9bccda9f25efb38e82b81104cf1de7cd2f818f9b29173603a94b338713a25a88

Sharing

Copy URL Twitter E-mail

General

Target

9bccda9f25efb38e82b81104cf1de7cd2f818f9b29173603a94b338713a25a88
Size

10.5MB
MD5

25cae1e39d6a70346b9087f8ef0e35df
SHA1

0674c58eddb38fa5ba65880c014af95eca66f8bb
SHA256

9bccda9f25efb38e82b81104cf1de7cd2f818f9b29173603a94b338713a25a88
SHA512

a5fbbb5d03b747e3a90ee701ddff478e604707bdc2a512da6748fcae4211bdd21a57e8fc41d721fae0a3e61480b11634e15dbea52afc3e6f401c3de7bb17b9e0
SSDEEP

196608:aQONejujcq2qlegwwJQTwRhjFzUJdlJsv6tWKFdu9CqKFN:2Nv68baqh2dlJsv6tWKFdu9C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bccda9f25efb38e82b81104cf1de7cd2f818f9b29173603a94b338713a25a88

Files

9bccda9f25efb38e82b81104cf1de7cd2f818f9b29173603a94b338713a25a88
.exe windows x86

8cee85ca49820daa3ff3c52b8b7411f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExW
SystemFunction036
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetLengthSid
FreeSid
DuplicateToken
CopySid
AllocateAndInitializeSid
AccessCheck
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegQueryValueExW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

uxtheme

OpenThemeData
GetThemePartSize
GetCurrentThemeName
IsAppThemed
IsThemeActive
SetWindowTheme
GetThemeBool
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
ord47
CloseThemeData
GetThemeTransitionDuration
GetThemePropertyOrigin
GetThemeMargins
GetThemeEnumValue
GetThemeInt
GetThemeColor

dwmapi

DwmSetWindowAttribute
DwmEnableBlurBehindWindow
DwmIsCompositionEnabled
DwmGetWindowAttribute

imm32

ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

netapi32

NetShareEnum
NetApiBufferFree

ws2_32

WSAAsyncSelect

winmm

PlaySoundW
timeSetEvent
timeKillEvent

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Get_Child
CM_Get_Device_IDA
SetupDiEnumDeviceInfo
CM_Get_Parent
CM_Get_Sibling
CM_Get_Device_ID_Size
SetupDiGetDeviceInstanceIdW

bcrypt

BCryptGenRandom
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider

kernel32

FormatMessageW
WTSGetActiveConsoleSessionId
ExpandEnvironmentStringsW
CloseHandle
CreateProcessW
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId
GetUserDefaultLangID
CreateFileA
CreateFileW
ReadFile
SetFilePointer
WriteFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
GetConsoleWindow
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CompareStringEx
OutputDebugStringW
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCommandLineW
SetEvent
WaitForSingleObjectEx
CreateEventW
GetSystemTime
GetLocalTime
DuplicateHandle
WaitForSingleObject
Sleep
WaitForMultipleObjects
SwitchToThread
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
TerminateThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
GetSystemDirectoryW
LoadLibraryW
ResetEvent
GetDateFormatW
GetTimeFormatW
LocalFree
GetUserDefaultLCID
GetUserPreferredUILanguages
GetFileAttributesExW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount64
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetLogicalDrives
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
SetErrorMode
DeviceIoControl
CopyFileW
MoveFileW
MoveFileExW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileInformationByHandleEx
FlushFileBuffers
GetFileType
SetEndOfFile
SetFilePointerEx
GetStartupInfoW
GetModuleFileNameW
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
CreateNamedPipeW
GetExitCodeProcess
UnregisterWaitEx
RegisterWaitForSingleObject
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
FindNextFileW
MultiByteToWideChar
CompareStringW
LCMapStringW
FreeLibrary
GetModuleHandleExW
ReadFileEx
PeekNamedPipe
CancelIoEx
SleepEx
WriteFileEx
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualFree
OutputDebugStringA
FormatMessageA
GlobalFree
QueryDosDeviceA
GetVolumeNameForVolumeMountPointA
GetVolumePathNamesForVolumeNameA
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
GetLocaleInfoEx
SetFileAttributesW
GetStringTypeW
InitializeCriticalSectionEx
EncodePointer
DecodePointer
GetCPInfo
LCMapStringEx
RaiseException
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
RtlUnwind
SetLastError
LoadLibraryExW
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
SetStdHandle
HeapFree
HeapAlloc
HeapReAlloc
IsValidLocale
EnumSystemLocalesW
GetFileSizeEx
IsValidCodePage
GetACP
GetOEMCP
SetEnvironmentVariableW
HeapSize
GetProcessHeap
WriteConsoleW
GetModuleHandleW
GetCurrentThreadId
GetLastError
lstrcmpW
ConnectNamedPipe
GetCurrencyFormatW

