3ea58c0b29c280e90fde5dd89309532b251f7c3e913d05af956d3e96ab856ac8

Sharing

Copy URL Twitter E-mail

General

Target

3ea58c0b29c280e90fde5dd89309532b251f7c3e913d05af956d3e96ab856ac8
Size

2.3MB
MD5

d8c58fcd593e78c5ab7cac910d0e8624
SHA1

076c518b104e53f904beaceb58e7c9d90e2336e2
SHA256

3ea58c0b29c280e90fde5dd89309532b251f7c3e913d05af956d3e96ab856ac8
SHA512

22935c0460334f4ea88858a7a7eb3a9012901d14608ac758a002c48b15636a3f7cc7e93ac081325c76a55490b81abe50b02bfe3b2ccc376c8e9b11a037560450
SSDEEP

49152:4iRyONxzDvR48Y4dG+swNqfyvKFjTBCXYqWUHfomFA2vXaUX:4nAJvR3Y4dlswNqfKKFjTBCX9HfomFAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ea58c0b29c280e90fde5dd89309532b251f7c3e913d05af956d3e96ab856ac8

Files

3ea58c0b29c280e90fde5dd89309532b251f7c3e913d05af956d3e96ab856ac8
.exe windows x86

48574dfeff7d0a3231aa68f8e59e144e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

comctl32

InitCommonControlsEx

uxtheme

DrawThemeText
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor

kernel32

WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
ResetEvent
GetWindowsDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SearchPathW
GetProfileIntW
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetStringTypeExW
MoveFileW
SetErrorMode
FindResourceExW
LoadLibraryExA
RtlUnwind
GetSystemInfo
VirtualQuery
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetFileType
SetStdHandle
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetTempPathW
SetFilePointer
GetCurrentDirectoryW
VerifyVersionInfoW
VerSetConditionMask
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
FileTimeToSystemTime
GlobalFlags
GlobalGetAtomNameW
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GlobalAddAtomW
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThread
GetTickCount64
CopyFileW
FormatMessageW
lstrcpyW
lstrcmpW
GlobalSize
GlobalReAlloc
GlobalAlloc
InitializeCriticalSectionAndSpinCount
CloseHandle
GetFileSize
CreateFileW
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
GetCurrentThreadId
SetLastError
GetModuleFileNameW
GetCurrentProcessId
MulDiv
GlobalLock
GlobalUnlock
GetCPInfo
GetStringTypeW
LocalFree
EncodePointer
LCMapStringEx
WideCharToMultiByte
MultiByteToWideChar
FormatMessageA
DecodePointer
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
GetLastError
HeapDestroy
HeapSize
HeapReAlloc
VirtualAlloc
HeapAlloc
IsBadReadPtr
VirtualProtect
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualFree
GetProcessHeap
HeapFree
FindResourceW
LoadResource
LockResource
SizeofResource
GetStdHandle
ExitProcess
LCMapStringW
IsValidLocale
WriteConsoleW
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
RaiseException
GetModuleHandleExW
HeapQueryInformation
QueryPerformanceFrequency

advapi32

RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
GetFileSecurityW
SetFileSecurityW
RegSetValueW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExW

shell32

DragQueryFileW
DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteW
SHAppBarMessage
ExtractIconW
SHAddToRecentDocs

oledlg

OleUIBusyW

gdi32

GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
GetCharWidthW
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
CreatePalette
Polyline
Polygon
CreatePolygonRgn
GetBkColor
LPtoDP
Ellipse
CreateEllipticRgn
Rectangle
GetViewportOrgEx
GetTextColor
OffsetRgn
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CopyMetaFileW
CreateRoundRectRgn
GetTextMetricsW
GetTextExtentPoint32W
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
PatBlt
GetDIBits
CombineRgn
DPtoLP
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
CreateDCW
CreateFontIndirectW
CreateCompatibleBitmap
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
FrameRgn
ExtTextOutW
GetWindowOrgEx
MoveToEx
GetObjectW
StartDocW
SetTextAlign
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteDC
GetTextFaceW
GetBoundsRect
PtInRegion
TextOutW
FillRgn
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
RoundRect
SetPixelV
GetTextAlign

shlwapi

StrFormatKBSizeW
PathRemoveFileSpecW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown

msimg32

AlphaBlend
TransparentBlt

user32

GetWindowRect
GetDesktopWindow
GetFocus
GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
DrawStateW
InvalidateRect
GetClassNameW
LoadBitmapW
IsChild
IsWindowVisible
SetRectEmpty
CopyRect
IsIconic
GetDlgCtrlID
AdjustWindowRectEx
SetRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IntersectRect
IsRectEmpty
DestroyIcon
LoadImageW
CopyImage
SetTimer
KillTimer
GetSystemMetrics
InflateRect
GetIconInfo
RegisterWindowMessageW
TrackMouseEvent
BeginDeferWindowPos
EndDeferWindowPos
CharUpperW
SetFocus
GetAsyncKeyState
GetCapture
SetCapture
ReleaseCapture
GetSystemMenu
CheckMenuItem
EnableMenuItem
DeleteMenu
SetWindowRgn
SetCursor
WindowFromPoint
EqualRect
LoadCursorW
NotifyWinEvent
DrawFrameControl
IsMenu
GetKeyState
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoW
GetClassLongW
DestroyAcceleratorTable
GetTopWindow
GetWindow
CreatePopupMenu
ModifyMenuW
TrackPopupMenu
MonitorFromPoint
GetMonitorInfoW
CharUpperBuffW
LockWindowUpdate
MapWindowPoints
GetMenuStringW
GetMenuState
InsertMenuW
AppendMenuW
GetSubMenu
RegisterClipboardFormatW
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
SetDlgItemTextW
CheckDlgButton
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetWindowLongW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetMessageW
ValidateRect
ShowOwnedPopups
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetWindowPlacement
SetWindowPlacement
DeferWindowPos
GetMenu
SetMenu
GetForegroundWindow
SetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RealChildWindowFromPoint
SetParent
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
CopyAcceleratorTableW
EnumChildWindows
SetClassLongW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SendDlgItemMessageA
DestroyCursor
DrawIcon
DrawEdge
DrawFocusRect
DrawIconEx
IsClipboardFormatAvailable
GetDoubleClickTime
GetKeyNameTextW
SetCursorPos
CopyIcon
FrameRect
GetComboBoxInfo
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetNextDlgGroupItem
CharNextW
InvalidateRgn
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetTabbedTextExtentW
CreateMenu
GetWindowRgn
HideCaret
InvertRect
DestroyMenu
LoadMenuW
IsWindow
WaitMessage
PostThreadMessageW
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
SendMessageW
FillRect
GetSysColor
ScreenToClient
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UpdateWindow
UnregisterClassW
ClientToScreen
EnableWindow
GetClientRect
RemoveMenu

ole32

CoInitializeEx
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleDuplicateData
OleFlushClipboard
StringFromCLSID
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
OleIsCurrentClipboard
DoDragDrop
OleLockRunning
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
ReleaseStgMedium

oleaut32

VariantCopy
VarBstrFromDate
SafeArrayDestroy
OleCreateFontIndirect
SysFreeString
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadTypeLi

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48574dfeff7d0a3231aa68f8e59e144e

Headers

DLL Characteristics

File Characteristics

Imports

wininet

winspool.drv

comctl32

uxtheme

kernel32

advapi32

shell32

oledlg

gdi32

shlwapi

gdiplus

msimg32

user32

ole32

oleaut32

imm32

oleacc

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 414KB - Virtual size: 413KB

.data Size: 57KB - Virtual size: 78KB

.data1 Size: 9KB - Virtual size: 9KB

.trace Size: 12KB - Virtual size: 11KB

_RDATA Size: 1KB - Virtual size: 1KB

.debug_o Size: 2KB - Virtual size: 2KB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 152KB - Virtual size: 151KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 414KB - Virtual size: 413KB

.data
Size: 57KB - Virtual size: 78KB

.data1
Size: 9KB - Virtual size: 9KB

.trace
Size: 12KB - Virtual size: 11KB

_RDATA
Size: 1KB - Virtual size: 1KB

.debug_o
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 152KB - Virtual size: 151KB