5742bf9342c99e779c8ab9c027d012402641afc261885bbb8ea2d06b895ac993

Sharing

Copy URL Twitter E-mail

General

Target

5742bf9342c99e779c8ab9c027d012402641afc261885bbb8ea2d06b895ac993
Size

2.8MB
MD5

21105b677fc1ac267155d48eff597ad6
SHA1

d8a611225f98954d71dcc9f3a80c9ddd8f57df12
SHA256

5742bf9342c99e779c8ab9c027d012402641afc261885bbb8ea2d06b895ac993
SHA512

cdd3dba3e3f3d4b156bb27ef6f8d465dfa4681a61755c18756ac5bef75f683eb8080f27caadb44a14be1671c46dbd5eac8712c473ee39493697f2715cefb6c25
SSDEEP

49152:0ZRkTlPt6rQ3gNtb2QkO8ywL0ADfCUSzbsKgpp7ch55DjHq+q4rd6o7F3dRQWTUp:jTlKQ3oh2QeywL1fCUSzbsKgplch5lyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5742bf9342c99e779c8ab9c027d012402641afc261885bbb8ea2d06b895ac993

Files

5742bf9342c99e779c8ab9c027d012402641afc261885bbb8ea2d06b895ac993
.exe windows:5 windows x86

8a1ff49444ba8da728a1786d5e66591a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetProcessHeap
GetEnvironmentStringsW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
CompareStringW
GetStringTypeW
HeapCreate
SetHandleCount
GetTimeZoneInformation
GetStdHandle
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
IsValidCodePage
GetFileType
SizeofResource
SetStdHandle
HeapQueryInformation
HeapSize
CreateThread
ExitThread
HeapReAlloc
VirtualAlloc
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
HeapFree
CreateDirectoryA
EncodePointer
FindFirstFileExA
DecodePointer
ExitProcess
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetWindowsDirectoryA
GetTempPathA
GetACP
GetSystemDirectoryW
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
SetErrorMode
GetTempFileNameA
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetFileSizeEx
SetFileAttributesA
GetFileAttributesExA
FileTimeToSystemTime
WaitForSingleObject
ResumeThread
SetThreadPriority
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetThreadLocale
GetCurrentProcessId
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FreeLibrary
lstrcmpW
MulDiv
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalReAlloc
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetFileAttributesA
OutputDebugStringA
SetFilePointer
GetSystemTimeAsFileTime
lstrcpyA
GlobalMemoryStatus
GetSystemInfo
VirtualQuery
GetModuleFileNameA
CreateFileA
GetFileSize
GetFileTime
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
lstrlenA
WriteFile
Sleep
GetSystemTime
SetLocalTime
InterlockedDecrement
InterlockedIncrement
GetCurrentDirectoryA
lstrcmpiA
DeleteFileA
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
CreateFileW

user32

DrawMenuBar
DefMDIChildProcA
DefFrameProcA
IsClipboardFormatAvailable
GetIconInfo
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawIconEx
DrawStateA
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
GetTabbedTextExtentW
CreateMenu
SetWindowRgn
DrawIcon
LoadAcceleratorsW
PostThreadMessageA
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
SetParent
DeleteMenu
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
DestroyCursor
UnionRect
SystemParametersInfoA
GetMenuItemInfoA
IsZoomed
UnregisterClassA
SetRect
ShowOwnedPopups
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
WaitMessage
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
PostQuitMessage
GetMessageA
TranslateMessage
CharUpperA
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
TranslateMDISysAccel
CheckDlgButton
GetMenuState
GetMenuStringA
InsertMenuA
RemoveMenu
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
RedrawWindow
ValidateRect
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
LoadBitmapW
InvalidateRect
GetWindow
GetWindowLongA
SendMessageA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
GetMenu
SetWindowPos
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowScrollBar
MonitorFromPoint
UpdateLayeredWindow
SetMenuDefaultItem
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
GetWindowRgn
EnableScrollBar
IsRectEmpty
CreatePopupMenu
IsChild
GetSystemMetrics
DrawEdge
GetClassInfoExA
RegisterClassExA
GetForegroundWindow
FlashWindow
GetDesktopWindow
ReleaseDC
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
SetLayeredWindowAttributes
GetSysColor
GetClassNameA
SetWindowLongA
EnableWindow
GetDlgCtrlID
IsWindowEnabled
GetWindowTextA
FillRect
GetWindowRect
InflateRect
GetClientRect
IsWindowVisible
OffsetRect
LoadIconW
IsWindow
MessageBoxA
GetParent
SetCursor
DrawFrameControl
PostMessageA
WindowFromPoint
LoadCursorW
GetCursorPos
LoadCursorA
UpdateWindow
ShowWindow
IsIconic
SetForegroundWindow
FindWindowA
ClientToScreen
SetTimer
GetCapture
ReleaseCapture
KillTimer
wvsprintfA
wsprintfA
MessageBeep
CallWindowProcA
GetSysColorBrush
PtInRect
IntersectRect
ScreenToClient
SetCapture
AppendMenuA
GetSubMenu
LoadMenuW
GetSystemMenu
GetDC
IsMenu

gdi32

GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreateHatchBrush
CopyMetaFileA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
SetAbortProc
AbortDoc
GetViewportOrgEx
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetCharWidthA
GetTextColor
GetRgnBox
CreateEllipticRgn
LPtoDP
CreateDIBSection
ScaleWindowExtEx
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
CreateRoundRectRgn
CreatePolygonRgn
Polyline
GetPaletteEntries
GetNearestPaletteIndex
OffsetRgn
SetDIBColorTable
EnumFontFamiliesExA
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
ExcludeClipRect
GetClipBox
SetMapMode
OffsetWindowOrgEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
GetNearestColor
CreateSolidBrush
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetSystemPaletteEntries
GetDIBColorTable
StretchDIBits
GetStockObject
SelectPalette
RealizePalette
GetDIBits
AngleArc
EndDoc
EndPage
StartPage
StartDocA
ResetDCA
SetPixel
GetPixel
CreateDCA
CreatePalette
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
DeleteObject
Ellipse
StretchBlt
GetTextExtentPoint32A
GetObjectA
Rectangle
Polygon
CreatePen
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
CreateFontIndirectA
GetTextMetricsA
GetBkColor
CreateFontA
IntersectClipRect

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
GetPrinterA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
GetUserNameA
RegEnumKeyA
RegQueryValueA

shell32

ShellExecuteA
Shell_NotifyIconA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW
PathIsUNCA

ole32

CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleRun
CLSIDFromString
StringFromGUID2
CoCreateGuid
CoRevokeClassObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleGetClipboard
CoLockObjectExternal
CoTaskMemFree
CoInitialize
CLSIDFromProgID
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantChangeType
SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SafeArrayPutElement
VariantClear
SysAllocStringLen

oledlg

ord8

ws2_32

inet_addr
recv
send
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
WSAGetLastError
bind
htons
htonl
gethostbyname
select
socket
accept
closesocket
WSACleanup
WSAStartup
listen

gdiplus

GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

iphlpapi

GetAdaptersInfo

winmm

PlaySoundA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a1ff49444ba8da728a1786d5e66591a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

gdiplus

iphlpapi

winmm

oleacc

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 357KB - Virtual size: 357KB

.data Size: 29KB - Virtual size: 70KB

.rsrc Size: 616KB - Virtual size: 615KB

.reloc Size: 202KB - Virtual size: 202KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 357KB - Virtual size: 357KB

.data
Size: 29KB - Virtual size: 70KB

.rsrc
Size: 616KB - Virtual size: 615KB

.reloc
Size: 202KB - Virtual size: 202KB