9ed0a00298c8fd2155cc30d7a6a684af514770c18008ae0b271f2c7e46c59a3a

Sharing

Copy URL Twitter E-mail

General

Target

9ed0a00298c8fd2155cc30d7a6a684af514770c18008ae0b271f2c7e46c59a3a
Size

4.5MB
MD5

13b4d9ef09d6e78d8b9495c201d4e453
SHA1

a720614f64d7435b959213989c286d66af376619
SHA256

9ed0a00298c8fd2155cc30d7a6a684af514770c18008ae0b271f2c7e46c59a3a
SHA512

fb46f30816f2b83b176fd32b5a263882cf0ab10a5255343f0d9093c4e5d7b79c7a289d8dc2388d8d4ab6f8d6b72c2f0a078cb2a67000ae549f7c6b60f967cdab
SSDEEP

98304:5rOmgnYy7MwOeKXwPMd/E3ZfNnxa0CKHY5LEOqMQDUwBTDOVsHrFFpOO96:5rOnYpvd/YCKHY5LfqM8UwZKCg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ed0a00298c8fd2155cc30d7a6a684af514770c18008ae0b271f2c7e46c59a3a

Files

9ed0a00298c8fd2155cc30d7a6a684af514770c18008ae0b271f2c7e46c59a3a
.exe windows x86

4c8311e829e5b2808deb6b5d15539bed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsetup

ord11

kernel32

IsValidCodePage
FindNextFileW
FindFirstFileExW
ReadConsoleW
GetStringTypeW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
MoveFileExW
LCMapStringW
CompareStringW
GetStdHandle
ExitProcess
FreeEnvironmentStringsW
GetFileType
SetStdHandle
HeapQueryInformation
GetCommandLineW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
VirtualQuery
VirtualAlloc
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetFullPathNameW
GetDriveTypeW
RtlUnwind
RaiseException
OutputDebugStringW
GetEnvironmentStringsW
CreateFileW
QueryPerformanceFrequency
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetFileSize
ReadFile
SetFilePointer
WriteFile
CloseHandle
GetLastError
Sleep
lstrcmpA
lstrcatA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
GetLocalTime
lstrlenA
LoadResource
LockResource
SizeofResource
SetFileAttributesA
FindResourceW
WideCharToMultiByte
GetTickCount
GetCommandLineA
CreateMutexA
GetVersionExA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
lstrcmpiA
SetThreadLocale
GetModuleHandleA
DecodePointer
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
DeleteCriticalSection
CreateThread
SuspendThread
ResumeThread
CreateDirectoryA
GetDriveTypeA
GetFileAttributesA
WriteConsoleW
CreateFileMappingA
GetDiskFreeSpaceA
SetVolumeLabelA
SetLastError
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
LocalFree
MulDiv
FormatMessageA
CopyFileA
MultiByteToWideChar
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
GetVolumeInformationA
OutputDebugStringA
DuplicateHandle
GetCurrentProcess
GetModuleFileNameW
GetModuleHandleW
LoadLibraryW
MoveFileA
GetThreadLocale
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GetCurrentProcessId
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LocalAlloc
SetEvent
WaitForSingleObject
SetThreadPriority
GetCurrentThread
GetFileAttributesExA
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
SetErrorMode
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
lstrcpyA
FindResourceExW
GetWindowsDirectoryA
GetTickCount64
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetProfileIntA
SearchPathA
GetTempFileNameA
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
LoadImageW
TrackMouseEvent
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableA
LoadCursorW
ReleaseCapture
SetCapture
WaitMessage
DestroyIcon
DeleteMenu
GetAsyncKeyState
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
RealChildWindowFromPoint
IntersectRect
InflateRect
LoadCursorA
GetSysColorBrush
LoadBitmapA
CharNextA
OffsetRect
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
GetMessageA
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
MapVirtualKeyA
GetKeyNameTextA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
IsWindowEnabled
GetMonitorInfoA
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetSystemMenu
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetCursorPos
CopyIcon
FrameRect
EnableWindow
SetWindowRgn
RedrawWindow
GetClientRect
MessageBoxA
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
FillRect
GetSysColor
SetClipboardData
EmptyClipboard
DrawStateA
SetClassLongA
SetParent
DrawEdge
DrawFrameControl
IsZoomed
MonitorFromWindow
InvalidateRect
GetWindowRect
GetParent
LoadStringA
PostMessageA
PostQuitMessage
SetFocus
UpdateWindow
GetCursorPos
WindowFromPoint
CopyRect
GetClassNameA
LoadIconW
GetWindowLongA
SetWindowLongA
UnregisterClassA
CharToOemBuffA
OemToCharBuffA
SetTimer
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
DrawIcon
UnionRect
PostThreadMessageA
TranslateMessage
LoadMenuW
DispatchMessageA
PeekMessageA
CharLowerA
GetDesktopWindow
LoadImageA
SendMessageA
KillTimer
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
GetPropA
UpdateLayeredWindow

gdi32

GetTextFaceA
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreateCompatibleBitmap
EnumFontFamiliesExA
GetRgnBox
GetTextMetricsA
GetTextExtentPoint32A
DPtoLP
SetRectRgn
GetMapMode
CombineRgn
GetTextColor
GetBkColor
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
SetTextAlign
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateFontIndirectA
GetStockObject
CreateSolidBrush
CreateRectRgn
GetObjectA
StretchDIBits
RealizePalette
GetDIBits
CreatePalette

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
CryptReleaseContext
CryptDeriveKey
CryptEncrypt
CryptDecrypt
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
CryptAcquireContextA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

ShellExecuteExA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathIsUNCA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindFileNameA
PathStripToRootA

uxtheme

GetThemeSysColor
DrawThemeBackground
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemePartSize
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed

ole32

OleUninitialize
CreateStreamOnHGlobal
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleInitialize

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
VariantCopy
VarBstrFromDate
SysAllocString
OleCreateFontIndirect
SysAllocStringByteLen
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SysFreeString

oledlg

ord8

winmm

timeGetTime
PlaySoundA

ws2_32

WSACleanup
WSAGetLastError
WSAAsyncSelect
WSAStartup
gethostbyname
connect
ioctlsocket
htons
inet_addr
ntohs
recv
send
setsockopt
socket
closesocket

gdiplus

GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetImagePalette

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

FtpOpenFileA
FtpFindFirstFileA
HttpQueryInfoA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetFindNextFileA
HttpSendRequestA
HttpOpenRequestA
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetReadFile

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c8311e829e5b2808deb6b5d15539bed

Headers

DLL Characteristics

File Characteristics

Imports

dsetup

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

ws2_32

gdiplus

oleacc

wininet

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 389KB - Virtual size: 389KB

.data Size: 24KB - Virtual size: 48KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 389KB - Virtual size: 389KB

.data
Size: 24KB - Virtual size: 48KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB