileW
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
QueryPerformanceCounter
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
ExitThread
CreateThread
ExitProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
RtlUnwind
IsBadReadPtr
HeapValidate
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
EncodePointer
InitializeCriticalSectionAndSpinCount
FindResourceExW
SearchPathA
GetNumberFormatA
GetWindowsDirectoryA
GetTickCount
GetTempPathA
GetFileAttributesExA
GetFileSizeEx
GetTempFileNameA
GetFileTime
GetFileAttributesA
GetOEMCP
GetCPInfo
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
HeapCreate
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GetProfileIntA
VirtualProtect
GetACP
lstrcpyA
DeleteFileA
GlobalFlags
GetCurrentDirectoryA
GetThreadLocale
FileTimeToSystemTime
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
ReleaseActCtx
CreateActCtxW
GetModuleFileNameW
GetAtomNameA
SetErrorMode
InterlockedIncrement
InterlockedDecrement
LoadLibraryW
GetVersionExA
lstrcmpW
GlobalGetAtomNameA
GlobalFindAtomA
ResumeThread
SetThreadPriority
GetCurrentProcessId
GlobalAddAtomA
SetEvent
WaitForSingleObject
GetModuleHandleA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindResourceA
FreeResource
CompareStringA
ActivateActCtx
DeactivateActCtx
InterlockedExchange
GetModuleHandleW
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoA
LoadLibraryA
GetProcAddress
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLastError
SetLastError
MultiByteToWideChar
MulDiv
GlobalFree
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
SetCommMask
ReadFile
WriteFile
PurgeComm
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
SetupComm
RaiseException
CreateFileA

user32

SetClipboardData
CloseClipboard
EmptyClipboard
PtInRect
OffsetRect
CopyIcon
IsRectEmpty
CharUpperBuffA
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
IsClipboardFormatAvailable
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
DestroyCursor
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
UpdateLayeredWindow
MonitorFromPoint
CharUpperA
GetAsyncKeyState
MapVirtualKeyA
GetKeyNameTextA
MessageBeep
CopyAcceleratorTableA
CharNextA
DestroyMenu
LoadAcceleratorsW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
RealChildWindowFromPoint
WaitMessage
ReleaseCapture
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
MonitorFromWindow
GetMonitorInfoA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
GetSysColor
GetWindowTextLengthA
GetWindowTextA
SetFocus
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
NotifyWinEvent
GetForegroundWindow
SetForegroundWindow
HideCaret
OpenClipboard
WindowFromPoint
SetParent
IsChild
GetTopWindow
LoadImageW
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
GetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
InvalidateRgn
InvalidateRect
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
GetClassNameA
MessageBoxA
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
GetKeyState
PeekMessageA
ValidateRect
GetMessageA
TranslateMessage
DispatchMessageA
GetMenuCheckMarkDimensions
GetFocus
PostMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
LoadMenuW
LoadMenuA
SetMenuItemBitmaps
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
LoadBitmapW
GetSysColorBrush
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
RegisterWindowMessageA
GetSystemMetrics
CopyImage
GetIconInfo
RegisterClipboardFormatA
SendMessageA
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
GetParent
PostQuitMessage
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
SetClassLongA
SetCursorPos
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
DrawIconEx
UnregisterClassA
LoadImageA
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
DestroyIcon
UnpackDDElParam
GetClipboardFormatNameA
SetRectEmpty
GetClassLongA

advapi32

OpenThreadToken
SetThreadToken
RegEnumKeyExA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RevertToSelf
RegCloseKey
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
PathStripToRootA

oledlg

ord8

gdiplus

GdiplusShutdown
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDisposeImage
GdipFree
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateFromHDC

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

GetObjectType
GetStockObject
GetObjectA
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
CreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateFontIndirectA
CreateBitmap
CreateCompatibleBitmap
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
SetRectRgn
CombineRgn
OffsetRgn
GetRgnBox
PtInRegion
CreateCompatibleDC
DPtoLP
LPtoDP
FillRgn
FrameRgn
PtVisible
RectVisible
Polyline
Ellipse
Polygon
Rectangle
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
ExtFloodFill
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
GetViewportOrgEx
GetBoundsRect
CreateDCA
SetPixelV
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetLayout
SetLayout
ExtSelectClipRgn
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBitmap
CreateDIBSection
GetSystemPaletteEntries
SetDIBColorTable
SelectObject
EnumFontFamiliesExA
GetDeviceCaps
GetMapMode
GetTextColor
GetBkColor
RealizePalette
Escape
CopyMetaFileA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA
DragQueryFileA
DragFinish
SHGetMalloc
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetDesktopFolder

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoTaskMemAlloc
DoDragDrop
CoRegisterMessageFilter
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
StringFromCLSID
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoUninitialize
CoInitialize
CoCreateInstance
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree

oleaut32

VariantChangeType
VariantInit
SysStringLen
VariantCopy
VariantClear
SysAllocStringLen
SafeArrayDestroy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantTimeToSystemTime
SysFreeString
SystemTimeToVariantTime
SysAllocStringByteLen

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5b55a911cb4783d8b8652a8ece68f14

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msimg32

comctl32

shlwapi

oledlg

gdiplus

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

shell32

ole32

oleaut32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 376KB - Virtual size: 376KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 224KB - Virtual size: 223KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 376KB - Virtual size: 376KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 224KB - Virtual size: 223KB