e8720f2e161075c7c460b06a67265d64f2e7aa7feb8b8b050785737bb7ad585f

Sharing

Copy URL Twitter E-mail

General

Target

e8720f2e161075c7c460b06a67265d64f2e7aa7feb8b8b050785737bb7ad585f
Size

3.7MB
MD5

74c7bfd8810aa9d9a4b95fdcfd9c63f6
SHA1

238ca30e8a89228da1b7ec6bb266872b6e11addd
SHA256

e8720f2e161075c7c460b06a67265d64f2e7aa7feb8b8b050785737bb7ad585f
SHA512

069fc7c5ba16e4feda11e39d5930bc57884d38f3df543376f9433e917ed9a2476a3679d8dc2d5fdcc2da33bfcc3d2ebaf66e36935da3bdedc7451bec2d08875f
SSDEEP

98304:DtiyURL2iBfFLcock20VlKdsGc5XmN7LgBPp+3HPD00wxQu5F/Hk+eaFF4kbyy3:gyUR2Bdj744vI0wxQun/Hk+eaFF4ku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8720f2e161075c7c460b06a67265d64f2e7aa7feb8b8b050785737bb7ad585f

Files

e8720f2e161075c7c460b06a67265d64f2e7aa7feb8b8b050785737bb7ad585f
.exe windows x86

f2f88956f4b632cbf7f17046872447f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFileExistsW
StrStrIW
StrCmpIW
StrCatW
StrCpyW

gdiplus

GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipAlloc
GdipFree
GdipCreatePen1
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawImageI
GdipDrawImageRectI
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDrawImageRectRect
GdipCreateFromHDC
GdipCreateBitmapFromFileICM
GdipDeletePen
GdipDisposeImage
GdipDeleteGraphics
GdipCreateBitmapFromFile

kernel32

HeapReAlloc
HeapSize
HeapQueryInformation
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetACP
RaiseException
IsValidCodePage
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
FatalAppExitA
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
GetTimeZoneInformation
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
WriteConsoleW
GetDriveTypeW
GetFullPathNameA
GetProcessHeap
SetEnvironmentVariableA
GetSystemTimeAsFileTime
DecodePointer
GetOEMCP
EncodePointer
SizeofResource
LockResource
LoadResource
FindResourceW
HeapAlloc
GetVersionExW
GetVersion
MultiByteToWideChar
lstrcmpiW
lstrlenW
lstrlenA
GetCPInfo
FreeResource
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
DeactivateActCtx
GetLastError
ActivateActCtx
GlobalUnlock
GlobalSize
GlobalLock
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalFree
GetPrivateProfileStringW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
GetSystemInfo
GetLocalTime
CreateFileW
CloseHandle
Sleep
GetTickCount
ExitProcess
QueryPerformanceCounter
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
DeviceIoControl
CreateEventW
ExitThread
TerminateThread
HeapFree
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
LocalLock
LocalUnlock
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
WritePrivateProfileStringW
CreateThread
CreateMutexW
OpenMutexW
FreeLibrary
GetCurrentThreadId
MulDiv
WaitForMultipleObjects
FindClose
FindFirstFileW
CreateDirectoryW
SetCurrentDirectoryW
lstrcpyW
WideCharToMultiByte
WinExec
lstrcatW
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetFileTime
GetFileSizeEx
SetFileTime
LocalFileTimeToFileTime
SetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetTempPathW
GetTempFileNameW
GetFileAttributesW
GetCurrentDirectoryW
GlobalFlags
SystemTimeToFileTime
GetWindowsDirectoryW
GetSystemDefaultLangID
Process32NextW
GetAtomNameW
GlobalGetAtomNameW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
MoveFileW
DeleteFileW
GetThreadLocale
GetStringTypeExW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
CopyFileW
FormatMessageW
LocalFree
GetOverlappedResult
SetEvent
WriteFile
FlushFileBuffers
GetCurrentProcessId
GetFileSize
ReadFile
GlobalReAlloc
CreateToolhelp32Snapshot
Process32FirstW

user32

GetTabbedTextExtentW
EnumChildWindows
GetWindowRgn
SubtractRect
MapVirtualKeyExW
IsCharLowerW
CharUpperBuffW
GetUpdateRect
SendNotifyMessageW
IsClipboardFormatAvailable
InSendMessage
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
RegisterClipboardFormatW
GetDCEx
HideCaret
InvertRect
GetMenuDefaultItem
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
SetClassLongW
NotifyWinEvent
DestroyAcceleratorTable
IsZoomed
GetAsyncKeyState
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
InvalidateRgn
CopyAcceleratorTableW
CharNextW
GetDialogBaseUnits
WaitMessage
SetParent
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
RealChildWindowFromPoint
CharUpperW
SetLayeredWindowAttributes
EnumDisplayMonitors
GetNextDlgGroupItem
IsRectEmpty
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamW
EndDialog
ShowOwnedPopups
PostQuitMessage
IntersectRect
GetKeyNameTextW
EndPaint
BeginPaint
GetWindowDC
TranslateMessage
ValidateRect
ScrollWindowEx
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
SetRectEmpty
DestroyMenu
GetMenuStringW
GetDlgCtrlID
UnionRect
DefWindowProcW
RegisterClassExW
CreateWindowExW
DestroyWindow
UnregisterClassW
UpdateWindow
SetWindowRgn
RegisterWindowMessageW
SetMenuDefaultItem
GetDoubleClickTime
GetDlgItem
CallWindowProcW
LockWindowUpdate
GetTopWindow
GetWindowThreadProcessId
GetWindow
EnumThreadWindows
GetWindowTextW
GetClassNameW
LoadCursorW
CopyIcon
MessageBeep
IsWindow
GetMessagePos
GetKeyState
SendMessageW
PostMessageW
keybd_event
MapVirtualKeyW
ScreenToClient
PtInRect
CheckMenuItem
DrawFrameControl
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetWindowLongW
TrackPopupMenu
PostThreadMessageW
GetCursorPos
PeekMessageW
GetMessageW
LoadIconW
SetForegroundWindow
GetFocus
KillTimer
SetTimer
IsIconic
GetSystemMenu
LoadMenuW
DrawIcon
WindowFromDC
EqualRect
IsWindowVisible
ShowWindow
SetWindowPos
MessageBoxW
RedrawWindow
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
DestroyCursor
LoadImageW
SetCursor
GetWindowLongW
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
SetRect
CopyRect
LoadBitmapW
FillRect
DrawEdge
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
InsertMenuW
ModifyMenuW
RemoveMenu
GetDC
ReleaseDC
GetDesktopWindow
EnableWindow
GetSysColor
GetSysColorBrush
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
DestroyIcon
DrawIconEx
SystemParametersInfoW
GetSystemMetrics
GetMenuItemInfoW
DrawFocusRect
GetClientRect
SetCapture
GetParent
ReleaseCapture
IsMenu
DrawStateW
CreateIconIndirect
GetIconInfo
InflateRect
OffsetRect
FrameRect
GetWindowRect
ClientToScreen
CopyImage

gdi32

SelectObject
CreateDIBSection
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateBitmap
GetStockObject
SetTextColor
SetBkColor
CreateFontW
GetNearestPaletteIndex
RealizePalette
Polygon
CombineRgn
ExtCreateRegion
GetCurrentObject
GetTextMetricsW
StretchBlt
CopyMetaFileW
CreateDCW
GetCharWidthW
StretchDIBits
GetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
StartDocW
GetTextExtentPoint32W
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
DeleteObject
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateRectRgnIndirect
SetRectRgn
GetMapMode
DPtoLP
CreatePalette
GetPaletteEntries
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextColor
GetRgnBox
CreateEllipticRgn
CreatePolygonRgn
Polyline
SetDIBColorTable
GetDIBits
CreateRoundRectRgn
OffsetRgn
RoundRect
EnumFontFamiliesExW
PtInRegion
FrameRgn
SetPixelV
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
FillRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
OffsetWindowOrgEx
DeleteDC
SetPixel
GetPixel
BitBlt
PatBlt
Rectangle
Ellipse
GetBkMode
GetDeviceCaps
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
CreateFontIndirectW
CreateHatchBrush
CreateSolidBrush
SetViewportOrgEx
CreatePen

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW

advapi32

GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueW
RegSetValueExW
RegSetValueW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

SHGetPathFromIDListW
SHGetDesktopFolder
ExtractIconW
SHAddToRecentDocs
SHGetSpecialFolderLocation
DragFinish
SHGetFileInfoW
SHAppBarMessage
SHGetMalloc
Shell_NotifyIconW
ShellExecuteW
SHGetSpecialFolderPathW
SHBrowseForFolderW
DragQueryFileW
ShellExecuteExW

comctl32

ImageList_GetIconSize
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx
ImageList_GetIcon

ole32

StgIsStorageFile
StgOpenStorage
CreateFileMoniker
StgCreateDocfile
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoDisconnectObject
CoInitialize
CoInitializeEx
CoCreateInstance
OleCreateMenuDescriptor
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleDestroyMenuDescriptor
OleTranslateAccelerator
CreateStreamOnHGlobal
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleSave
PropVariantCopy
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
CoUninitialize
CoRegisterClassObject

oleaut32

OleCreateFontIndirect
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SysFreeString
VarDateFromStr
VarBstrFromDate
OleLoadPicture
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocString
SysStringLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayLock
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
VarDecFromStr

oledlg

OleUIBusyW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

hid

HidD_GetPreparsedData
HidD_GetAttributes
HidP_GetCaps
HidP_GetSpecificButtonCaps
HidP_GetSpecificValueCaps
HidP_MaxUsageListLength
HidP_GetUsages
HidP_GetUsageValue
HidP_GetScaledUsageValue
HidD_GetHidGuid

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 571KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 645KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2f88956f4b632cbf7f17046872447f8

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

gdiplus

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

oledlg

setupapi

oleacc

imm32

winmm

hid

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 571KB - Virtual size: 571KB

.data Size: 37KB - Virtual size: 99KB

.rsrc Size: 645KB - Virtual size: 645KB

.reloc Size: 197KB - Virtual size: 197KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 571KB - Virtual size: 571KB

.data
Size: 37KB - Virtual size: 99KB

.rsrc
Size: 645KB - Virtual size: 645KB

.reloc
Size: 197KB - Virtual size: 197KB