d054673095e53930ec09360d59baddf1be8b6bb346bbdd919e4e75a0424b7aae

Sharing

Copy URL Twitter E-mail

General

Target

d054673095e53930ec09360d59baddf1be8b6bb346bbdd919e4e75a0424b7aae
Size

7.3MB
MD5

2f0faf5f990430631f507d3769e037ff
SHA1

ea7f6bf7d93922f49dac12facdc8ac84b2d574ca
SHA256

d054673095e53930ec09360d59baddf1be8b6bb346bbdd919e4e75a0424b7aae
SHA512

0dd26e996b796cd04924e5bcc2b3973824316a5a44d2a900fae302f66dfe5c031178dcfa3c304905b07c5bb0d3b800aa9762300be8519e9abaf97af2ba978815
SSDEEP

196608:RpzdkWE0x722CpfZ5Af8FLOyomFHKnPAK:Rp5Fv22CF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d054673095e53930ec09360d59baddf1be8b6bb346bbdd919e4e75a0424b7aae

Files

d054673095e53930ec09360d59baddf1be8b6bb346bbdd919e4e75a0424b7aae
.exe windows:5 windows x86

f047fe2e558bc213bdf6fee048fb580b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

controlcan

ord6
ord5
ord13
ord2
ord10
ord3
ord14

kernel32

MapViewOfFile
FileTimeToLocalFileTime
OpenEventA
SizeofResource
FindResourceW
UnmapViewOfFile
CreateFileMappingA
CreateActCtxW
LockResource
LoadResource
WideCharToMultiByte
GetCurrentDirectoryA
Sleep
SetThreadUILanguage
InterlockedIncrement
InterlockedDecrement
CloseHandle
WriteFile
CreateFileA
SetCurrentDirectoryA
CreateDirectoryA
GetLocalTime
WritePrivateProfileStringA
GetVolumeInformationA
LeaveCriticalSection
EnterCriticalSection
lstrlenA
MultiByteToWideChar
GetLastError
GetPrivateProfileIntA
SetEvent
PurgeComm
SetCommState
BuildCommDCBA
GetCommState
SetCommMask
SetCommTimeouts
InitializeCriticalSection
GetCommMask
WaitForMultipleObjects
ClearCommError
WaitCommEvent
LocalFree
FormatMessageA
GetOverlappedResult
ReadFile
WaitForSingleObject
SetLastError
DeactivateActCtx
ActivateActCtx
GetProcAddress
LoadLibraryA
GetModuleHandleA
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeLibrary
lstrcmpW
GetVersionExA
LoadLibraryW
CompareStringA
SetThreadPriority
ResumeThread
SuspendThread
GlobalAlloc
GlobalSize
CopyFileA
lstrlenW
MulDiv
GetModuleFileNameA
GetCurrentProcessId
GetHandleInformation
DuplicateHandle
GetCurrentProcess
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
MoveFileA
DeleteFileA
FindClose
FindFirstFileA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
GetShortPathNameA
GetFileAttributesA
GlobalReAlloc
InterlockedExchange
lstrcmpA
lstrcpyA
GetTickCount
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetLocaleInfoA
GetCurrentThread
GetModuleHandleW
GetPrivateProfileStringA
SetFileTime
GetFileTime
GetTempFileNameA
GetDiskFreeSpaceA
ReplaceFileA
SystemTimeToFileTime
GlobalFlags
ResetEvent
ReleaseActCtx
GetModuleFileNameW
SetErrorMode
GetAtomNameA
VirtualProtect
GetProfileIntA
GetACP
GetCPInfo
GetOEMCP
DeleteCriticalSection
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
GetFileSizeEx
GetFileAttributesExA
LocalFileTimeToFileTime
GetTempPathA
SearchPathA
FindResourceExW
GetWindowsDirectoryA
GetNumberFormatA
RtlUnwind
EncodePointer
DecodePointer
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapValidate
IsBadReadPtr
WriteConsoleW
GetFileType
GetStdHandle
IsDebuggerPresent
RaiseException
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetSystemTimeAsFileTime
ExitProcess
CreateThread
ExitThread
SetStdHandle
OutputDebugStringA
OutputDebugStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsValidCodePage
IsProcessorFeaturePresent
GetStringTypeW
SetHandleCount
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
HeapCreate
GetProcessHeap
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
CompareStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
CreateFileW
SetEnvironmentVariableA
CreateEventA

