a3f851534e3e5015c6ca9f2a7dda82ae335f162bbd4c871258046b3424ba6169

Sharing

Copy URL

Twitter E-mail

General

Target

a3f851534e3e5015c6ca9f2a7dda82ae335f162bbd4c871258046b3424ba6169
Size

2.2MB
MD5

98c5f2645e10bdb00058492004106e62
SHA1

fb83e3659bc9900c36a487e785782839a3ba4c9f
SHA256

a3f851534e3e5015c6ca9f2a7dda82ae335f162bbd4c871258046b3424ba6169
SHA512

578d054cff63d9023bc0ddbc4f85b97a39021ddfc04b75513f2447970b352af7bd4e25a8606a84c0a0df54ced9d16259f8133d456b3b3bc0a95f3cfe22d55cd5
SSDEEP

49152:i9crVxP3sD9yACpftCvp494t1xzFlBsP3pjtJT/ueHjhxf1q:VVaD9yACLZ94t1xhlBsPxtJT/u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3f851534e3e5015c6ca9f2a7dda82ae335f162bbd4c871258046b3424ba6169

Files

a3f851534e3e5015c6ca9f2a7dda82ae335f162bbd4c871258046b3424ba6169
.exe windows x86

f0b88de48ec57be8015da32525613fa6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetReadFile
InternetCloseHandle

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter
GetJobW

comctl32

InitCommonControlsEx

uxtheme

GetCurrentThemeName
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetThemeSysColor

kernel32

GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
RaiseException
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
FindResourceExW
GetWindowsDirectoryW
SetErrorMode
SearchPathW
GetProfileIntW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
TerminateProcess
SetUnhandledExceptionFilter
FormatMessageA
RtlUnwind
GetCommandLineA
GetCommandLineW
GetSystemInfo
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetStdHandle
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GetTempPathW
SetFilePointer
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
VerifyVersionInfoW
VerSetConditionMask
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
GlobalGetAtomNameW
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GlobalAddAtomW
GetTickCount64
lstrcpyW
GlobalReAlloc
InitializeCriticalSectionAndSpinCount
CloseHandle
GetFileSize
CreateFileW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
lstrcmpW
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
WideCharToMultiByte
CopyFileW
FormatMessageW
LocalFree
GlobalFree
GlobalSize
GlobalAlloc
SetLastError
GetModuleFileNameW
GetCurrentProcessId
MulDiv
GlobalLock
GlobalUnlock
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
FreeLibrary
VirtualFree
VirtualProtect
IsBadReadPtr
VirtualAlloc
GetProcessHeap
Sleep
LoadLibraryA
GetProcAddress
DeleteCriticalSection
DecodePointer
LoadResource
LockResource
SizeofResource
FindResourceW
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
LCMapStringW
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
WriteConsoleW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
UnhandledExceptionFilter
GetModuleHandleExW
HeapQueryInformation
QueryPerformanceFrequency
SetStdHandle
GetFileType

advapi32

RegSetValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
RegEnumValueW
RegCloseKey

shell32

DragQueryFileW
DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAddToRecentDocs
SHGetFileInfoW
SHAppBarMessage
ExtractIconW
ShellExecuteW

oledlg

OleUIBusyW

gdi32

CreatePalette
GetTextFaceW
GetWindowOrgEx
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
GetCharWidthW
Polyline
Polygon
CreatePolygonRgn
GetBkColor
LPtoDP
Ellipse
CreateEllipticRgn
Rectangle
GetViewportOrgEx
GetTextColor
OffsetRgn
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CreateRoundRectRgn
GetTextMetricsW
GetTextExtentPoint32W
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
PatBlt
GetDIBits
CombineRgn
DPtoLP
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
CreateFontIndirectW
CreateCompatibleBitmap
CreateDCW
CopyMetaFileW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
FillRgn
ExtTextOutW
GetPaletteEntries
MoveToEx
GetObjectW
StartDocW
SetTextAlign
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteDC
ExtFloodFill
GetBoundsRect
PtInRegion
TextOutW
SetPaletteEntries
EnumFontFamiliesExW
RoundRect
GetNearestPaletteIndex
GetSystemPaletteEntries
SetPixelV
FrameRgn

shlwapi

PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown

msimg32

AlphaBlend
TransparentBlt

user32

PostThreadMessageW
WaitMessage
IsWindow
LoadMenuW
DestroyMenu
GetClientRect
GetWindowRect
GetDesktopWindow
DrawStateW
InvalidateRect
GetClassNameW
LoadBitmapW
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
GetFocus
GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
IsChild
IsWindowVisible
SetRectEmpty
CopyRect
IsIconic
GetDlgCtrlID
AdjustWindowRectEx
SetRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IntersectRect
IsRectEmpty
DestroyIcon
LoadImageW
CopyImage
SetTimer
KillTimer
GetSystemMetrics
InflateRect
GetIconInfo
RegisterWindowMessageW
TrackMouseEvent
BeginDeferWindowPos
EndDeferWindowPos
CharUpperW
SetFocus
GetAsyncKeyState
GetCapture
SetCapture
ReleaseCapture
GetSystemMenu
CheckMenuItem
EnableMenuItem
DeleteMenu
SetWindowRgn
SetCursor
WindowFromPoint
EqualRect
LoadCursorW
NotifyWinEvent
DrawFrameControl
IsMenu
GetKeyState
GetMenuItemInfoW
GetClassLongW
DestroyAcceleratorTable
GetTopWindow
GetWindow
CreatePopupMenu
ModifyMenuW
TrackPopupMenu
MonitorFromPoint
GetMonitorInfoW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
DispatchMessageW
SetWindowPos
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
SetDlgItemTextW
CheckDlgButton
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetWindowLongW
IsDialogMessageW
GetMessageW
ValidateRect
ShowOwnedPopups
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetWindowPlacement
SetWindowPlacement
DeferWindowPos
GetMenu
SetMenu
GetForegroundWindow
SetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
MapWindowPoints
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RealChildWindowFromPoint
GetSysColorBrush
SetParent
SetLayeredWindowAttributes
EnumDisplayMonitors
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SendDlgItemMessageA
DestroyCursor
DrawIcon
DrawEdge
DrawFocusRect
DrawIconEx
IsClipboardFormatAvailable
GetDoubleClickTime
GetKeyNameTextW
CharUpperBuffW
SetCursorPos
CopyIcon
FrameRect
GetComboBoxInfo
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
CharNextW
InvalidateRgn
GetNextDlgGroupItem
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetTabbedTextExtentW
CreateMenu
GetWindowRgn
HideCaret
InvertRect
TranslateMessage
PostQuitMessage
PostMessageW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
SendMessageW
FillRect
GetSysColor
ScreenToClient
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UpdateWindow
ClientToScreen
UnregisterClassW
EnableWindow
PeekMessageW
RegisterClipboardFormatW

ole32

CoInitializeEx
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
OleFlushClipboard
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleIsCurrentClipboard
DoDragDrop
OleLockRunning
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CoCreateGuid

oleaut32

VarBstrFromDate
VariantCopy
SafeArrayDestroy
SysFreeString
OleCreateFontIndirect
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 379KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0b88de48ec57be8015da32525613fa6

Headers

DLL Characteristics

File Characteristics

Imports

wininet

winspool.drv

comctl32

uxtheme

kernel32

advapi32

shell32

oledlg

gdi32

shlwapi

gdiplus

msimg32

user32

ole32

oleaut32

imm32

oleacc

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 379KB - Virtual size: 378KB

.data Size: 47KB - Virtual size: 66KB

.data1 Size: 14KB - Virtual size: 14KB

.trace Size: 8KB - Virtual size: 8KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 148KB - Virtual size: 147KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 379KB - Virtual size: 378KB

.data
Size: 47KB - Virtual size: 66KB

.data1
Size: 14KB - Virtual size: 14KB

.trace
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 148KB - Virtual size: 147KB