868df6254c5895622e58b9d5930948f79fbf061ff5f9ced62a9ec4efb0115223

Sharing

Copy URL

Twitter E-mail

General

Target

868df6254c5895622e58b9d5930948f79fbf061ff5f9ced62a9ec4efb0115223
Size

2.2MB
MD5

3cb7202292678a41db0e813d2340d39d
SHA1

3bbdce571828dcd3a1d64557039fafa923974653
SHA256

868df6254c5895622e58b9d5930948f79fbf061ff5f9ced62a9ec4efb0115223
SHA512

64c91c41c3b67c4e19397dc63e699598ac64f7b843e3bb1885ccb8e6e889ed3a27b9e52fed90e58f9edff3b59d634e908e39eaa20fbc8db6ab69f7650e06105e
SSDEEP

49152:Z3vDr1agsSoWyTKtyUqCnvmjapbpTPUV2uzKrGNmG22y08:Bv1agsSYTKXvvmjcdTPUV2KKrGNmG22y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
868df6254c5895622e58b9d5930948f79fbf061ff5f9ced62a9ec4efb0115223

Files

868df6254c5895622e58b9d5930948f79fbf061ff5f9ced62a9ec4efb0115223
.exe windows x86

8d83ad863ce4ca597f849cd796a7d491

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

comctl32

InitCommonControlsEx

uxtheme

DrawThemeText
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor

kernel32

GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
RaiseException
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
FindResourceExW
SetErrorMode
GetWindowsDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SearchPathW
GetProfileIntW
SystemTimeToTzSpecificLocalTime
TerminateProcess
SetUnhandledExceptionFilter
FormatMessageA
LoadLibraryExA
RtlUnwind
GetSystemInfo
VirtualQuery
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
ExitProcess
GetStdHandle
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetTempPathW
SetFilePointer
GetCurrentDirectoryW
VerifyVersionInfoW
VerSetConditionMask
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
FileTimeToSystemTime
GlobalFlags
GlobalGetAtomNameW
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GlobalAddAtomW
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThread
GetTickCount64
lstrcpyW
lstrcmpW
GlobalReAlloc
InitializeCriticalSectionAndSpinCount
CloseHandle
GetFileSize
CreateFileW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
CopyFileW
FormatMessageW
LocalFree
GlobalSize
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
GetCurrentThreadId
SetLastError
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
GetCurrentProcessId
MulDiv
GlobalLock
GlobalUnlock
VirtualAlloc
GetProcessHeap
IsBadReadPtr
VirtualProtect
VirtualFree
FreeLibrary
Sleep
LoadLibraryA
GetProcAddress
DecodePointer
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
LCMapStringW
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
WriteConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
UnhandledExceptionFilter
FreeLibraryAndExitThread
GetModuleHandleExW
HeapQueryInformation
QueryPerformanceFrequency
SetStdHandle
GetFileType

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
RegEnumValueW
RegCloseKey

shell32

DragQueryFileW
DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteW
SHAppBarMessage
ExtractIconW
SHAddToRecentDocs

oledlg

OleUIBusyW

gdi32

CreatePalette
GetTextFaceW
GetWindowOrgEx
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
GetCharWidthW
Polyline
Polygon
CreatePolygonRgn
GetBkColor
LPtoDP
Ellipse
CreateEllipticRgn
Rectangle
GetViewportOrgEx
GetTextColor
OffsetRgn
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CreateRoundRectRgn
GetTextMetricsW
GetTextExtentPoint32W
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
PatBlt
GetDIBits
CombineRgn
DPtoLP
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
CreateFontIndirectW
CreateCompatibleBitmap
CreateDCW
CopyMetaFileW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
FillRgn
ExtTextOutW
GetPaletteEntries
MoveToEx
GetObjectW
StartDocW
SetTextAlign
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteDC
ExtFloodFill
FrameRgn
PtInRegion
TextOutW
SetPaletteEntries
EnumFontFamiliesExW
RoundRect
GetNearestPaletteIndex
GetSystemPaletteEntries
SetPixelV
GetBoundsRect

