60f6b5bc52d2ef436b80e3bf877668add68443ad1c79e4eded0971a42682a9ea

Sharing

Copy URL Twitter E-mail

General

Target

60f6b5bc52d2ef436b80e3bf877668add68443ad1c79e4eded0971a42682a9ea
Size

10.0MB
MD5

32bee05fe907de17b6c7e61d52ce32bf
SHA1

a10531121fdec2cc7a54ef0d02d4de273a0bb2fb
SHA256

60f6b5bc52d2ef436b80e3bf877668add68443ad1c79e4eded0971a42682a9ea
SHA512

133333ea26dad69294d8a1aac452af20ccf10faa1fa55d29afa3e18367800380d3f3d3202f66760c93281c28e582f73f3571564a5110b3c26b37b5eeeb6eb47e
SSDEEP

196608:klUuGawgwNq+wSgDZVpl5S669euhy5nnFk1BD/Yh3RFM2r6u7:tuGjgEuSgJa6skFkr8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60f6b5bc52d2ef436b80e3bf877668add68443ad1c79e4eded0971a42682a9ea

Files

60f6b5bc52d2ef436b80e3bf877668add68443ad1c79e4eded0971a42682a9ea
.exe windows x86

b5e63c3cc533ab7d6081c23f7c4588e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
lstrlenW
FreeResource
GetACP
CreateDirectoryW
GetFileAttributesW
SystemTimeToFileTime
FormatMessageW
lstrcmpiW
lstrcpynW
lstrcpyW
GlobalAlloc
GlobalSize
GlobalFree
FindFirstFileW
FindClose
FindNextFileW
GetWindowsDirectoryW
GetTempFileNameW
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
QueryDosDeviceW
Process32FirstW
Process32NextW
GetExitCodeProcess
Sleep
TerminateProcess
K32GetProcessImageFileNameW
CreateMutexW
GetConsoleCP
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetFileSize
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
EncodePointer
GetCurrentDirectoryW
MulDiv
OpenProcess
WaitForMultipleObjects
CreateSemaphoreW
QueryPerformanceCounter
CreateEventW
ReleaseSemaphore
ResetEvent
SetEvent
FileTimeToLocalFileTime
GetSystemInfo
DosDateTimeToFileTime
FileTimeToDosDateTime
GetSystemTimeAsFileTime
WideCharToMultiByte
GetModuleHandleW
VirtualFree
VirtualAlloc
LocalFileTimeToFileTime
GetVersionExW
ExpandEnvironmentStringsW
GetFileAttributesExW
GetModuleFileNameW
GetLocalTime
SetUnhandledExceptionFilter
OpenThread
MapViewOfFile
CreateFileMappingW
CreateProcessW
GetCurrentProcessId
LocalFree
CreateToolhelp32Snapshot
UnmapViewOfFile
SuspendThread
GetCurrentThreadId
WaitForSingleObject
Thread32First
Thread32Next
GetUserDefaultUILanguage
GetThreadContext
GetCurrentThread
GetCurrentProcess
ExitProcess
MultiByteToWideChar
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
GetPrivateProfileStringW
MoveFileW
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryW
DeleteFileW
InitializeCriticalSection
LeaveCriticalSection
RemoveDirectoryW
EnterCriticalSection
WritePrivateProfileStringW
FindResourceW
LoadResource
LockResource
SetFilePointer
SetFileTime
WriteFile
SizeofResource
CloseHandle
CreateFileW
ReadFile
GetProcessHeap
DeleteCriticalSection
MoveFileExW
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
SetFileAttributesW
HeapSize
HeapFree
InitializeCriticalSectionEx
IsValidCodePage
WriteConsoleW

user32

IsWindowEnabled
GetPropW
SetPropW
GetSystemMetrics
EnableWindow
ShowWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
RegisterClassW
GetWindowTextLengthW
wsprintfA
DrawTextA
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
SetForegroundWindow
SetWindowRgn
GetKeyboardLayout
CharPrevW
ReleaseDC
PostQuitMessage
SetWindowTextW
MonitorFromWindow
MessageBoxW
SetWindowPos
GetDC
GetWindowRect
KillTimer
SetTimer
CharNextW
CharPrevExA
GetKeyNameTextW
MapVirtualKeyExW
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
ExitWindowsEx
DrawTextW
FillRect
SetRect
DestroyWindow
UpdateLayeredWindow
MoveWindow
GetWindowRgn
LoadIconW
UpdateWindow
EqualRect
GetWindowTextW
CallWindowProcW
DefWindowProcW
wsprintfW
LoadCursorW
PtInRect
MonitorFromPoint
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
PostMessageW
IsWindow
IsWindowVisible
IsIconic
IsZoomed
SetFocus
GetActiveWindow
GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
GetCursorPos
ScreenToClient
MapWindowPoints
GetSysColor
IntersectRect
UnionRect
OffsetRect
IsRectEmpty
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
LoadImageW
GetMonitorInfoW
GetFocus
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
SetCursor
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
InflateRect

