a7c35885be384a405f6445fafc337c30ab7fd0c136c9dcf6448cc2f1abffb7e4

Sharing

Copy URL

Twitter E-mail

General

Target

a7c35885be384a405f6445fafc337c30ab7fd0c136c9dcf6448cc2f1abffb7e4
Size

2.0MB
MD5

0ed8fdc29c44611041afeda7e0440382
SHA1

b6a8b1670c5b5ba5c76433628b3e2bd9ae01efc2
SHA256

a7c35885be384a405f6445fafc337c30ab7fd0c136c9dcf6448cc2f1abffb7e4
SHA512

3667a54ea18a0bc3eb2c990386860b3af5825b08b495fc07e6db88345bab4e94f10754e5e495e2ce467f631504a5827444a1312cba3447ead85289ef634e030d
SSDEEP

49152:11EY449YgiTNVV31KuZT8BYyaCgE/JOsgF1miMUYl+t6nAfsBJqWsaFKOg+c60Cd:11EYX9ETr51KuZTIYy/jhOZF8UYl+t6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c35885be384a405f6445fafc337c30ab7fd0c136c9dcf6448cc2f1abffb7e4

Files

a7c35885be384a405f6445fafc337c30ab7fd0c136c9dcf6448cc2f1abffb7e4
.exe windows x86

cfc83da8bd88282f47d7568b350db941

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
VirtualAlloc
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
SetStdHandle
GetCommandLineA
RtlUnwind
RaiseException
QueryPerformanceFrequency
GetFileType
GetStdHandle
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SearchPathW
GetProfileIntW
GetTickCount64
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
lstrcpyW
GetCurrentDirectoryW
SetErrorMode
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
ExitProcess
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WritePrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
CreateEventW
lstrcmpA
GetCurrentThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
MoveFileW
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
EncodePointer
OutputDebugStringA
CopyFileW
FormatMessageW
MulDiv
GlobalSize
GetCommandLineW
SetDllDirectoryW
MultiByteToWideChar
GetDiskFreeSpaceExW
CreateThread
WaitForSingleObject
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
RemoveDirectoryW
DeviceIoControl
GetProcessId
GetSystemWindowsDirectoryW
SetCurrentDirectoryW
FindClose
QueryPerformanceCounter
GetSystemInfo
GetCurrentThreadId
FindNextFileW
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetWindowsDirectoryW
GetSystemTimeAsFileTime
GetVersionExW
GetModuleHandleW
GetModuleFileNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
ReadFile
Sleep
GetSystemDirectoryW
OpenProcess
CreateProcessW
GetExitCodeProcess
SetLastError
TerminateProcess
GetCurrentProcess
LocalFree
GetLastError
CreateMutexW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteFileW
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
WideCharToMultiByte
GetCurrentProcessId
ProcessIdToSessionId
SizeofResource
OutputDebugStringW
FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
GetPrivateProfileStringW
FindResourceW
LoadResource
LockResource
ExitThread
LoadLibraryExA

user32

WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
RealChildWindowFromPoint
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
GetSysColorBrush
ShowOwnedPopups
GetActiveWindow
TranslateMessage
GetMessageW
PostQuitMessage
CharUpperW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
IsWindowEnabled
FillRect
ClientToScreen
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetParent
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetActiveWindow
UpdateWindow
TrackPopupMenu
InvalidateRect
DestroyIcon
TrackMouseEvent
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
SwitchToThisWindow
IsWindow
FindWindowW
MessageBoxW
UnregisterClassW
EnableWindow
GetCursorPos
SetLayeredWindowAttributes
RedrawWindow
ReleaseDC
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetNextDlgGroupItem
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
DeleteMenu
DestroyAcceleratorTable
LoadImageW
SetRect
GetClientRect
GetWindowThreadProcessId
GetDesktopWindow
GetWindowTextW
IsWindowVisible
GetClassNameW
ShowWindow
GetForegroundWindow
AttachThreadInput
SetCursor
LoadCursorW
GetWindow
GetWindowPlacement
GetWindowRect
PtInRect
SetWindowPlacement
SetForegroundWindow
GetSystemMetrics
CreateAcceleratorTableW
SystemParametersInfoW
LoadIconW
SendMessageW
DisableProcessWindowsGhosting
KillTimer
PostMessageW
SetTimer
SetWindowRgn
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
PostThreadMessageW
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetClassLongW
DrawStateW
EmptyClipboard

gdi32

SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
GetLayout
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetObjectW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateBitmap
CreateRoundRectRgn

msimg32

TransparentBlt
AlphaBlend

advapi32

RegQueryValueW
CreateWellKnownSid
OpenProcessToken
DuplicateTokenEx
DuplicateToken
CheckTokenMembership
GetTokenInformation
RegSetValueExW
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegFlushKey
RegCreateKeyExW
RegCloseKey
RegOpenCurrentUser
RevertToSelf
ImpersonateLoggedOnUser

shell32

SHGetFolderPathW
ShellExecuteW
SHCreateDirectoryExW
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
DragQueryFileW

shlwapi

PathAppendW
PathFileExistsW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
GetThemeColor
DrawThemeText
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetWindowTheme
GetThemeSysColor
DrawThemeParentBackground
CloseThemeData
OpenThemeData

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
SysAllocStringLen
VariantClear
SysFreeString
VariantInit
LoadTypeLi

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipDeleteFontFamily
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth
GdipGetImageHeight
GdipLoadImageFromStream
GdipDisposeImage
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipCreateBitmapFromStream
GdipFree
GdipAlloc
GdipCloneImage
GdipDrawImageRectI

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfc83da8bd88282f47d7568b350db941

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 324KB - Virtual size: 323KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 203KB - Virtual size: 202KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 324KB - Virtual size: 323KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 203KB - Virtual size: 202KB