4e21ca2b17a13d7468c41fc9c5bd2dc25a969c7b093cddeaf97587e3c36f3b5e

Sharing

Copy URL Twitter E-mail

General

Target

4e21ca2b17a13d7468c41fc9c5bd2dc25a969c7b093cddeaf97587e3c36f3b5e
Size

2.3MB
MD5

af26cd9e60249a247e8c61fd70b8e201
SHA1

b9d4b13636d8dfbb6ad30bf3ffef8c4858af3a58
SHA256

4e21ca2b17a13d7468c41fc9c5bd2dc25a969c7b093cddeaf97587e3c36f3b5e
SHA512

bca77903fafe4468d35dcee90537a7b6d68da4a33fa0ad876532ba00c433a4efd41fcd52f231e4a64ce3c8f0078de4722a49ba4ccfc209737c3ee4a9c40ca048
SSDEEP

49152:I5Xk7160HgYAlIh5CITvxOUwj2hXtxoxo3D0WHc6eoot7dACO5Eg56yWUzNf:b160H7Al2CKxOUwj2ptxoxoQ6eoqRACf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e21ca2b17a13d7468c41fc9c5bd2dc25a969c7b093cddeaf97587e3c36f3b5e

Files

4e21ca2b17a13d7468c41fc9c5bd2dc25a969c7b093cddeaf97587e3c36f3b5e
.exe windows x86

dc024fb4dff6d6119510d2064e74c8cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW

languagelib

ord2
ord1

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetHidGuid

skinh

SkinH_Attach

kernel32

SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetStringTypeW
IsProcessorFeaturePresent
GetSystemInfo
GetACP
GetOEMCP
HeapSize
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
InterlockedCompareExchange
HeapQueryInformation
GetFileType
IsValidCodePage
SetStdHandle
ExitThread
RaiseException
RtlUnwind
HeapReAlloc
VirtualAlloc
CreateDirectoryA
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetDateFormatW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalGetAtomNameW
LocalAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
lstrcpyW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
ReleaseActCtx
CreateActCtxW
SuspendThread
SetThreadPriority
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
FileTimeToLocalFileTime
FindResourceExW
GetTimeFormatW
MultiByteToWideChar
FindFirstFileW
FindClose
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
CompareStringW
ActivateActCtx
DeactivateActCtx
lstrcmpW
SetLastError
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
DeviceIoControl
FreeLibrary
GetTickCount
ExitProcess
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
CreateThread
ReleaseMutex
QueryPerformanceCounter
QueryPerformanceFrequency
WritePrivateProfileStringW
GetPrivateProfileIntW
DeleteFileW
GetSystemDefaultLangID
SetThreadLocale
SetThreadUILanguage
GetVersionExW
CreateMutexW
GetFileSize
GetProcAddress
LoadLibraryW
SetEvent
ResetEvent
CancelIo
WaitForSingleObject
CreateEventW
ResumeThread
lstrcmpiW
ReadFile
WriteFile
PurgeComm
SetupComm
SetCommTimeouts
SetCommState
GetCommState
lstrlenW
lstrlenA
GetModuleFileNameW
VirtualQuery
InterlockedIncrement
InterlockedDecrement
GetPrivateProfileStringW
FileTimeToSystemTime
CloseHandle
GetFileTime
CreateFileW
Sleep
WideCharToMultiByte
GetLastError
GetCurrentDirectoryW
GetLocalTime
FindResourceW
LoadResource
LockResource
SizeofResource
GetCPInfo

user32

HideCaret
InvertRect
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
IsClipboardFormatAvailable
WaitMessage
UnregisterClassW
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
WindowFromPoint
SetCapture
SetWindowRgn
DeleteMenu
IntersectRect
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
GetSysColorBrush
DestroyMenu
GetMenuItemInfoW
InflateRect
ShowOwnedPopups
SetCursor
OffsetRect
SetRectEmpty
IsZoomed
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetIconInfo
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
GetCursorPos
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
OpenClipboard
LoadMenuW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
ValidateRect
CopyImage
EnableWindow
SendMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
FrameRect
CopyIcon
CharUpperBuffW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
GetWindowRgn
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
DestroyCursor
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
CreateMenu
DrawMenuBar
UnregisterDeviceNotification
RegisterDeviceNotificationW
SetDlgItemTextW
UnhookWindowsHookEx
MessageBoxExW
SetWindowsHookExW
EndDialog
TranslateMDISysAccel
GetClientRect
LoadIconW
GetSystemMenu
AppendMenuW
SetTimer
CreatePopupMenu
InsertMenuW
IsIconic
GetSystemMetrics
DrawIcon
GetWindowRect
EnableMenuItem
GetSubMenu
GetDC
ReleaseDC
KillTimer
CheckMenuItem
PostMessageW
GetSysColor
LoadCursorW
SystemParametersInfoW
IsWindow
SetRect
UpdateWindow
IsWindowVisible
RedrawWindow
SetForegroundWindow
GetFocus
PeekMessageW
PtInRect
PostQuitMessage
RemoveMenu
GetMenuItemCount
GetMenuItemID
GetMenuStringW
GetMenuState
DrawStateW
FillRect
InvalidateRect
LoadBitmapW
GetClassNameW
GetWindow
SetWindowPos

gdi32

CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
GetTextMetricsW
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
GetBkColor
GetTextColor
GetRgnBox
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
ExtSelectClipRgn
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
GetObjectW
SetDIBColorTable
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
StretchBlt
SelectObject
DeleteDC
GetPaletteEntries
DeleteObject
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
CreateSolidBrush
CreateDCW
CopyMetaFileW
GetDeviceCaps
PatBlt
GetTextExtentPoint32W
CreateFontIndirectW
CreateDIBSection
GetPixel

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumValueW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueW

shell32

SHAppBarMessage
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

StrToIntExW
PathFileExistsW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoInitializeEx
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
CoRegisterMessageFilter
CoTaskMemFree

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdiplusShutdown
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipSetInterpolationMode
GdipCreateBitmapFromStream
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipGetImagePixelFormat

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

gethostname
gethostbyname
inet_ntoa
WSACleanup
getprotobyname
WSAGetLastError
socket
htons
connect
send
recv
closesocket
setsockopt
WSAStartup

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 383KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc024fb4dff6d6119510d2064e74c8cf

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

languagelib

hid

skinh

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

wininet

version

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 383KB - Virtual size: 382KB

.data Size: 30KB - Virtual size: 63KB

.rsrc Size: 90KB - Virtual size: 90KB

.reloc Size: 197KB - Virtual size: 197KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 383KB - Virtual size: 382KB

.data
Size: 30KB - Virtual size: 63KB

.rsrc
Size: 90KB - Virtual size: 90KB

.reloc
Size: 197KB - Virtual size: 197KB