bfbc034c8d43bcd15432ae9da887333694cb35729f185f5dced51c906c87d3c0

Sharing

Copy URL

Twitter E-mail

General

Target

bfbc034c8d43bcd15432ae9da887333694cb35729f185f5dced51c906c87d3c0
Size

4.7MB
MD5

9c641276653729ed8d7d4c67332b1f97
SHA1

4cd9bceaab37cf0d44590f57c7c6d6746743d2e7
SHA256

bfbc034c8d43bcd15432ae9da887333694cb35729f185f5dced51c906c87d3c0
SHA512

359eb358199e54689a30abf8278e6ac9c3713ba4c8bfd96d1f80a7de0926fcaa7bd615504188fe5c463859f48f517118a3eb6831e789035d4172f480d780994d
SSDEEP

49152:Q9nFtU5p/FnkYS2upf7szXU3Qv4SqmetESiIgN9v+Jfi8rJbA0PNwevn/19L2ULc:68P61QwSqme2efJpPHf/19L2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfbc034c8d43bcd15432ae9da887333694cb35729f185f5dced51c906c87d3c0

Files

bfbc034c8d43bcd15432ae9da887333694cb35729f185f5dced51c906c87d3c0
.exe windows x86

9092a87e5f86c42230cb365556b27d45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetModuleFileNameA
GetModuleHandleExW
HeapValidate
GetSystemInfo
SetStdHandle
GetFileType
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
VirtualAlloc
GetStdHandle
WriteConsoleW
QueryPerformanceFrequency
ExitProcess
GetACP
GetStringTypeW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetDriveTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
VirtualQuery
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
Sleep
SearchPathW
GetTempPathW
GetTickCount
GetUserDefaultLCID
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GetCurrentProcess
GetHandleInformation
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CreateFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
OutputDebugStringW
VirtualProtect
GetProfileIntW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetErrorMode
GlobalFlags
GetThreadLocale
GetCurrentProcessId
GetPrivateProfileIntW
GetCurrentThread
WaitForSingleObject
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetAtomNameW
GlobalGetAtomNameW
lstrcmpA
ResumeThread
SuspendThread
SetThreadPriority
CopyFileW
GlobalFree
GlobalSize
GlobalAlloc
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
MulDiv
GlobalUnlock
GlobalLock
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
ReadFile
GetOverlappedResult
WriteFile
GetVersion
LocalFree
FormatMessageW
GetCommMask
WaitForMultipleObjects
ClearCommError
WaitCommEvent
LeaveCriticalSection
PurgeComm
SetCommState
BuildCommDCBW
GetCommState
SetCommMask
SetCommTimeouts
CreateFileA
EnterCriticalSection
InitializeCriticalSection
CreateEventW
ResetEvent
CloseHandle
SetEvent
WritePrivateProfileStringW
DeleteFileW
GetPrivateProfileStringW
GetCurrentDirectoryW
lstrcmpiW
lstrlenW
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
GetCPInfo
GetLastError
SetLastError
MultiByteToWideChar
GetVersionExW
CompareStringW

user32

BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
GetMenuCheckMarkDimensions
NotifyWinEvent
LoadIconW
LoadCursorW
GetWindow
GetLastActivePopup
GetTopWindow
SetParent
GetParent
GetDesktopWindow
GetWindowLongW
WindowFromPoint
MapWindowPoints
HideCaret
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
EnableWindow
KillTimer
SetTimer
SetCapture
GetCapture
GetFocus
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageW
IntersectRect
MapDialogRect
DestroyMenu
MapVirtualKeyW
GetKeyNameTextW
LoadBitmapW
InvertRect
FrameRect
DrawFocusRect
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
PostQuitMessage
DeferWindowPos
CopyRect
TabbedTextOutW
DrawStateW
GrayStringW
DrawTextExW
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoW
InsertMenuItemW
SetMenuItemBitmaps
GetMenu
SetMenu
TrackPopupMenu
ScrollWindow
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
MessageBoxW
EqualRect
GetClassLongW
GetClassNameW
DeleteMenu
RemoveMenu
ModifyMenuW
AppendMenuW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
GetSysColor
SetRect
GetMenuItemInfoW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetSystemMetrics
FillRect
GetSysColorBrush
DestroyCursor
IsMenu
SetCursor
SendMessageW
PostMessageW
InflateRect
OffsetRect
GetDC
ReleaseDC
GetIconInfo
CreateIconIndirect
LoadImageW
DrawTextW
UnregisterClassW
GetCursorPos
PtInRect
IsWindow
SetRectEmpty
SetWindowLongW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
DrawEdge
DrawFrameControl
LoadMenuW
GetMenuStringW
GetMenuState
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
CharUpperBuffW
GetDoubleClickTime
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
RegisterClipboardFormatW
CopyIcon
SetCursorPos
EmptyClipboard
SetClipboardData
CloseClipboard
PeekMessageW
EndDeferWindowPos
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
MessageBeep
CopyAcceleratorTableW
CharNextW
WaitMessage
TrackMouseEvent
CharUpperW
IsRectEmpty
GetClipboardFormatNameW
GetClipboardFormatNameA
CopyImage
GetAsyncKeyState
ReuseDDElParam
UnpackDDElParam
ShowWindow
MoveWindow
CheckDlgButton
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
CreateDialogIndirectParamW
EndDialog
SendDlgItemMessageA
GetMessageW
TranslateMessage
GetWindowThreadProcessId
RealChildWindowFromPoint
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW

