10a5e3479ca15acb2add6bb47dde600ea7abb653f18eb338e37f73abdcdd7f55

Sharing

Copy URL Twitter E-mail

General

Target

10a5e3479ca15acb2add6bb47dde600ea7abb653f18eb338e37f73abdcdd7f55
Size

3.1MB
MD5

aa020938033217068764d0702f7eb7ec
SHA1

b3f23a1998d33be8c02348b6b700b265d8e32d35
SHA256

10a5e3479ca15acb2add6bb47dde600ea7abb653f18eb338e37f73abdcdd7f55
SHA512

b7e87166673e381658708e8b435ff00b724ae603cc4be7aeda107487c09472fc4f3e55d308bf772a0223fa0d167bd7cd59b5aca898fd61c45dde9e4c71be7c31
SSDEEP

49152:8Zh11kzeKABV1LEDRyJpssBc/9/zy8PfkkJwgdhGtC4Kt83SFGbWT:oh1uMZUyTLirBfkkqwkC4Kt83S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a5e3479ca15acb2add6bb47dde600ea7abb653f18eb338e37f73abdcdd7f55

Files

10a5e3479ca15acb2add6bb47dde600ea7abb653f18eb338e37f73abdcdd7f55
.exe windows x86

efa72594efd3b32d7109372067795b96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCloseKey
RegEnumKeyExA
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash

ws2_32

WSASetLastError
gethostname
ioctlsocket
listen
accept
recvfrom
sendto
getservbyport
gethostbyaddr
getservbyname
htonl
inet_ntoa
gethostbyname
inet_addr
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
send
recv
select
WSAGetLastError
__WSAFDIsSet
ntohl
WSAStartup
WSACleanup
WSAIoctl

wldap32

ord22
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211

kernel32

GetACP
GetFileAttributesA
GetFileTime
GetFullPathNameA
GetTempFileNameA
GetUserDefaultLCID
CreateFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
SetErrorMode
VirtualProtect
FindResourceExW
GetSystemInfo
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetCommandLineA
RtlUnwind
CreateThread
ExitThread
SetFilePointerEx
SetStdHandle
GetSystemDefaultUILanguage
GetModuleHandleExW
HeapQueryInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
IsValidCodePage
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetFileAttributesExW
MoveFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadConsoleW
GetFileInformationByHandle
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetEnvironmentVariableA
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
CreateFileW
GetFullPathNameW
GetCurrentDirectoryW
GetOEMCP
GlobalFlags
AreFileApisANSI
GetUserDefaultUILanguage
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
GetSystemTime
SystemTimeToFileTime
MultiByteToWideChar
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSectionEx
DeleteFileA
GetLocaleInfoW
CompareStringW
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentDirectoryA
GetShortPathNameA
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
RaiseException
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetThreadLocale
lstrcmpiA
ResumeThread
SuspendThread
SetThreadPriority
SetEvent
CreateEventA
lstrcmpA
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
CopyFileA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
WaitForMultipleObjects
HeapSize
PeekNamedPipe
ReadFile
FormatMessageA
WaitForSingleObject
CloseHandle
GetModuleHandleA
LoadLibraryA
GetSystemDirectoryA
SleepEx
GetTickCount
InitializeCriticalSection
FreeLibrary
GetVersionExA
GetProcAddress
SetLastError
GetCurrentThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
SetThreadExecutionState
SetFileAttributesA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
DecodePointer
ExitProcess