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
LineTo
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
CreateDIBitmap
MoveToEx
TextOutW
GdiFlush
CreateRectRgn
PtInRegion
CreatePatternBrush
GetTextExtentPointA
GetBitmapBits
SetBitmapBits
SetTextAlign
ExtTextOutW
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetStockObject
AddFontMemResourceEx
RemoveFontMemResourceEx
Rectangle
RestoreDC
SaveDC
SelectObject
CloseEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
GetClipBox
GetObjectA
GetCharABCWidthsW
GetTextExtentPoint32W

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
OpenProcessToken
CreateProcessAsUserW
SetTokenInformation
CreateRestrictedToken
FreeSid
AllocateAndInitializeSid
GetTokenInformation
CloseServiceHandle
CreateServiceW
OpenSCManagerW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetFolderPathW
DragQueryFileW
CommandLineToArgvW
SHFileOperationW
ShellExecuteW

ole32

CoTaskMemFree
OleLockRunning
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
DoDragDrop
CoInitializeEx
CoUninitialize
CoCreateInstance
PropVariantClear

oleaut32

SysAllocStringLen
VariantCopy
SysFreeString
VariantInit
SysAllocString
VariantClear

shlwapi

PathAddBackslashW
ord12
PathAppendW
PathIsRelativeW
PathFindFileNameW
PathCombineW
PathIsDirectoryEmptyW
PathIsDirectoryW
PathCanonicalizeW
StrStrIW
PathRemoveFileSpecW
PathFileExistsW
StrCmpNIW

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdiplus

GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipAddPathRectangleI
GdipCreateRegion
GdipGetImageGraphicsContext
GdipSetClipPath
GdipSetClipRegion
GdipCreateTexture
GdipTranslateTextureTransform
GdipDrawImageRectRect
GdipClosePathFigures
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipAddPathEllipse
GdipCreateFont
GdipGetClip
GdipCreateBitmapFromScan0
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteRegion
GdipGraphicsClear
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangleI
GdipDrawPath
GdipDrawRectangleI
GdipSetTextRenderingHint
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipAddPathArc
GdipAddPathLine
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipGetImageHeight
GdipGetImageWidth
GdipAddPathRectangle
GdiplusShutdown
GdiplusStartup
GdipAddPathArcI
GdipCreateLineBrushI
GdipDeleteBrush
GdipAlloc
GdipDeletePath
GdipSetSmoothingMode
GdipCreatePath
GdipCreateSolidFill
GdipFillPath
GdipAddPathLineI
GdipClosePathFigure
GdipFree
GdipCreateFromHDC
GdipCloneBrush
GdipDeleteGraphics
GdipSetInterpolationMode

imm32

ImmGetContext
ImmSetCompositionWindow
ImmSetOpenStatus
ImmSetCompositionFontW
ImmGetCompositionWindow
ImmReleaseContext

uxtheme

BufferedPaintUnInit
BeginBufferedPaint
EndBufferedPaint
BufferedPaintInit

ws2_32

gethostname
gethostbyname
WSAStartup

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 1005KB - Virtual size: 1005KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 236.9MB - Virtual size: 236.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5e63c3cc533ab7d6081c23f7c4588e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

imm32

uxtheme

ws2_32

version

Sections

.text Size: 1005KB - Virtual size: 1005KB

.rdata Size: 228KB - Virtual size: 228KB

.data Size: 14KB - Virtual size: 49KB

.tls Size: 512B - Virtual size: 21B

.gfids Size: 512B - Virtual size: 488B

.rsrc Size: 236.9MB - Virtual size: 236.9MB

.reloc Size: 60KB - Virtual size: 60KB

.text
Size: 1005KB - Virtual size: 1005KB

.rdata
Size: 228KB - Virtual size: 228KB

.data
Size: 14KB - Virtual size: 49KB

.tls
Size: 512B - Virtual size: 21B

.gfids
Size: 512B - Virtual size: 488B

.rsrc
Size: 236.9MB - Virtual size: 236.9MB

.reloc
Size: 60KB - Virtual size: 60KB