dd1595fbae7596f3444d4787a7e34941c0f620458d550bc797b239f943677e01

Sharing

Copy URL

Twitter E-mail

General

Target

dd1595fbae7596f3444d4787a7e34941c0f620458d550bc797b239f943677e01
Size

1.8MB
MD5

a60df06da30813dd7290f7c4ea3303fa
SHA1

48d0535e602f1d2966402cad927f742d03bc7d9a
SHA256

dd1595fbae7596f3444d4787a7e34941c0f620458d550bc797b239f943677e01
SHA512

4691c6f52b37d47d26175ce4052fd137dfff94a262c6d45e2681e51b81f5e44f2010a51ef193ccb391e21d219dd08d1e1d03c72dba565e05a8a7225da3e9a622
SSDEEP

24576:gHNV5RaNlt8bGBjdB+ogWpZ6yxMGLe39AqaNp:graJ5wo5Z6CMGLe396Np

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd1595fbae7596f3444d4787a7e34941c0f620458d550bc797b239f943677e01

Files

dd1595fbae7596f3444d4787a7e34941c0f620458d550bc797b239f943677e01
.exe windows x86

4253357b2a1a32f9423ba2093a0bd3ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
SetLocalTime
GetSystemTime
Sleep
GetCurrentThreadId
GetCurrentProcess
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
CloseHandle
CreateFileA
WinExec
CopyFileA
GetModuleFileNameA
GetWindowsDirectoryA
MapViewOfFile
CreateFileMappingA
CreateMutexA
Process32Next
TerminateProcess
ReadProcessMemory
OpenProcess
Process32First
CreateToolhelp32Snapshot
CreateProcessA
lstrcpyA
TerminateThread
lstrlenA
WideCharToMultiByte
LocalFree
FormatMessageA
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
GetFileSize
GetFileTime
lstrcpynA
FindClose
FindFirstFileA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
FreeResource
LoadResource
FindResourceA
LockResource
GlobalFree
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
IsBadCodePtr
SetConsoleCtrlHandler
GetDriveTypeA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
CompareStringW
CompareStringA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
SetHandleCount
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapAlloc
FatalAppExitA
OutputDebugStringA
GetStdHandle
GetLastError
DebugBreak
GetACP
ExitThread
CreateThread
RaiseException
SetStdHandle
GetCommandLineA
GetStartupInfoA
ExitProcess
GetLocalTime
GetTimeZoneInformation
GetFileType
SetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryA
HeapValidate
RtlUnwind
WaitForMultipleObjects
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
PulseEvent
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetOEMCP
GetCPInfo
GetProcessVersion
SizeofResource
GetPrivateProfileIntA
GlobalFlags
SetErrorMode
GetProfileIntA
MulDiv
VirtualProtect
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
GetDiskFreeSpaceA
GetTempFileNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalAlloc
FindNextFileA
SetLastError
CreateEventA
SetEvent
WaitForSingleObject
GlobalAlloc
lstrcmpA
GetCurrentThread
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock

user32

DestroyCursor
GetAsyncKeyState
CharUpperA
GetMessageA
TranslateMessage
GetCursorPos
PostQuitMessage
wvsprintfA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
SetCursor
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
GetMenuCheckMarkDimensions
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
MapDialogRect
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
LoadStringA
SetFocus
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
GetClassNameA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
SetMenuItemBitmaps
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
LoadBitmapA
GetSysColorBrush
SubtractRect
GetDialogBaseUnits
GetClipboardFormatNameA
DestroyIcon
MsgWaitForMultipleObjects
GetFocus
UnionRect
IntersectRect
OffsetRect
InflateRect
EqualRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
CopyRect
OemToCharA
CharToOemA
TabbedTextOutA
PostMessageA
IsWindow
VkKeyScanA
GetMessageExtraInfo
mouse_event
SetCursorPos
keybd_event
SendMessageA
MessageBoxA
ExitWindowsEx
GetDesktopWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
BringWindowToTop
UnregisterClassA

gdi32

DeleteObject
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
GetObjectA
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreatePatternBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateFontA
CreateBitmap
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateDCA
CreateICA
CreateCompatibleDC
GetDeviceCaps
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
CreateBrushIndirect
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

GetFileSecurityA
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
SetFileSecurityA
RegSetValueExA
RegCreateKeyExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
ExtractIconA

comctl32

ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
ImageList_SetDragCursorImage
ImageList_DragMove
ord8
ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord13
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ord14
ImageList_GetImageCount
ImageList_Add
ImageList_AddMasked
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_EndDrag

ws2_32

connect
send
recv
WSACleanup
WSAGetLastError
WSAStartup
inet_ntoa
setsockopt
htons
inet_addr
socket
sendto
recvfrom
closesocket
gethostbyname
gethostname
bind

wininet

GopherGetLocatorTypeA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetCookieA
InternetGetCookieA
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
FtpDeleteFileA
FtpRenameFileA

imagehlp

MakeSureDirectoryPathExists

iphlpapi

GetAdaptersInfo
GetRTTAndHopCount

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4253357b2a1a32f9423ba2093a0bd3ef

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ws2_32

wininet

imagehlp

iphlpapi

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 48KB - Virtual size: 76KB

.idata Size: 24KB - Virtual size: 21KB

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 64KB - Virtual size: 60KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 48KB - Virtual size: 76KB

.idata
Size: 24KB - Virtual size: 21KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 64KB - Virtual size: 60KB