user32

SetCursor
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetParent
SetParent
GetWindowThreadProcessId
GetWindow
DestroyCursor
DestroyIcon
MonitorFromPoint
GetAncestor
GetKeyboardLayoutList
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetCursorPos
WindowFromPoint
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
TrackPopupMenu
GetMenuItemInfoW
SetMenuItemInfoW
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
IsHungAppWindow
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetKeyboardLayout
RegisterWindowMessageW
IsWindowEnabled
CreateCaret
DestroyCaret
GetWindowRect
ShowCaret
SetCaretPos
FindWindowA
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
TrackPopupMenuEx
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
RegisterClassW
EnumDisplayDevicesW
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
GetWindowTextW
EnumWindows
RealGetWindowClassW
ChangeWindowMessageFilterEx
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
PostThreadMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
CharNextExA
GetClientRect
GetDC
DestroyWindow
DefWindowProcW
SystemParametersInfoW
GetSystemMetrics
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
AdjustWindowRectEx
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
GetSystemMenu
GetMenu
ReleaseCapture
SetCapture
GetCapture
IsTouchWindow
UnregisterTouchWindow
RegisterTouchWindow
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
SetLayeredWindowAttributes
UpdateLayeredWindow
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
UpdateLayeredWindowIndirect
GetCaretBlinkTime
MessageBeep
IsWindow
GetDoubleClickTime
GetDesktopWindow
GetSysColor
HideCaret
ReleaseDC

gdi32

CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
CombineRgn
SelectClipRgn
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
SetLayout
GetDIBits
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetBitmapBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps

shell32

SHGetKnownFolderPath
CommandLineToArgvW
Shell_NotifyIconGetRect
Shell_NotifyIconW
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHCreateItemFromParsingName
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetMalloc
SHGetFileInfoW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
OleUninitialize
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoCreateInstance
DoDragDrop
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc
CoCreateGuid
StringFromGUID2
CoLockObjectExternal
OleInitialize
RevokeDragDrop
RegisterDragDrop
OleSetClipboard

oleaut32

SysFreeString
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString

Sections

.text
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cee85ca49820daa3ff3c52b8b7411f1

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

wtsapi32

uxtheme

dwmapi

imm32

userenv

version

netapi32

ws2_32

winmm

setupapi

bcrypt

kernel32

user32

gdi32

shell32

ole32

oleaut32

Sections

.text Size: 6.4MB - Virtual size: 6.4MB

.rdata Size: 3.2MB - Virtual size: 3.2MB

.data Size: 82KB - Virtual size: 140KB

.qtmetad Size: 1KB - Virtual size: 1KB

.qtmimed Size: 315KB - Virtual size: 315KB

.rsrc Size: 293KB - Virtual size: 293KB

.reloc Size: 219KB - Virtual size: 219KB

.text
Size: 6.4MB - Virtual size: 6.4MB

.rdata
Size: 3.2MB - Virtual size: 3.2MB

.data
Size: 82KB - Virtual size: 140KB

.qtmetad
Size: 1KB - Virtual size: 1KB

.qtmimed
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 293KB - Virtual size: 293KB

.reloc
Size: 219KB - Virtual size: 219KB