7a4a96927a874013c44296133dda3135772769fa2ff9bd422bd9e1f07c1b8bdd

Sharing

Copy URL Twitter E-mail

General

Target

7a4a96927a874013c44296133dda3135772769fa2ff9bd422bd9e1f07c1b8bdd
Size

11.6MB
MD5

056ac2a16ceec7ad551c8b29cb5e12a4
SHA1

b96d5cd95aaf8820ad2c3daaf23b9b12fd590e8c
SHA256

7a4a96927a874013c44296133dda3135772769fa2ff9bd422bd9e1f07c1b8bdd
SHA512

f392abcd744fd50bed6e00dd833d5f0a52a3367b1e5c8abc38431d227f08d4a2fd4d5d795a7f95ded109b159c97ab3e009cdf344f5401afdc05970afd3b48550
SSDEEP

196608:kIMYF5//H3KV5gl7XbAkBLIz4IBZ2exT+GWttYaN3WB5fGlyGw7JQ/rN9GK8wDfb:ki5//mjz4IBQQ+pttY43WB5OEGwJQ/r/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a4a96927a874013c44296133dda3135772769fa2ff9bd422bd9e1f07c1b8bdd

Files

7a4a96927a874013c44296133dda3135772769fa2ff9bd422bd9e1f07c1b8bdd
.exe windows x86

b62430487e672d22f86ffe2e3ba193c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

sensapi

IsDestinationReachableW
IsNetworkAlive

advapi32

AllocateAndInitializeSid
CheckTokenMembership
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
FreeSid
IsTextUnicode
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegGetValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

comctl32

DefSubclassProc
GetWindowSubclass
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_EndDrag
ImageList_GetImageInfo
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetIconSize
InitCommonControls
InitCommonControlsEx
LoadIconWithScaleDown
RemoveWindowSubclass
SetWindowSubclass
_TrackMouseEvent

comdlg32

ChooseColorW
PrintDlgW

crypt32

CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertGetNameStringW
CertNameToStrW
CryptMsgClose
CryptMsgGetParam
CryptQueryObject

dbghelp

ImageNtHeader

dwmapi

DwmSetWindowAttribute

gdi32

BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreateHatchBrush
CreatePatternBrush
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
ExcludeClipRect
ExtCreatePen
ExtTextOutA
ExtTextOutW
GdiAlphaBlend
GetClipRgn
GetDIBits
GetDeviceCaps
GetObjectA
GetObjectW
GetPixel
GetROP2
GetStockObject
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsA
GetTextMetricsW
IntersectClipRect
LineTo
MoveToEx
OffsetWindowOrgEx
PatBlt
Polygon
Polyline
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBits
SetROP2
SetTextAlign
SetTextColor
SetWindowOrgEx
StartDocW
StartPage
StretchBlt

imm32

ImmEscapeW
ImmGetCompositionStringW
ImmGetContext
ImmGetOpenStatus
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionFontW
ImmSetCompositionStringW
ImmSetCompositionWindow
ImmSetConversionStatus

kernel32

AddVectoredExceptionHandler
CancelIo
CloseHandle
CompareFileTime
CopyFileExW
CopyFileW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateMutexW
CreateSemaphoreA
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EnterCriticalSection
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeLibrary
GetACP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatEx
GetDateFormatW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoA
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetStartupInfoW
GetSystemInfo
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount64
GetTickCount
GetTimeFormatEx
GetTimeFormatW
GetVersion
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MoveFileExW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
RaiseException
ReadDirectoryChangesW
ReleaseMutex
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEvent
SetFileAttributesW
SetFilePointerEx
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SuspendThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenW

msvcrt

__mb_cur_max
__p__commode
__p__fmode
__p__wcmdln
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_fdopen
_filelengthi64
_fileno
_fileno
_fstat64
_i64tow
_initterm
_iob
_itoa
_itoa
_itow
_lock
_lseeki64
_onexit
_read
_setjmp3
_strdup
_stricmp
_stricmp
_strnicmp
_strtoi64
_strtoui64
_ui64tow
_ultoa
_unlock
_wcsicmp
_wcsicmp
_wcsnicmp
_wfopen
_write
_wsplitpath_s
_wtof
_wtoi
_wtoi64
abort
atof
atoi
calloc
difftime
div
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fgetwc
fgetws
fopen
fprintf
fputc
fputs
fputwc
fread
free
fseek
fsetpos
ftell
fwprintf
fwrite
getc
getenv
isalnum
isalpha
iscntrl
isgraph
islower
ispunct
isspace
isupper
iswalnum
iswalpha
iswascii
iswctype
iswdigit
iswspace
iswupper
localtime
isxdigit
localeconv
longjmp
malloc
memchr
memcpy
memmove
memset
memcmp
printf
rand
realloc
setlocale
setvbuf
signal
srand
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strspn
strstr
strtol
strtoul
strxfrm
swprintf_s
time
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
wcscat
wcscat_s
wcschr
wcscmp
wcscoll
wcscpy
wcscpy_s
wcsftime
wcslen
wcsncmp
wcsncpy
wcsncpy_s
wcsrchr
wcsstr
wcstok_s
wcstol
wcstombs
wcstoul
wcsxfrm

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize
DoDragDrop
OleInitialize
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

oleaut32

SysAllocStringLen
SysFreeString

shell32

DragFinish
DragQueryFileW
DragQueryPoint
SHCreateDirectory
SHCreateItemFromParsingName
SHFileOperationW
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW

shlwapi

AssocQueryStringW
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
PathAddExtensionW
PathAppendW
PathCombineW
PathCompactPathExW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathGetDriveNumberW
PathIsDirectoryW
PathIsRelativeW
PathMatchSpecW
PathRemoveExtensionW
PathRemoveFileSpecW
PathStripPathW

user32

AdjustWindowRectEx
AppendMenuA
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CallWindowProcW
ChangeClipboardChain
CharLowerW
CharUpperW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyImage
CreateAcceleratorTableW
CreateCaret
CreateDialogIndirectParamW
CreateDialogParamW
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumThreadWindows
FillRect
FindWindowExW
FindWindowW
FlashWindowEx
FrameRect
GetActiveWindow
GetAncestor
GetCapture
GetCaretBlinkTime
GetClassNameA
GetClassNameW
GetClientRect
GetClipboardData
GetComboBoxInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuBarInfo
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessageTime
GetMessageW
GetMonitorInfoA
GetMonitorInfoW
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetUpdateRgn
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthW
GetWindowTextW
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsChild
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorA
LoadCursorW
LoadIconW
LoadImageA
LoadImageW
LoadMenuW
LockWindowUpdate
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
NotifyWinEvent
OffsetRect
OpenClipboard
PostMessageA
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterClipboardFormatA
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
SendDlgItemMessageW
SendMessageA
SendMessageW
SetCapture
SetCaretPos
SetClipboardData
SetClipboardViewer
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMenuItemBitmaps
SetMenuItemInfoW
SetParent
SetPropW
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToAscii
TrackMouseEvent
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WindowFromPoint
mouse_event
wsprintfW

uxtheme

BeginBufferedAnimation
BufferedPaintRenderAnimation
BufferedPaintStopAllAnimations
CloseThemeData
DrawThemeBackground
DrawThemeParentBackground
DrawThemeTextEx
EnableThemeDialogTexture
EndBufferedAnimation
GetThemeBackgroundContentRect
GetThemeFont
GetThemePartSize
GetThemeTransitionDuration
OpenThemeData
SetWindowTheme

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetCrackUrlW

wintrust

WinVerifyTrust

Exports

Exports

CreateLexer@4
GetLexerCount@0
GetLexerFactory@4
GetLexerName@12
GetLibraryPropertyNames@0
GetNameSpace@0
LexerNameFromID@4
SetLibraryProperty@8

Sections

.text
Size: 8.4MB - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 723KB - Virtual size: 723KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 858KB - Virtual size: 857KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b62430487e672d22f86ffe2e3ba193c1

Headers

DLL Characteristics

File Characteristics

Imports

sensapi

advapi32

comctl32

comdlg32

crypt32

dbghelp

dwmapi

gdi32

imm32

kernel32

msvcrt

ole32

oleaut32

shell32

shlwapi

user32

uxtheme

version

wininet

wintrust

Exports

Exports

Sections

.text Size: 8.4MB - Virtual size: 8.4MB

.data Size: 24KB - Virtual size: 24KB

.rdata Size: 723KB - Virtual size: 723KB

.eh_fram Size: 858KB - Virtual size: 857KB

.bss Size: - Virtual size: 85KB

.edata Size: 512B - Virtual size: 278B

.idata Size: 20KB - Virtual size: 20KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 203KB - Virtual size: 203KB

.text
Size: 8.4MB - Virtual size: 8.4MB

.data
Size: 24KB - Virtual size: 24KB

.rdata
Size: 723KB - Virtual size: 723KB

.eh_fram
Size: 858KB - Virtual size: 857KB

.bss
Size: - Virtual size: 85KB

.edata
Size: 512B - Virtual size: 278B

.idata
Size: 20KB - Virtual size: 20KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 203KB - Virtual size: 203KB