28755069af280a6245ea32fb4070a0326c1ec87d494e1d188a765383921e9742

Sharing

Copy URL Twitter E-mail

General

Target

28755069af280a6245ea32fb4070a0326c1ec87d494e1d188a765383921e9742
Size

2.1MB
MD5

a72dc88efc0d1321b231494784983361
SHA1

d4e3ab9334b37d73b5558cd54545cf05b7791acb
SHA256

28755069af280a6245ea32fb4070a0326c1ec87d494e1d188a765383921e9742
SHA512

bda8d74cb1ca60518259644792e13d009edf38b9346803ba6b498725d904ef7013bc70eb2fc30cce1a330aa55d0bf61c96576236def758df7caecf92891ad6b6
SSDEEP

24576:cKPc1x3WgWRZzDdJpV6DpAzPG7iDs3UUPOO1neWvc+ZfLy96OSAi9lVGUR:cK0dWRZzhJpgNI8bZO2PyfelVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28755069af280a6245ea32fb4070a0326c1ec87d494e1d188a765383921e9742

Files

28755069af280a6245ea32fb4070a0326c1ec87d494e1d188a765383921e9742
.exe windows x86

4ee729c4f8403aeff59c4373d232f6e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableW
VirtualQuery
CreateThread
DeviceIoControl
GetProcessHeap
SizeofResource
LocalFree
HeapAlloc
GetModuleFileNameA
GetSystemInfo
SuspendThread
GetPrivateProfileStringW
GetEnvironmentVariableA
LocalFileTimeToFileTime
SetEnvironmentVariableW
GetLogicalDriveStringsW
CancelIo
UnmapViewOfFile
GetStdHandle
GetCurrentDirectoryA
SetCurrentDirectoryW
CreateFileMappingW
GetCurrentDirectoryW
GlobalAlloc
GetModuleHandleW
GetUserDefaultLCID
LoadLibraryExW
SetEndOfFile
ProcessIdToSessionId
SetThreadExecutionState
SetUnhandledExceptionFilter
LocalAlloc
MoveFileExW
GetPrivateProfileSectionNamesW
GetCurrentProcessId
Sleep
ReleaseMutex
GetPrivateProfileIntW
OpenFileMappingW
GetLastError
PeekNamedPipe
GetACP
DuplicateHandle
lstrcpyW
FileTimeToLocalFileTime
GetModuleFileNameW
FindFirstFileW
GetCommandLineW
ResumeThread
QueryPerformanceCounter
GetProcAddress
WaitForSingleObject
ResetEvent
CreateProcessW
MoveFileW
MulDiv
SetFilePointerEx
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
DisconnectNamedPipe
GetFileAttributesW
OpenProcess
GetCurrentThreadId
GetFileSizeEx
FreeLibrary
LoadLibraryA
GetFileTime
CreateDirectoryW
SetFileAttributesW
CloseHandle
InterlockedExchange
CreateEventW
FindClose
GetTickCount
VerSetConditionMask
DeleteCriticalSection
VerifyVersionInfoW
InterlockedDecrement
DeleteFileW
FindNextFileW
ReadFile
SetEvent
InterlockedIncrement
GetVersionExW
CopyFileW
GetTempPathW
FlushFileBuffers
SetLastError
SystemTimeToFileTime
lstrlenA
RtlCaptureContext
Process32NextW
FreeResource
ConnectNamedPipe
GlobalLock
GetFileSize
TerminateProcess
GetLocaleInfoW
QueryPerformanceFrequency
GetThreadPriority
LoadLibraryW
GetCurrentThread
SystemTimeToTzSpecificLocalTime
FindResourceW
GlobalMemoryStatusEx
CreateMutexW
GetThreadContext
Process32FirstW
CreateNamedPipeW
GetCPInfo
GetShortPathNameW
GetDiskFreeSpaceExW
GlobalSize
RemoveDirectoryW
GetStartupInfoW
CreatePipe
LockResource
MultiByteToWideChar
CreateToolhelp32Snapshot
WaitForMultipleObjects
InterlockedExchangeAdd
GlobalFree
LoadResource
lstrcmpW
GetCurrentProcess
WaitNamedPipeW
ExitProcess
GlobalUnlock
GetLocaleInfoA
GetSystemTime
ReadProcessMemory
GetComputerNameW
GetDriveTypeW
GetFileAttributesA
GetTimeZoneInformation
FileTimeToSystemTime
HeapFree
MapViewOfFile
SetFilePointer
WriteFile
WideCharToMultiByte
SetThreadPriority
CreateFileW
InitializeCriticalSection
GetOverlappedResult
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
RaiseException
GetStringTypeW
GetStringTypeA
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
AllocateAndInitializeSid
RegSetValueExW
AddAccessAllowedAce
RegEnumKeyW
RegQueryInfoKeyW
OpenProcessToken
RegEnumKeyExW
InitializeAcl
CheckTokenMembership
InitializeSecurityDescriptor
FreeSid
DuplicateTokenEx
GetSidLengthRequired
RegEnumValueW
RegSetKeySecurity
GetSidSubAuthority
GetAce
SetFileSecurityW
RegOpenKeyW
GetUserNameW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
InitializeSid
SetSecurityDescriptorDacl

