935ad6174929a11292e06bc282c301c43edb34959ae6d09f3a9bc265b8663b32

Sharing

Copy URL Twitter E-mail

General

Target

935ad6174929a11292e06bc282c301c43edb34959ae6d09f3a9bc265b8663b32
Size

2.2MB
MD5

e1e070acfd1baa849fbead819524e946
SHA1

b890d3e184d9a3024d6efbb9b5bde07d97ad1a12
SHA256

935ad6174929a11292e06bc282c301c43edb34959ae6d09f3a9bc265b8663b32
SHA512

6d8374a4dd5673d792edd77eeb2241d242b40b22a15ab2dc57d9b7b838ab0c87c3352594cd9e7a2a651a65291fddeaa8e821e3c8fc01790bb384709e04d1d1c4
SSDEEP

49152:OQTK/B/asTQmN/lMo3hMzEDVAf9y4mekxrWmZ0PecwATbICWkMM/:bK/YsTQM/lMo3kEDVUy4mekxrQmcwATr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
935ad6174929a11292e06bc282c301c43edb34959ae6d09f3a9bc265b8663b32

Files

935ad6174929a11292e06bc282c301c43edb34959ae6d09f3a9bc265b8663b32
.exe windows x86

b68c9c6f1a3d54b6cf6565f4b6742d74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

kernel32

CreateEventA
DeviceIoControl
GetLastError
LoadLibraryA
GetCurrentDirectoryW
FindFirstFileExA
GetDriveTypeA
GetOverlappedResult
GetProcAddress
FreeLibrary
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
lstrcmpW
MultiByteToWideChar
SetLastError
DeactivateActCtx
ActivateActCtx
LoadLibraryW
CompareStringA
GetModuleHandleA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
MulDiv
lstrlenW
LocalFree
FormatMessageA
GlobalAlloc
GlobalSize
CopyFileA
GetModuleFileNameA
GetCurrentProcessId
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GlobalFlags
GetACP
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetThreadLocale
FileTimeToSystemTime
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetWindowsDirectoryA
GetNumberFormatA
GetTempFileNameA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
RtlUnwind
RaiseException
HeapFree
EncodePointer
DecodePointer
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
ExitProcess
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
HeapCreate
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetTempPathA
GetTickCount
DeleteFileA
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
Sleep
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
GetFileInformationByHandle
GetDriveTypeW

user32

TranslateMessage
GetMessageA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
InflateRect
IntersectRect
PostQuitMessage
SetCursor
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
GetMenuItemInfoA
DestroyMenu
SystemParametersInfoA
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorA
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
DeleteMenu
KillTimer
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperA
CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
RedrawWindow
GetMenuDefaultItem
CreatePopupMenu
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetIconInfo
CopyImage
LoadImageA
DrawIconEx
LoadMenuW
IsZoomed
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
SetMenuDefaultItem
SetParent
DestroyAcceleratorTable
SetClassLongA
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
PostThreadMessageA
FrameRect
CopyIcon
CharUpperBuffA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
SubtractRect
DestroyCursor
GetWindowRgn
MapVirtualKeyA
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
EnableWindow
SendMessageA
IsWindowVisible
IsWindow
PostMessageA
GetWindowRect
GetClientRect
SetTimer
SetWindowRgn
FillRect
InvalidateRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
wsprintfA
LoadIconW
GetDesktopWindow
AppendMenuA
GetSystemMenu
SetWindowLongA
GetWindowLongA
DrawIcon
GetSystemMetrics
IsIconic
UnregisterDeviceNotification
RegisterDeviceNotificationA
GetKeyNameTextA
ReleaseDC
ValidateRect
GetWindowThreadProcessId
DrawStateA
GetMenuStringA
InsertMenuA
CheckDlgButton
RemoveMenu
GetDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetMenuState

gdi32

SetWindowExtEx
CreatePolygonRgn
CreateEllipticRgn
Ellipse
Polygon
SetDIBColorTable
PatBlt
GetDeviceCaps
CopyMetaFileA
CreateDCA
DeleteObject
CreateSolidBrush
GetStockObject
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
CreatePen
CreateFontA
SetBrushOrgEx
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetBrushOrgEx
ScaleWindowExtEx
DPtoLP
GetMapMode
LPtoDP
CreateRoundRectRgn
CreatePatternBrush
SetPixelV
Polyline
GetBkMode
GetTextColor
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextAlign
GetLayout
CreateDIBSection
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetTextMetricsA
GetTextExtentPoint32A
CombineRgn
SetRectRgn
CreateFontIndirectA
CreateHatchBrush
GetObjectType
SelectPalette
DeleteDC
ExtSelectClipRgn
CreateRectRgnIndirect
CreateBitmap
GetObjectA
SetBkColor
GetBkColor
SetTextColor
GetTextFaceA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
OffsetRgn
Rectangle
SetPixel
StretchBlt

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord8

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromStream

wldap32

ord22
ord143
ord60
ord33
ord50
ord46
ord41
ord27
ord301
ord211
ord26
ord30
ord200
ord79
ord35
ord32

ws2_32

WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
WSAIoctl
ntohl
htonl
gethostname
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSACleanup

crypt32

CertFreeCertificateContext

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

CryptAcquireContextA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptReleaseContext
CryptGenRandom
CryptImportKey
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt

ole32

CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoRevokeClassObject

oleaut32

SysFreeString
SysAllocStringByteLen
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocString

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b68c9c6f1a3d54b6cf6565f4b6742d74

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

oledlg

gdiplus

wldap32

ws2_32

crypt32

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 343KB - Virtual size: 342KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 118KB - Virtual size: 118KB

.reloc Size: 181KB - Virtual size: 181KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 343KB - Virtual size: 342KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 118KB - Virtual size: 118KB

.reloc
Size: 181KB - Virtual size: 181KB