gdi32

CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
ExcludeClipRect
GetClipBox
GetDeviceCaps
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateDCW
CreateEllipticRgn
CreateFontIndirectW
CreatePalette
CreateRectRgnIndirect
CreateRoundRectRgn
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBkMode
GetBoundsRect
GetMapMode
StretchDIBits
GetPaletteEntries
GetRgnBox
GetTextColor
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SetPaletteEntries
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsW
TextOutW
ExtTextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceW
CopyMetaFileW
EnumFontFamiliesExW
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetDIBColorTable
SetPixel
GetPixel
GetObjectType
GetCharWidthW
GetObjectW
CreateFontW
CreateCompatibleBitmap
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
ExtSelectClipRgn
DeleteDC
DeleteObject
CreateSolidBrush
BitBlt
GetTextExtentPoint32W
CreateCompatibleDC
CreateDIBSection
GetNearestPaletteIndex
SelectObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegQueryInfoKeyW
RegEnumValueW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHAppBarMessage
ShellExecuteW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoW
DragFinish
DragQueryFileW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
StrFormatKBSizeW
PathIsUNCW
PathFindExtensionW

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetWindowTheme
GetThemeSysColor
CloseThemeData
DrawThemeBackground
OpenThemeData

ole32

CoRegisterMessageFilter
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
StringFromGUID2
CoInitializeEx
CoDisconnectObject
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
IsAccelerator
CoFreeUnusedLibraries

oleaut32

OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantChangeType
VariantInit
SysFreeString
SysAllocStringLen
VariantClear
SysAllocString

oledlg

OleUIBusyW

skinhu

SkinH_AttachEx

winmm

PlaySoundW

libhpdf

HPDF_Page_MoveTo
HPDF_New
HPDF_SetCompressionMode
HPDF_UseCNSFonts
HPDF_Page_BeginText
HPDF_Page_MoveTextPos
HPDF_Page_ShowText
HPDF_Free
HPDF_SaveToFile
HPDF_Page_Stroke
HPDF_Page_LineTo
HPDF_Page_EndText
HPDF_Page_GetWidth
HPDF_Page_GetHeight
HPDF_Page_TextOut
HPDF_Page_TextWidth
HPDF_Page_SetFontAndSize
HPDF_AddPage
HPDF_GetFont
HPDF_UseCNSEncodings

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipBitmapUnlockBits
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipCreateBitmapFromStreamICM
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromStream

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 531KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9092a87e5f86c42230cb365556b27d45

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

skinhu

winmm

libhpdf

oleacc

gdiplus

imm32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 531KB - Virtual size: 531KB

.data Size: 23KB - Virtual size: 59KB

.gfids Size: 111KB - Virtual size: 111KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 349KB - Virtual size: 349KB

.reloc Size: 188KB - Virtual size: 187KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 531KB - Virtual size: 531KB

.data
Size: 23KB - Virtual size: 59KB

.gfids
Size: 111KB - Virtual size: 111KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 349KB - Virtual size: 349KB

.reloc
Size: 188KB - Virtual size: 187KB