7d7d79f3f3fe6531b8513354d31d6b3710aac3b457d8de801272f960d3e2badb

Sharing

Copy URL Twitter E-mail

General

Target

7d7d79f3f3fe6531b8513354d31d6b3710aac3b457d8de801272f960d3e2badb
Size

5.8MB
MD5

80f12932b127bf365d5c3b834db55249
SHA1

57b9b85102192097e4b0dbf13b021580dd4c0ea0
SHA256

7d7d79f3f3fe6531b8513354d31d6b3710aac3b457d8de801272f960d3e2badb
SHA512

880ecad23d59c69aaf0478fd01f24bd8004fe911e599ebe9a46e5b0b2a669e080976c570649c9ebd29109eecfacf8373043921acde554ddec2834d8c7d88e084
SSDEEP

98304:yg+cl1qwJGq2ZhJqJ7IFFM7O9OXefS/euQ+mf8N7bHA3Zm6:y2kwJGq2ZzoUaO9OWS/Xu87TA3Zm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d7d79f3f3fe6531b8513354d31d6b3710aac3b457d8de801272f960d3e2badb

Files

7d7d79f3f3fe6531b8513354d31d6b3710aac3b457d8de801272f960d3e2badb
.exe windows x86

5ddb8ee3eee99bada1750d9a8472fc86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libeay32

ord641
ord2075
ord566
ord578
ord579
ord657
ord7
ord656
ord52
ord109
ord95
ord78
ord3712
ord3765
ord3479
ord399
ord401
ord549
ord909
ord624
ord1653
ord1654
ord66
ord378
ord1882
ord492
ord2081

ssleay32

ord12
ord15
ord21
ord225
ord180
ord28
ord22
ord5
ord78
ord108
ord8
ord75
ord87
ord43
ord341
ord74
ord183
ord48

kernel32

SystemTimeToTzSpecificLocalTime
SetErrorMode
GetCurrentDirectoryW
FindResourceExW
GetTempFileNameW
SearchPathW
GetProfileIntW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
ReadConsoleW
GetConsoleMode
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
SetEvent
GetThreadLocale
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
InitializeCriticalSectionAndSpinCount
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
GetModuleHandleA
GetCurrentThreadId
EncodePointer
OutputDebugStringA
lstrcmpA
CopyFileW
FormatMessageW
GlobalSize
DeleteFileA
DecodePointer
RaiseException
HeapReAlloc
HeapSize
LeaveCriticalSection
EnterCriticalSection
CreateProcessW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetCommandLineW
TerminateProcess
GetCurrentProcessId
CreateNamedPipeW
WaitForSingleObject
ResetEvent
GetCurrentProcess
CreateEventW
LoadLibraryA
lstrcmpW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
HeapFree
GetProcessHeap
HeapAlloc
MoveFileW
FreeResource
GetTempPathW
DeleteFileW
GetSystemDirectoryW
OpenProcess
VerifyVersionInfoW
VerSetConditionMask
lstrcpynW
lstrcmpiW
GetWindowsDirectoryW
lstrcpyW
WinExec
lstrcatW
LoadLibraryExW
WriteFile
LocalUnlock
LocalFree
LocalLock
LocalAlloc
GlobalUnlock
GlobalLock
GetModuleFileNameW
GetModuleHandleW
MulDiv
SetLastError
GetProcAddress
LoadLibraryW
FreeLibrary
GlobalFree
GlobalAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
lstrlenW
OutputDebugStringW
VirtualProtect
WideCharToMultiByte
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualAlloc
DeviceIoControl
MultiByteToWideChar
CloseHandle
ReadFile
SetFilePointer
CreateFileW
GetVersionExW
Sleep
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
LCMapStringW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleCP
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStringTypeW

user32

ValidateRect
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
UnhookWindowsHookEx
GetWindowDC
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuStringW
UnregisterClassW
IsIconic
GetSubMenu
LoadMenuW
PostMessageW
GetNextDlgGroupItem
LoadBitmapW
DrawFocusRect
DrawEdge
GetCapture
GetWindowThreadProcessId
EnumChildWindows
FindWindowW
RegisterWindowMessageW
GetMenuState
GetMenuItemID
GetMenuItemCount
CopyRect
IsRectEmpty
ScrollWindow
ReuseDDElParam
DeleteMenu
SetParent
SetScrollPos
GetScrollPos
SetScrollRange
IsWindowEnabled
ChildWindowFromPoint
ClientToScreen
SetWindowRgn
OffsetRect
EqualRect
ScreenToClient
DefWindowProcW
GetClassInfoW
CopyAcceleratorTableW
DestroyCursor
ShowOwnedPopups
DestroyWindow
WaitMessage
IsDialogMessageW
CreateDialogIndirectParamW
GetAsyncKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RedrawWindow
GetWindowTextW
WinHelpW
SetWindowTextW
MoveWindow
SetForegroundWindow
SetWindowPos
SetFocus
CheckDlgButton
GetSystemMenu
EnableMenuItem
GetClassNameW
SetWindowLongW
GetDlgItem
LoadIconW
SystemParametersInfoW
LoadStringW
GetDialogBaseUnits
EndPaint
GetWindowLongW
BeginPaint
MessageBeep
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
AdjustWindowRectEx
GetClassLongW
GetTopWindow
SetWindowsHookExW
CallNextHookEx
SetScrollInfo
GetScrollInfo
MonitorFromWindow
GetMonitorInfoW
ShowWindow
MessageBoxW
GetLastActivePopup
GetActiveWindow
SetRect
SetCapture
ReleaseCapture
KillTimer
SetTimer
SetDlgItemTextW
IntersectRect
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
CharUpperW
GetKeyNameTextW
MapVirtualKeyW
SendDlgItemMessageA
GetComboBoxInfo
EndDialog
GetNextDlgTabItem
GetDesktopWindow
GetMessageW
CharNextW
SetWindowContextHelpId
UnpackDDElParam
MapDialogRect
wsprintfW
GetClientRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
PeekMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
GetSystemMetrics
GetWindowRect
GetWindow
InvalidateRect
GetSysColor
DrawIcon
EnableWindow
DestroyIcon
LoadCursorW
LoadImageW
IsWindow
SendMessageW
GetSysColorBrush
FillRect
GetParent
InflateRect
DrawIconEx
GetIconInfo
GetDC
CreateIconIndirect
ReleaseDC
ShowCursor
SetCursor
InvalidateRgn
SetLayeredWindowAttributes
EnumDisplayMonitors
IsZoomed
DestroyMenu
GetMenuItemInfoW
DrawStateW
RealChildWindowFromPoint
CopyImage
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
CopyIcon
InsertMenuItemW
TrackMouseEvent
MapWindowPoints
GetCursorPos
PtInRect
WindowFromPoint
NotifyWinEvent
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
LockWindowUpdate
HideCaret
InvertRect
SetClassLongW
DrawFrameControl
SetCursorPos
FrameRect
RegisterClipboardFormatW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CharUpperBuffW
ModifyMenuW
PostThreadMessageW
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
GetDoubleClickTime
MapVirtualKeyExW
IsCharLowerW
SetRectEmpty

gdi32

GetViewportExtEx
GetWindowExtEx
IntersectClipRect
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetStockObject
Ellipse
LPtoDP
GetBkColor
GetTextColor
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SetPixel
SetDIBColorTable
Polygon
Polyline
RoundRect
ExtFloodFill
SetPaletteEntries
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
GetObjectType
GetClipBox
ExcludeClipRect
CreatePatternBrush
CreateHatchBrush
CopyMetaFileW
GetPixel
CreatePolygonRgn
CreateRoundRectRgn
OffsetRgn
CombineRgn
CreateRectRgn
SelectClipRgn
FillRgn
FrameRgn
GetDeviceCaps
SetTextJustification
GetTextMetricsW
SetBkMode
LineTo
MoveToEx
StretchBlt
CreateBitmap
CreateDIBSection
GetObjectW
SetTextColor
SetBkColor
CreateDCW
SetDIBits
GetDIBits
Rectangle
CreatePen
GetTextExtentPoint32W
CreateSolidBrush
CreateFontIndirectW
CreateFontW
Escape
ExtTextOutW
TextOutW
RectVisible
SetBoundsRect
BitBlt
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateEllipticRgn
PtVisible
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegSetValueExW
RegEnumValueW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFolderPathW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage

comctl32

ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent
ord17
InitCommonControlsEx

shlwapi

StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
StrCmpW

uxtheme

GetThemeColor
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground

ole32

CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx

oleaut32

LoadTypeLi
OleCreateFontIndirect
VariantChangeType
SysAllocStringLen
SysFreeString
VariantClear
VariantInit
SysAllocString
SafeArrayDestroy
SysStringLen
VariantCopy
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdiplusShutdown
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

iphlpapi

GetIpForwardTable
CreateIpForwardEntry
GetAdaptersAddresses

ws2_32

getsockname
getsockopt
closesocket
connect
htons
socket
ioctlsocket
setsockopt
WSAGetLastError
select
WSAStartup
WSACleanup
gethostbyname
inet_ntoa
htonl
inet_addr
ntohl

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ddb8ee3eee99bada1750d9a8472fc86

Headers

DLL Characteristics

File Characteristics

Imports

libeay32

ssleay32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

iphlpapi

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 412KB - Virtual size: 411KB

.data Size: 182KB - Virtual size: 235KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 3.3MB - Virtual size: 3.3MB

.reloc Size: 139KB - Virtual size: 139KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 412KB - Virtual size: 411KB

.data
Size: 182KB - Virtual size: 235KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

.reloc
Size: 139KB - Virtual size: 139KB