user32

NotifyWinEvent
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
SetParent
SendNotifyMessageA
CopyAcceleratorTableA
RegisterClipboardFormatA
InvalidateRgn
GetNextDlgGroupItem
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetClassLongA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageW
CharUpperBuffA
ModifyMenuA
CopyIcon
FrameRect
PostThreadMessageA
WaitMessage
GetIconInfo
HideCaret
InvertRect
CreateMenu
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetUpdateRect
SubtractRect
GetComboBoxInfo
GetWindowRgn
WindowFromPoint
SetWindowRgn
DeleteMenu
GetSystemMenu
GetAsyncKeyState
CharUpperA
TrackMouseEvent
RealChildWindowFromPoint
CopyImage
EnumDisplayMonitors
SetLayeredWindowAttributes
GetSysColorBrush
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
CharNextA
DestroyCursor
LoadCursorW
LoadCursorA
SetCursorPos
IsZoomed
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
SetRectEmpty
SetCursor
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
OffsetRect
SetRect
MessageBeep
ReleaseCapture
SetCapture
IsClipboardFormatAvailable
CountClipboardFormats
TranslateMessage
GetMessageA
IntersectRect
InflateRect
MapVirtualKeyA
GetKeyNameTextA
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
GetClassNameA
FillRect
InvalidateRect
DrawStateA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
SetForegroundWindow
ShowWindow
FindWindowA
UpdateWindow
UnregisterClassA
PeekMessageA
GetParent
GetCursorPos
ClientToScreen
GetSubMenu
LoadMenuW
DrawIcon
GetSystemMetrics
IsIconic
LoadIconA
LoadIconW
PostMessageA
GetWindowRect
SetWindowLongA
GetWindowLongA
SendMessageA
KillTimer
ReleaseDC
GetClientRect
GetDC
SetTimer
EnableWindow
ScreenToClient

gdi32

CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
CreateBitmap
SetTextColor
SetBkColor
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
GetStockObject
CreateSolidBrush
GetDeviceCaps
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
CreateDCA
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
CreateFontIndirectA
GetMapMode
SetRectRgn
DPtoLP
GetTextExtentPoint32A
CreateFontA
GetCharWidthA
StretchDIBits
GetTextMetricsA
GetBkColor
GetTextColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
GetWindowOrgEx
CreateEllipticRgn
Ellipse
LPtoDP
GetRgnBox
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
OffsetRgn
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
SetPixelV
GetTextFaceA
CopyMetaFileA
GetPixel
BitBlt
CreateCompatibleBitmap
GetDIBColorTable
StretchBlt
SetBrushOrgEx
SetStretchBltMode
CreateDIBSection
GetObjectA
CreateCompatibleDC
SetDIBColorTable
SelectObject
DeleteDC
SetWindowExtEx
DeleteObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

SHBrowseForFolderA
SHAppBarMessage
SHGetDesktopFolder
SHGetFileInfoA
DragAcceptFiles
DragFinish
DragQueryFileA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
Shell_NotifyIconA

shlwapi

PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFileExistsA
PathFindExtensionA
PathFindFileNameA

uxtheme

IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
IsAppThemed
DrawThemeParentBackground
DrawThemeText
DrawThemeBackground
GetThemePartSize
OpenThemeData
CloseThemeData
GetThemeColor

ole32

CoCreateInstance
RevokeDragDrop
RegisterDragDrop
CoInitialize
CoRevokeClassObject
CoUninitialize
CoInitializeEx
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoCreateGuid
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoLockObjectExternal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleSetMenuDescriptor
CreateStreamOnHGlobal
GetHGlobalFromILockBytes
OleGetIconOfClass
OleLockRunning
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateItemMoniker
CreateGenericComposite
StgCreateDocfileOnILockBytes
OleGetClipboard
CreateILockBytesOnHGlobal
CreateFileMoniker
StgOpenStorageOnILockBytes
CoDisconnectObject
CLSIDFromProgID
SetConvertStg
CLSIDFromString
CoRegisterMessageFilter

oleaut32

SysAllocString
VarBstrFromDate
VariantCopy
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy

oledlg

ord8
ord11
ord4
ord3

gdiplus

GdiplusShutdown
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdiplusStartup
GdipSetInterpolationMode
GdipCreateBitmapFromFile
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 521KB - Virtual size: 521KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efa72594efd3b32d7109372067795b96

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ws2_32

wldap32

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 521KB - Virtual size: 521KB

.data Size: 44KB - Virtual size: 80KB

.rsrc Size: 245KB - Virtual size: 244KB

.reloc Size: 173KB - Virtual size: 173KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 521KB - Virtual size: 521KB

.data
Size: 44KB - Virtual size: 80KB

.rsrc
Size: 245KB - Virtual size: 244KB

.reloc
Size: 173KB - Virtual size: 173KB