dd23df991430dac06c96ce1951fb198f7c663ae3b9cda1e19d90c5ccd10cfa76

Sharing

Copy URL

Twitter E-mail

General

Target

dd23df991430dac06c96ce1951fb198f7c663ae3b9cda1e19d90c5ccd10cfa76
Size

6.4MB
MD5

bcf862cc41fe0b8db8e16fcb74387207
SHA1

fedd76581864e47e59f70a6e11041884cb3268f7
SHA256

dd23df991430dac06c96ce1951fb198f7c663ae3b9cda1e19d90c5ccd10cfa76
SHA512

dadb2362b60a39bfaa79010fc76375322a381c5084916043980e0ba67e36c1347db60b89755ceeb3f8ab358393a49bd9c946f8c27420e6148cc1af05cb6dd100
SSDEEP

196608:GDD/exLR6qISqXfVrZfahudDQ0ZQDQtDQ:O/sLFISqXfVrZouWwm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd23df991430dac06c96ce1951fb198f7c663ae3b9cda1e19d90c5ccd10cfa76

Files

dd23df991430dac06c96ce1951fb198f7c663ae3b9cda1e19d90c5ccd10cfa76
.exe windows x86

5be6072227e871b30318ebe04fb5bede

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

acsas32

ord8
ord5
ord7
ord6
ord4
ord9

netapi32

Netbios

ws2_32

socket
recv
WSAGetLastError
closesocket
select
connect
WSAStartup
WSACleanup
htons
gethostbyname
inet_addr
ioctlsocket
setsockopt
send
accept
listen
bind
htonl
getsockopt

kernel32

SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
CompareStringA
CompareStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
LCMapStringW
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
SetEnvironmentVariableA
GetProfileStringA
GetTickCount
Sleep
GetLastError
GlobalFree
GlobalAlloc
GetComputerNameA
CloseHandle
ReadFile
WriteFile
SetNamedPipeHandleState
CreateFileA
CreateEventA
DisconnectNamedPipe
GetOverlappedResult
WaitForMultipleObjects
ConnectNamedPipe
CreateNamedPipeA
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
HeapReAlloc
HeapSize
ExitThread
CreateThread
SetStdHandle
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeA
RaiseException
GetSystemTimeAsFileTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
FindResourceExA
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GetCurrentThread
GetProfileIntA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
IsBadReadPtr
IsBadWritePtr
GetDiskFreeSpaceA
GetTempFileNameA
VirtualProtect
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetFileTime
FileTimeToLocalFileTime
MulDiv
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetLocaleInfoA
GetDateFormatA
InterlockedExchangeAdd
InterlockedDecrement
ExpandEnvironmentStringsA
InterlockedExchange
GetTempPathA
GetPrivateProfileIntA
CreateDirectoryA
GlobalReAlloc
GetFileSize
GetSystemDefaultLangID
LCMapStringA
MoveFileA
CopyFileA
FindNextFileA
ReleaseMutex
GlobalMemoryStatus
CreateMutexA
GetExitCodeThread
GetACP
FindFirstFileA
FindClose
FindResourceA
LoadResource
SizeofResource
LockResource
FormatMessageA
LocalFree
CreatePipe
CreateProcessA
WaitForSingleObject
TerminateProcess
GetCurrentDirectoryA
LoadLibraryA
FreeLibrary
SetCurrentDirectoryA
lstrcpynA
Beep
GetVersion
DeleteFileA
InterlockedIncrement
SystemTimeToFileTime
FileTimeToSystemTime
GetLocalTime
GetModuleHandleA
GetProcAddress
SetThreadLocale
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalSize
GlobalLock
GlobalUnlock
lstrlenA
GetFileAttributesA
GetCurrentThreadId
GetVersionExA
lstrcpyA
lstrcmpiA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
lstrlenW
IsBadCodePtr

user32

PostThreadMessageA
WaitMessage
GetWindowThreadProcessId
GetSystemMenu
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
IsZoomed
UnionRect
GetDCEx
WindowFromDC
PostQuitMessage
SetWindowContextHelpId
CharNextA
GetDialogBaseUnits
LockWindowUpdate
InvertRect
GetTabbedTextExtentA
MessageBeep
MapDialogRect
GetAsyncKeyState
EndPaint
BeginPaint
wvsprintfA
EndDialog
CreateDialogIndirectParamA
CharUpperA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
SetDlgItemTextA
GetDlgItemInt
SendDlgItemMessageA
MapWindowPoints
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetForegroundWindow
IsIconic
GetWindowPlacement
GetNextDlgGroupItem
IsCharAlphaA
DrawMenuBar
GetLastActivePopup
DefWindowProcA
DeleteMenu
CreateMenu
RegisterClipboardFormatA
GetCaretPos
SetCaretPos
IsChild
GrayStringA
TabbedTextOutA
EnableMenuItem
DdeConnect
DdeClientTransaction
BroadcastSystemMessage
RegisterWindowMessageA
UnregisterClassA
CallWindowProcA
GetClassInfoA
RegisterClassA
DrawTextW
GetKeyState
FindWindowA
BeginDeferWindowPos
EndDeferWindowPos
SetParent
DrawTextA
GetWindowDC
SetActiveWindow
SetMenu
SetWindowLongA
GetDesktopWindow
AdjustWindowRectEx
ScreenToClient
DrawIconEx
LoadIconA
GetMenu
RemoveMenu
ModifyMenuA
GetMenuItemCount
GetMenuItemID
SetForegroundWindow
GetMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSysColorBrush
GetWindow
GetMenuStringA
AppendMenuA
GetCapture
SetRectEmpty
EqualRect
LoadCursorA
IsRectEmpty
IntersectRect
wsprintfA
CreatePopupMenu
InsertMenuA
GetCursorPos
DdeAddData
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
DdeQueryStringA
DdeQueryConvInfo
DdePostAdvise
DdeCreateDataHandle
DdeAccessData
DdeUnaccessData
DdeCmpStringHandles
DdeInitializeA
DdeCreateStringHandleA
DdeNameService
GetDlgCtrlID
CallNextHookEx
UnhookWindowsHookEx
GetClassNameA
SetWindowsHookExA
TranslateMessage
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
CharLowerA
DestroyCaret
CreateCaret
SubtractRect
EnableScrollBar
GetOpenClipboardWindow
GetClipboardData
ShowCaret
HideCaret
EnableWindow
PeekMessageA
LoadStringA
DispatchMessageA
RedrawWindow
DrawFrameControl
GetMessagePos
DrawEdge
SystemParametersInfoA
ShowScrollBar
KillTimer
SetTimer
GetSystemMetrics
BringWindowToTop
ClipCursor
PtInRect
SetRect
LoadBitmapA
LoadMenuA
LoadImageA
GetIconInfo
CreateIconIndirect
FillRect
DrawStateA
OffsetRect
GetClientRect
ValidateRect
SetCursorPos
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorA
IsClipboardFormatAvailable
LoadAcceleratorsA
CopyRect
FrameRect
InflateRect
GetSysColor
DrawFocusRect
GetSubMenu
TrackPopupMenuEx
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
PostMessageA
UpdateWindow
InvalidateRect
GetWindowTextW
SendMessageA
GetWindowRect
ReleaseDC
GetDC
CallWindowProcW
SetWindowLongW
CreateWindowExW
MoveWindow
SendMessageW
SetCapture
ReleaseCapture
IsWindow
IsWindowVisible
IsWindowEnabled
ShowWindow
SetWindowPos
SetFocus
SetWindowTextW
ShowOwnedPopups
CopyAcceleratorTableA
GetFocus
InSendMessage