user32

GetMessageA
MonitorFromPoint
DrawIconEx
UnpackDDElParam
ReuseDDElParam
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
IsClipboardFormatAvailable
SetCursor
DestroyIcon
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
LoadImageW
DestroyAcceleratorTable
CharUpperA
WaitMessage
PostQuitMessage
GetWindowThreadProcessId
SystemParametersInfoA
OffsetRect
MessageBeep
SetClassLongA
GetAsyncKeyState
ReleaseCapture
GetCursorPos
LoadMenuW
LoadMenuA
RemoveMenu
ModifyMenuA
InsertMenuItemA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
LoadCursorW
LoadCursorA
PostThreadMessageA
NotifyWinEvent
SetWindowContextHelpId
GetForegroundWindow
SetForegroundWindow
RegisterClipboardFormatA
GetClassNameA
OpenClipboard
WindowFromPoint
SetParent
GetLastActivePopup
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
IsWindow
GetKeyNameTextA
MapVirtualKeyA
MapDialogRect
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowPlacement
SetWindowPlacement
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconW
LoadIconA
SendDlgItemMessageA
MonitorFromWindow
GetMonitorInfoA
GetClientRect
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EnumDisplayMonitors
SetLayeredWindowAttributes
UpdateLayeredWindow
RealChildWindowFromPoint
SetRectEmpty
GetClipboardFormatNameA
SetCursorPos
CopyIcon
IsRectEmpty
CreateAcceleratorTableA
CopyAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetSysColor
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetWindowRect
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
LoadImageA
GetSystemMetrics
SendMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
HideCaret
LoadBitmapW
SubtractRect
UnionRect
IntersectRect
InflateRect
SetRect
TrackPopupMenu
WinHelpA
GetCapture
GetWindow
GetParent
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
PostMessageA
TabbedTextOutA
IsWindowEnabled
GetDlgItem
GetWindowLongA
DestroyWindow
CreateDialogIndirectParamA
EnableWindow
SetActiveWindow
GetActiveWindow
GetDesktopWindow
EndDialog
SetWindowPos
SetWindowLongA
GetMessagePos
GetMessageTime
GetMenu
SetMenu
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
GetKeyboardLayout
CallNextHookEx
SetWindowsHookExA
GetDlgCtrlID
GetKeyState
GetWindowTextA
GetTabbedTextExtentW
MapVirtualKeyExA
IsCharLowerA
UnregisterClassA
DestroyCursor
CharNextA
CharUpperBuffA
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
GetIconInfo
PtInRect
GetDoubleClickTime
EnumChildWindows
GetKeyboardState
GetWindowTextLengthA

gdi32

GetTextExtentPoint32W
GetTextExtentPointA
GetSystemPaletteEntries
EnumFontFamiliesExA
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesA
SetDIBColorTable
GetDIBits
ExtSelectClipRgn
SetLayout
GetLayout
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
DeleteDC
CopyMetaFileA
SetPixelV
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetBoundsRect
Escape
GetCharWidthA
GetTextMetricsA
GetTextFaceA
GetTextAlign
GetTextExtentPoint32A
TextOutA
ExtFloodFill
SetPixel
GetPixel
StretchBlt
BitBlt
PatBlt
RoundRect
Rectangle
Polygon
Ellipse
Polyline
Arc
GetCurrentPositionEx
RectVisible
PtVisible
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetMapMode
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetBkColor
RealizePalette
GetNearestColor
SelectObject
GetDeviceCaps
CreateCompatibleDC
CreateDCA
PtInRegion
GetRgnBox
OffsetRgn
CombineRgn
SetRectRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
GetNearestPaletteIndex
SetPaletteEntries
GetPaletteEntries
CreatePalette
CreateCompatibleBitmap
CreateFontA
CreateFontIndirectA
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
CreateBitmap
SetBkColor
SetTextColor
ExtTextOutA
GetStockObject
GetObjectA
DeleteObject
CreateDIBSection

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

OpenThreadToken
RegQueryValueExA
RegEnumValueA
RegCloseKey
RegOpenKeyExA
RegSetValueA
RegOpenKeyExW
RevertToSelf
SetThreadToken
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegCreateKeyExA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyExA

shell32

ExtractIconA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
SHAddToRecentDocs
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathRemoveFileSpecW
PathFindExtensionA
PathRemoveExtensionA

ole32

OleGetClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleDuplicateData
CoTaskMemFree
CLSIDFromString
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoInitialize
StringFromGUID2
OleLockRunning
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
CLSIDFromProgID
CoCreateGuid
CoUninitialize
CoInitializeEx
CoCreateInstance
CreateStreamOnHGlobal
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID

oleaut32

SysStringLen
VariantCopy
SafeArrayDestroy
VarBstrFromDate
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdipSaveImageToFile
GdiplusShutdown

ws2_32

listen
bind
connect
sendto
recvfrom
socket
select
WSAGetLastError
WSAAsyncSelect
send
recv
closesocket
htonl
inet_addr
htons
accept
WSAStartup
WSASetLastError
WSACleanup

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 589KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f047fe2e558bc213bdf6fee048fb580b

Headers

DLL Characteristics

File Characteristics

Imports

controlcan

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 589KB - Virtual size: 588KB

.data Size: 31KB - Virtual size: 71KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 278KB - Virtual size: 278KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 589KB - Virtual size: 588KB

.data
Size: 31KB - Virtual size: 71KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 278KB - Virtual size: 278KB