f000789192ef3c5f730a4507caac335a322d319a0cc43ea824c441b7706cc64d

Sharing

Copy URL Twitter E-mail

General

Target

f000789192ef3c5f730a4507caac335a322d319a0cc43ea824c441b7706cc64d
Size

4.1MB
MD5

c364229ca5e7a38ddf30c2e44871cdab
SHA1

e8acf33b230db61229d2596b5af9a8c15f222f1a
SHA256

f000789192ef3c5f730a4507caac335a322d319a0cc43ea824c441b7706cc64d
SHA512

3b2ab9ab2fa8b6a1bef3b9b6e469c8110abc8c62c7cf0409309fd83e032ad5fbb4108ba9072857cdea83b6a6fbd5715c1d3b7637b50918e84cfb81a3bd32fb46
SSDEEP

24576:Gvet2NPk9tvgwe+rNucyyl5bB/7/DHWjYmg3xJtJnQWDvmF7a6TKK1:G2Zgv+nyylRBTbH1mg3X7QUK1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f000789192ef3c5f730a4507caac335a322d319a0cc43ea824c441b7706cc64d

Files

f000789192ef3c5f730a4507caac335a322d319a0cc43ea824c441b7706cc64d
.exe windows x86

0e82efee66d8e35991ee3f21bc3e0c66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
InterlockedExchange
CompareStringA
FreeResource
lstrlenA
FreeLibrary
GetSystemInfo
Sleep
GetFileSize
InterlockedDecrement
SetFilePointer
ReadFile
GetProcessHeap
HeapAlloc
InterlockedIncrement
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
GetExitCodeProcess
TerminateProcess
WriteFile
CloseHandle
SuspendThread
GetVersion
GetLastError
SetLastError
ResumeThread
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
LoadResource
LockResource
SizeofResource
GetFullPathNameA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
LCMapStringA
GetDateFormatA
GetTimeFormatA
GetOEMCP
GetACP
GetTimeZoneInformation
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
VirtualAlloc
VirtualProtect
HeapSize
ExitProcess
CreateThread
ExitThread
SetStdHandle
HeapReAlloc
RaiseException
GetFileType
GetSystemTimeAsFileTime
RtlUnwind
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
SetFileTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
ReleaseMutex
SystemTimeToFileTime
GetTickCount
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
lstrcmpA
SetEvent
WaitForSingleObject
SetThreadPriority
GetCurrentThreadId
GlobalDeleteAtom
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetVersionExA
GetFileTime
CompareFileTime
CopyFileA
GetLongPathNameA
ExpandEnvironmentStringsA
CreateDirectoryA
GetFileAttributesA
HeapFree
GetShortPathNameA
FormatMessageA
LocalFree
CreateFileA
GetMailslotInfo
GetPrivateProfileStringA
GetLocalTime
GetDriveTypeA
lstrcpyA
CreateProcessA
GetComputerNameA
CreateMailslotA
FindFirstFileA

advapi32

GetUserNameA
RegQueryValueExA
RegOpenKeyExA
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetFileSecurityW
GetFileSecurityW
RegCloseKey

user32

OffsetRect
GetWindowRect
ClientToScreen
ReleaseDC
GetDCEx
LockWindowUpdate
RedrawWindow
SetCapture
GetCursorPos
IsWindow
SetCursor
ReleaseCapture
GetDC
GetKeyState
IsMenu
IsWindowVisible
PostQuitMessage
SetRect
SetRectEmpty
IsIconic
GetLastActivePopup
SetForegroundWindow
CopyRect
FillRect
DrawEdge
CreateMenu
CreatePopupMenu
DeleteMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
RemoveMenu
GetDesktopWindow
GetSysColorBrush
DestroyIcon
DrawIconEx
DrawFrameControl
GetSystemMetrics
InflateRect
GetMessagePos
GetSysColor
GetParent
KillTimer
SetTimer
InvalidateRect
ScreenToClient
GetClientRect
IntersectRect
PtInRect
UpdateWindow
EnableMenuItem
MessageBoxA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
DestroyWindow
SetActiveWindow
GetActiveWindow
UnhookWindowsHookEx
SetFocus
GetWindow
SetScrollPos
GetScrollPos
GetDlgCtrlID
MoveWindow
ShowWindow
SetWindowPos
GetFocus
GetWindowPlacement
SystemParametersInfoA
GetMenu
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
CallNextHookEx
GetCapture
IsChild
SendDlgItemMessageA
CheckMenuItem
SetScrollInfo
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowDC
BeginPaint
EndPaint
BringWindowToTop
GetWindowThreadProcessId
DestroyMenu
ReuseDDElParam
UnpackDDElParam
WindowFromPoint
ValidateRect
TranslateMessage
IsZoomed
DestroyCursor
SetCursorPos
IsRectEmpty
GetSystemMenu
SetParent
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
DrawIcon
SetWindowRgn
GetTabbedTextExtentA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep

gdi32

RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
GetClipBox
SetMapMode
ExcludeClipRect
SaveDC
LineTo
MoveToEx
SetTextAlign
IntersectClipRect
CreateBitmap
SelectClipRgn
CreateRectRgn
Escape
RectVisible
GetRgnBox
GetWindowOrgEx
GetTextExtentPoint32A
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetNearestColor
LPtoDP
CreateEllipticRgn
StretchDIBits
GetViewportOrgEx
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
GetBkColor
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SetBkColor
SetTextColor
SetBkMode
CreateSolidBrush
PatBlt
SelectObject
CreateCompatibleDC
BitBlt
CreatePen
CreateCompatibleBitmap
GetDeviceCaps
GetBkMode
Ellipse
Rectangle
GetPixel
SetPixel
DeleteDC
DeleteObject
CreateDIBSection
PtVisible

shell32

DragFinish
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation

gdiplus

GdipAlloc
GdipDeleteBrush
GdipDeleteGraphics
GdiplusShutdown
GdipCreateLineBrushFromRectWithAngleI
GdipCreateFromHDC
GdipFillRectangleI
GdiplusStartup
GdipCloneBrush
GdipFree

psapi

EnumProcessModules
GetModuleBaseNameW
GetProcessMemoryInfo
EnumProcesses

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleTranslateAccelerator
IsAccelerator
OleRun
OleDestroyMenuDescriptor
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
VariantChangeType
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
VarDateFromStr
VariantInit
VariantCopy
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
GetErrorInfo

winspool.drv

ClosePrinter

Sections

.text
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e82efee66d8e35991ee3f21bc3e0c66

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

gdiplus

psapi

shlwapi

ole32

oleaut32

winspool.drv

Sections

.text Size: 872KB - Virtual size: 872KB

.rdata Size: 157KB - Virtual size: 157KB

.data Size: 42KB - Virtual size: 65KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.text
Size: 872KB - Virtual size: 872KB

.rdata
Size: 157KB - Virtual size: 157KB

.data
Size: 42KB - Virtual size: 65KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB