1aa0849cc934436fd1247a1c54a4c7ab1b427344fd4121e807373cdbdcb0d666

Sharing

Copy URL

Twitter E-mail

General

Target

1aa0849cc934436fd1247a1c54a4c7ab1b427344fd4121e807373cdbdcb0d666
Size

1.1MB
MD5

033b8ade758f2ff217bcafb31629cf0f
SHA1

0a0350327ac6c6266731bbf1b6f21595cf8b2cda
SHA256

1aa0849cc934436fd1247a1c54a4c7ab1b427344fd4121e807373cdbdcb0d666
SHA512

49b0e3c448eaae80ca9f32be272951ae6f9df861deedd79f5a6ba99b22533753c44adc101535d1b4c6c8021458333244bde7b89fc821a4bfe6efd9c19e437026
SSDEEP

12288:nQNIIFCZLEzSLDQcRXHQjQfZ6FmleHfK:FEOLDQGXQjqZ6Il

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aa0849cc934436fd1247a1c54a4c7ab1b427344fd4121e807373cdbdcb0d666

Files

1aa0849cc934436fd1247a1c54a4c7ab1b427344fd4121e807373cdbdcb0d666
.dll windows x86

239dcecb75566392750bde950db89f9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
ExitProcess
ExitThread
CreateThread
HeapSize
HeapReAlloc
GetSystemTimeAsFileTime
FatalAppExitA
SetUnhandledExceptionFilter
SetEnvironmentVariableA
SetEnvironmentVariableW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
RtlUnwind
VirtualQuery
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
CreateFileA
SetConsoleCtrlHandler
GetProcessHeap
GetLocaleInfoW
FileTimeToLocalFileTime
FileTimeToSystemTime
SizeofResource
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetFileTime
GetFileSize
GetFileAttributesW
GetProcessVersion
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FormatMessageW
LocalFree
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
lstrlenA
GetVersion
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GlobalFree
LockResource
FindResourceW
LoadResource
GetShortPathNameW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DeleteFileW
MultiByteToWideChar
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetLastError
SuspendThread
SetThreadPriority
ResumeThread
GetModuleFileNameW
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
SetLastError
GetLocalTime
GetVersionExW
CreateDirectoryW
GetUserDefaultUILanguage
ReleaseMutex
CreateMutexW
CreateEventW
WaitForSingleObject
SetEvent
ReadFile
WriteFile
CloseHandle
lstrcpynW
lstrcmpiW
CreateFileW
LoadLibraryW
GetProcAddress
WideCharToMultiByte
GetSystemDirectoryW
lstrlenW
FreeLibrary
lstrcatW
GlobalMemoryStatus
GetSystemInfo
lstrcpyW
VirtualProtect

user32

GetSysColor
MapWindowPoints
SendDlgItemMessageA
SendDlgItemMessageW
UpdateWindow
LoadIconW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageW
SetWindowTextW
MoveWindow
wvsprintfW
UnregisterClassW
GetClassNameW
GetDesktopWindow
InsertMenuW
DeleteMenu
GetMenuStringW
LoadCursorW
GetSysColorBrush
LoadStringW
DestroyMenu
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
OffsetRect
SetFocus
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetSystemMetrics
CharUpperW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SetCursor
ShowOwnedPopups
PostMessageW
PostQuitMessage
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
MessageBoxW
CopyRect
IntersectRect
SetRectEmpty
SetRect
wsprintfW
FillRect
WindowFromPoint
DrawMenuBar
InvalidateRect
EnableWindow
MapDialogRect
GetDialogBaseUnits
SetForegroundWindow
LoadBitmapW
AdjustWindowRectEx
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
PtInRect
ShowWindow
SendMessageW
SetScrollPos
SetScrollRange
EqualRect
SystemParametersInfoW
DeferWindowPos
InflateRect

gdi32

GetBitmapBits
GetObjectW
DeleteDC
StartDocW
SaveDC
RestoreDC
SelectObject
GetStockObject
SelectPalette
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
CreateBitmapIndirect
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CreateFontIndirectW
DPtoLP
GetDCOrgEx
GetTextExtentPoint32W
GetTextMetricsW
DeleteObject
Arc
Polyline
SetPixel
GetPixel
CreatePen
CreateBrushIndirect
CreateBitmap
CreatePatternBrush
ArcTo
CreateCompatibleBitmap
CreateDIBSection
CreateCompatibleDC
CreateDCW
GetCurrentObject
GetPaletteEntries
SetBitmapBits
GetNearestPaletteIndex
BitBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
SetJobW
ReadPrinter
WritePrinter
EndPagePrinter
StartPagePrinter
EndDocPrinter
StartDocPrinterW
GetPrinterDataW
GetPrinterW
OpenPrinterW
SetPrinterW
ClosePrinter

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW

shell32

DragAcceptFiles
ShellExecuteW
SHGetFileInfoW

comctl32

ord17

Exports

Exports

ShowOCTDlg32
SlpBitBlt
SlpCopyBits
SlpEscape
SlpPatCopy
SlpStretchBlt
SlpStrokePath
SlpTextOut
SplAbort
SplEndDoc
SplEndPage
SplStartDoc
SplStartPage

Sections

.text
Size: 476KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

239dcecb75566392750bde950db89f9b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 476KB - Virtual size: 473KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 40KB - Virtual size: 53KB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 496KB - Virtual size: 495KB

.reloc Size: 28KB - Virtual size: 24KB

.text
Size: 476KB - Virtual size: 473KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 40KB - Virtual size: 53KB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 496KB - Virtual size: 495KB

.reloc
Size: 28KB - Virtual size: 24KB