shlwapi

PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown

msimg32

AlphaBlend
TransparentBlt

user32

GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
DrawStateW
InvalidateRect
GetClassNameW
LoadBitmapW
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
IsChild
IsWindowVisible
SetRectEmpty
CopyRect
IsIconic
GetDlgCtrlID
AdjustWindowRectEx
SetRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IntersectRect
IsRectEmpty
DestroyIcon
LoadImageW
CopyImage
SetTimer
KillTimer
GetSystemMetrics
InflateRect
GetIconInfo
RegisterWindowMessageW
TrackMouseEvent
BeginDeferWindowPos
EndDeferWindowPos
CharUpperW
SetFocus
GetAsyncKeyState
GetCapture
SetCapture
ReleaseCapture
GetSystemMenu
CheckMenuItem
EnableMenuItem
DeleteMenu
SetWindowRgn
SetCursor
WindowFromPoint
EqualRect
LoadCursorW
NotifyWinEvent
DrawFrameControl
IsMenu
GetKeyState
GetMenuItemInfoW
GetClassLongW
DestroyAcceleratorTable
GetTopWindow
GetWindow
CreatePopupMenu
ModifyMenuW
TrackPopupMenu
MonitorFromPoint
GetMonitorInfoW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
RegisterClipboardFormatW
PostQuitMessage
GetDesktopWindow
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
SetDlgItemTextW
CheckDlgButton
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetWindowLongW
IsDialogMessageW
GetMessageW
ValidateRect
ShowOwnedPopups
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetWindowPlacement
SetWindowPlacement
DeferWindowPos
GetMenu
SetMenu
GetForegroundWindow
SetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
MapWindowPoints
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RealChildWindowFromPoint
SetParent
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SendDlgItemMessageA
DestroyCursor
DrawIcon
DrawEdge
DrawFocusRect
DrawIconEx
IsClipboardFormatAvailable
GetDoubleClickTime
GetKeyNameTextW
CharUpperBuffW
SetCursorPos
CopyIcon
FrameRect
GetComboBoxInfo
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
CharNextW
InvalidateRgn
GetNextDlgGroupItem
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetTabbedTextExtentW
CreateMenu
GetWindowRgn
HideCaret
InvertRect
GetWindowRect
GetClientRect
GetSubMenu
DestroyMenu
LoadMenuW
IsWindow
WaitMessage
PostThreadMessageW
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
SendMessageW
FillRect
GetSysColor
ScreenToClient
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UpdateWindow
ClientToScreen
UnregisterClassW
EnableWindow
GetFocus
SetWindowPos

ole32

CoInitializeEx
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
OleFlushClipboard
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateInstance
OleIsCurrentClipboard
DoDragDrop
OleLockRunning
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject

oleaut32

VariantCopy
VarBstrFromDate
LoadTypeLi
SysFreeString
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d83ad863ce4ca597f849cd796a7d491

Headers

DLL Characteristics

File Characteristics

Imports

wininet

winspool.drv

comctl32

uxtheme

kernel32

advapi32

shell32

oledlg

gdi32

shlwapi

gdiplus

msimg32

user32

ole32

oleaut32

imm32

oleacc

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 384KB - Virtual size: 384KB

.data Size: 49KB - Virtual size: 69KB

.data1 Size: 6KB - Virtual size: 6KB

.trace Size: 8KB - Virtual size: 8KB

_RDATA Size: 1KB - Virtual size: 1KB

.debug_o Size: 5KB - Virtual size: 4KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 149KB - Virtual size: 149KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 384KB - Virtual size: 384KB

.data
Size: 49KB - Virtual size: 69KB

.data1
Size: 6KB - Virtual size: 6KB

.trace
Size: 8KB - Virtual size: 8KB

_RDATA
Size: 1KB - Virtual size: 1KB

.debug_o
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 149KB - Virtual size: 149KB