comctl32

ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Remove
ImageList_DragLeave
ImageList_GetIcon
ord17
ImageList_DrawEx
ImageList_DragEnter
ImageList_AddMasked
ImageList_DragMove
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_Merge
ImageList_BeginDrag
ImageList_EndDrag
ImageList_GetIconSize
ImageList_Add
ImageList_GetImageInfo
PropertySheetW
InitCommonControlsEx

comdlg32

GetSaveFileNameW
GetOpenFileNameW

gdi32

SetViewportExtEx
CreatePatternBrush
GetViewportExtEx
GetBkMode
SetWindowExtEx
PolyDraw
SetDIBitsToDevice
AddFontResourceExW
SetStretchBltMode
BitBlt
SetBrushOrgEx
SetBkColor
PolyPolyline
Polyline
Polygon
GetWindowExtEx
GetTextFaceW
TextOutW
CreateDIBSection
GetDIBits
GetClipBox
GetStockObject
PolyTextOutW
CreateCompatibleBitmap
SetPixel
SetDIBits
DeleteDC
GetTextMetricsW
DeleteObject
ExtTextOutW
CreateCompatibleDC
CreateFontIndirectW
MoveToEx
SelectObject
GetTextExtentPoint32W
CreatePen
CreateFontW
GetCurrentObject
GetDeviceCaps
GetObjectW
SetTextColor
StretchBlt
SetBkMode
LineTo
CreateSolidBrush
CreateDIBitmap
CreateBitmap
Rectangle

msacm32

acmStreamUnprepareHeader
acmFormatTagEnumW
acmStreamOpen
acmDriverDetailsW
acmDriverOpen
acmStreamConvert
acmDriverClose
acmStreamSize
acmDriverEnum
acmFormatEnumW
acmStreamPrepareHeader
acmStreamClose
acmFormatDetailsW

ole32

CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoInitialize
CoInitializeSecurity
CoGetMalloc
CreateStreamOnHGlobal
CoResumeClassObjects
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoAddRefServerProcess

oleaut32

SysAllocString
VariantInit
OleCreatePropertyFrame
VariantClear
SysFreeString
OleLoadPicturePath
SysAllocStringLen
OleLoadPicture
SysAllocStringByteLen
SysStringByteLen

shell32

DragQueryFileW
SHChangeNotify
DragQueryPoint
ShellExecuteW
SHGetFolderPathW
DragAcceptFiles
SHParseDisplayName
SHBrowseForFolderW
SHGetPathFromIDListW
SHCreateShellItem
SHGetDesktopFolder
SHGetFileInfoW
Shell_NotifyIconW
CommandLineToArgvW
SHEmptyRecycleBinW
SHGetMalloc
ord155
DragFinish
ord680
ShellExecuteExW
ShellExecuteA

shlwapi

PathCompactPathExW
StrCmpLogicalW
SHDeleteKeyW
SHDeleteEmptyKeyW

user32

GetPropW
DestroyIcon
MonitorFromWindow
AppendMenuW
FillRect
GetWindowLongW
TrackPopupMenu
GetParent
SetCursor
WaitForInputIdle
PostMessageW
BeginPaint
GetCursorInfo
RemovePropW
GetKeyState
GetDlgItemInt
InvalidateRect
GetMenuItemInfoW
DialogBoxParamW
SetTimer
GetWindowThreadProcessId
CallWindowProcW
AllowSetForegroundWindow
InsertMenuItemW
GetComboBoxInfo
SetMenu
GetScrollBarInfo
ModifyMenuW
MapVirtualKeyW
CloseClipboard
GetAncestor
IsClipboardFormatAvailable
IsCharAlphaW
LoadStringW
OpenClipboard
CreateDialogParamW
GetAsyncKeyState
GetDlgItemTextW
keybd_event
GetSystemMetrics
DialogBoxIndirectParamW
SetClassLongW
GetCapture
SetMenuInfo
GetClipboardData
CharUpperW
GetWindowTextLengthW
PostQuitMessage
SetMenuDefaultItem
SetForegroundWindow
EndMenu
GetForegroundWindow
MsgWaitForMultipleObjects
GetWindowRect
GetMenuBarInfo
CreateDialogIndirectParamW
SetWindowPos
GetWindowDC
EnableWindow
SetCapture
SetDlgItemTextW
DrawEdge
UpdateWindow
GetSysColorBrush
FlashWindowEx
GetMessagePos
GetDlgCtrlID
GetMonitorInfoW
InsertMenuW
FindWindowExW
EndDialog
FindWindowW
GetFocus
CallNextHookEx
InflateRect
CopyImage
SetActiveWindow
SetMenuItemInfoW
GetSysColor
PeekMessageW
DrawIconEx
MapWindowPoints
MonitorFromPoint
ScrollWindowEx
GetClassNameW
IsWindow
WindowFromDC
GetClassNameA
WindowFromPoint
CheckMenuItem
GetMenuInfo
GetKeyNameTextW
GetKeyboardState
IsDialogMessageW
TranslateMessage
GetWindow
GetMessageW
wsprintfW
GetSubMenu
GetActiveWindow
ReleaseCapture
DrawFocusRect
IsDlgButtonChecked
EndPaint
KillTimer
SetDlgItemInt
CreateWindowExW
DestroyMenu
SetScrollInfo
CheckDlgButton
SystemParametersInfoW
GetDesktopWindow
LoadImageW
IsWindowVisible
LoadCursorW
GetMenu
RegisterWindowMessageW
GetDlgItem
GetMenuItemCount
SetPropW
IsIconic
IsZoomed
DrawTextExW
GetWindowPlacement
ShowWindow
MessageBoxW
RemoveMenu
SetFocus
RedrawWindow
ClientToScreen
GetScrollInfo
SendDlgItemMessageW
FrameRect
UnhookWindowsHookEx
GetClientRect
MonitorFromRect
DestroyWindow
SetWindowTextW
DefWindowProcW
ScreenToClient
GetWindowTextW
DrawTextW
DeleteMenu
ReleaseDC
SetWindowsHookExW
GetIconInfo
SendMessageW
CreatePopupMenu
GetCursor
SetWindowPlacement
MapDialogRect
GetDC
MoveWindow
RegisterClassW
EnableMenuItem
SetWindowLongW
IsWindowEnabled
DrawStateW
DispatchMessageW

winmm

waveOutGetNumDevs
waveOutUnprepareHeader
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutGetPosition
waveOutClose
waveOutRestart
waveOutWrite
waveOutReset

ws2_32

connect
WSAStartup
ioctlsocket
send
gethostbyname
__WSAFDIsSet
select
ntohs
htons
closesocket
setsockopt
recv
WSAGetLastError
inet_addr
gethostname
socket

rpcrt4

UuidToStringW
UuidFromStringW
RpcStringFreeW
UuidCreate

netapi32

NetUserGetInfo
NetApiBufferFree

gdiplus

GdipDeleteMatrix
GdipDisposeImage
GdipSetInterpolationMode
GdipGetImageWidth
GdipReleaseDC
GdipSetPixelOffsetMode
GdipGetImagePixelFormat
GdipImageGetFrameDimensionsList
GdipGetImageEncoders
GdipGetImageHorizontalResolution
GdipGetPropertyItemSize
GdipGraphicsClear
GdipBitmapLockBits
GdipDeleteFont
GdipGetDC
GdipGetPropertyIdList
GdipSetCompositingMode
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipSetSmoothingMode
GdipDeleteGraphics
GdiplusShutdown
GdipImageSelectActiveFrame
GdipSetPageUnit
GdipImageGetFrameCount
GdipCreateBitmapFromStream
GdipCloneImage
GdipSetTextRenderingHint
GdipDeleteRegion
GdipCreateImageAttributes
GdipSetImageAttributesWrapMode
GdipGetPropertyItem
GdipCreateSolidFill
GdipCloneBrush
GdipGetPropertyCount
GdipImageGetFrameDimensionsCount
GdipDrawImageRectRectI
GdiplusStartup
GdipGetImageHeight
GdipGetImageEncodersSize
GdipSetImageAttributesColorMatrix
GdipSaveImageToStream
GdipGetImageGraphicsContext
GdipGetImageVerticalResolution
GdipDrawImageRectRect
GdipBitmapSetResolution
GdipCreateFontFromDC
GdipCreateFromHDC
GdipDisposeImageAttributes
GdipDeleteBrush

msimg32

GradientFill
AlphaBlend

iphlpapi

GetAdaptersAddresses
GetIpAddrTable

wininet

InternetQueryOptionA
InternetGetConnectedState

secur32

DecryptMessage
QueryContextAttributesW
FreeContextBuffer
AcquireCredentialsHandleW
ApplyControlToken
DeleteSecurityContext
InitializeSecurityContextW
EncryptMessage
FreeCredentialsHandle

crypt32

CertCloseStore
CertFindCertificateInStore
CryptQueryObject
CertVerifySubjectCertificateContext
CertFreeCertificateContext

wintrust

WinVerifyTrust

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ee729c4f8403aeff59c4373d232f6e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

msacm32

ole32

oleaut32

shell32

shlwapi

user32

winmm

ws2_32

rpcrt4

netapi32

gdiplus

msimg32

iphlpapi

wininet

secur32

crypt32

wintrust

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 415KB - Virtual size: 415KB

.data Size: 25KB - Virtual size: 553KB

.rsrc Size: 421KB - Virtual size: 421KB

.reloc Size: 79KB - Virtual size: 79KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 415KB - Virtual size: 415KB

.data
Size: 25KB - Virtual size: 553KB

.rsrc
Size: 421KB - Virtual size: 421KB

.reloc
Size: 79KB - Virtual size: 79KB