gdi32

CreateFontIndirectA
RealizePalette
GetDeviceCaps
FrameRgn
FillRgn
StretchDIBits
SetDIBitsToDevice
SetStretchBltMode
SelectPalette
RectInRegion
PatBlt
GetTextAlign
Polygon
StrokePath
EndPath
BeginPath
RoundRect
CreateHatchBrush
ExtTextOutA
CreateFontA
AbortDoc
EndDoc
StartPage
EndPage
StartDocA
SetBkMode
SetPixelV
SelectClipRgn
SetROP2
ResetDCA
PtVisible
RectVisible
Escape
GetSystemPaletteEntries
GetDIBits
GetRgnBox
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
CreateEllipticRgnIndirect
UnrealizeObject
SetBrushOrgEx
DPtoLP
LPtoDP
ExtCreatePen
CreatePalette
GetClipBox
SaveDC
RestoreDC
SetPolyFillMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
GetCurrentPositionEx
ExtSelectClipRgn
GetViewportExtEx
CreatePatternBrush
GetMapMode
CreateDCA
SetAbortProc
GetCharWidthA
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
CopyMetaFileA
EnumFontFamiliesExA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetBkMode
GetROP2
GetTextFaceA
CreateRectRgnIndirect
PtInRegion
CreateBrushIndirect
SetRectRgn
GetBkColor
PolylineTo
Polyline
CreatePolygonRgn
MoveToEx
LineTo
CreateSolidBrush
Ellipse
CreateEllipticRgn
CombineRgn
SetTextAlign
Rectangle
TextOutA
GetTextExtentPoint32A
GetTextColor
CreatePen
StretchBlt
CreateRectRgn
GetObjectA
GetPixel
SetPixel
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
DeleteObject
CreateFontIndirectW
EnumFontFamiliesA
CreateICA
CreatePenIndirect
GetTextExtentPointA
CreateDIBitmap
SelectObject
GetTextExtentPoint32W
GetTextMetricsA

comdlg32

GetOpenFileNameA
FindTextA
ReplaceTextA
CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetFileTitleA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

SetSecurityDescriptorDacl
RegCreateKeyA
RegEnumKeyA
RegQueryValueA
GetFileSecurityA
SetFileSecurityA
InitializeSecurityDescriptor
RegCloseKey
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueA

shell32

DragQueryFileA
ExtractIconA
SHGetFileInfoA
ShellExecuteA
ShellExecuteExA
DragFinish

comctl32

_TrackMouseEvent
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_DrawIndirect
ImageList_AddMasked

oledlg

ord3
ord7
ord5
ord8
ord1

ole32

ProgIDFromCLSID
OleConvertOLESTREAMToIStorage
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleConvertIStorageToOLESTREAM
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
CreateFileMoniker
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleLockRunning
StringFromCLSID
OleSetContainedObject
OleCreateFromData
CoGetClassObject
CoRegisterMessageFilter
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
WriteClassStg
GetRunningObjectTable
CoDisconnectObject
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleSetMenuDescriptor
OleIsRunning
OleRun
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
WriteClassStm
OleGetIconOfClass
ReleaseStgMedium
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSave
OleLoad
CoTreatAsClass
ReadClassStg
ReadFmtUserTypeStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemAlloc
OleGetClipboard
OleDuplicateData
OleCreateStaticFromData

olepro32

ord253
ord251

oleaut32

SafeArrayGetElemsize
SafeArrayCreate
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SafeArrayAccessData
SafeArrayDestroy
SysAllocStringLen
SysFreeString
SysStringLen
LoadTypeLi
VariantTimeToSystemTime
SafeArrayUnaccessData
VariantClear
VarR8FromStr

winmm

waveOutGetNumDevs
PlaySoundA

wininet

InternetCrackUrlA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 616KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5be6072227e871b30318ebe04fb5bede

Headers

File Characteristics

Imports

acsas32

netapi32

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

winmm

wininet

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 616KB - Virtual size: 613KB

.data Size: 128KB - Virtual size: 166KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 616KB - Virtual size: 613KB

.data
Size: 128KB - Virtual size: 166KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB