fb5cd972ec72c0d9b9c04000685c8cccf8a05970f895c34bab25b42c6173e9eb

Sharing

Copy URL

Twitter E-mail

General

Target

fb5cd972ec72c0d9b9c04000685c8cccf8a05970f895c34bab25b42c6173e9eb
Size

4.5MB
MD5

249e5aa3507eacd92be697d852091394
SHA1

33137c0675913e136b569462c5e98b5e938ed0af
SHA256

fb5cd972ec72c0d9b9c04000685c8cccf8a05970f895c34bab25b42c6173e9eb
SHA512

31d6bf9071f24cb9985ef5b26a9f45bd43eb35058a49a5d982c93cee3b5eee42c30c11a015f8a130d9e11cc1d1c4e5968eb5502e73d285a032016831a37ef573
SSDEEP

49152:HT2GkVT+j99xsILRgTVrNPB8qP+15OPyrIrsf2r73PFgeEzb3KZJXon6gTvLX0eY:zZd/iNPS/nugb+XonDX0eMtw4Acx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5cd972ec72c0d9b9c04000685c8cccf8a05970f895c34bab25b42c6173e9eb

Files

fb5cd972ec72c0d9b9c04000685c8cccf8a05970f895c34bab25b42c6173e9eb
.exe windows:5 windows x86

94c8f02d7632d65ac11e15e2c092e96f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetModuleHandleExW
ExitProcess
HeapValidate
SetStdHandle
GetFileType
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetStdHandle
WriteConsoleW
QueryPerformanceFrequency
GetStringTypeW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
VirtualQuery
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
OutputDebugStringW
CreateEventW
WaitForSingleObjectEx
Sleep
SearchPathA
ResetEvent
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
GetWindowsDirectoryA
lstrcpyA
FindResourceExW
GetCurrentDirectoryA
GetACP
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
UnhandledExceptionFilter
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFlags
GetProfileIntA
GetAtomNameA
CopyFileA
FormatMessageA
LocalFree
GlobalSize
MulDiv
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFullPathNameA
GetFileTime
GetFileAttributesA
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GlobalAlloc
GetModuleFileNameA
GetVersionExA
GetCurrentThread
WaitForSingleObject
SetEvent
CloseHandle
GlobalFree
GlobalUnlock
GlobalLock
GetCurrentProcessId
ResumeThread
SetThreadPriority
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
HeapSize
HeapReAlloc
DecodePointer
InterlockedDecrement
InterlockedIncrement
GetLastError
GetSystemInfo
CreateThread
GlobalMemoryStatusEx
GetThreadLocale
IsBadReadPtr
LoadLibraryA
lstrlenA
GetProcessHeap
HeapFree
HeapAlloc
VirtualProtect
VirtualFree
VirtualAlloc
GetProcAddress
FreeLibrary
MultiByteToWideChar
SetLastError
GetCPInfo
CreateFileW

user32

LoadMenuW
DrawFrameControl
DrawEdge
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
DestroyCursor
FillRect
SetRect
GetCursorPos
TranslateMessage
GetMessageA
EndDialog
CreateDialogIndirectParamA
GetSystemMetrics
SystemParametersInfoA
IsRectEmpty
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
GetMenuItemID
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
GetWindowThreadProcessId
OffsetRect
IntersectRect
SetRectEmpty
SetCursor
GetMenuItemCount
GetSubMenu
DestroyMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
ReleaseCapture
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
ShowWindow
NotifyWinEvent
LoadCursorW
LoadCursorA
GetLastActivePopup
SetParent
GetDesktopWindow
WindowFromPoint
ClientToScreen
HideCaret
SetWindowContextHelpId
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
InvalidateRgn
ValidateRect
InvalidateRect
SetWindowRgn
GetUpdateRect
ReleaseDC
GetWindowDC
GetDCEx
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
EnableWindow
FrameRect
SetTimer
SetCapture
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
PostThreadMessageA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
InvertRect
InflateRect
PeekMessageA
PostQuitMessage
UnregisterClassA
SendMessageA
PostMessageA
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
ModifyMenuA
DeleteMenu
InsertMenuItemA
GetMenuItemInfoA
SetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
DrawIcon
DrawTextA
DrawTextExA
GrayStringA
DrawStateA
GetSysColorBrush
GetWindowRgn
IsWindow
TabbedTextOutA
MapDialogRect
GetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
RegisterWindowMessageA
DispatchMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
BeginPaint
GetAsyncKeyState
RealChildWindowFromPoint
CopyImage
GetClipboardFormatNameA
DrawFocusRect
GetKeyNameTextA
MapVirtualKeyA
UnionRect
LoadAcceleratorsW
CharUpperA
CharNextA
CopyAcceleratorTableA
MessageBeep
GetTabbedTextExtentW
TrackMouseEvent
LoadImageW
RegisterClipboardFormatA
WaitMessage
IsClipboardFormatAvailable
DrawIconEx
GetIconInfo
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursorPos
CopyIcon
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
SubtractRect
CharUpperBuffA
GetDoubleClickTime
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
KillTimer
GetKeyboardState

gdi32

SelectObject
StretchDIBits
GetStockObject
CopyMetaFileA
GetDeviceCaps
BitBlt
CombineRgn
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetROP2
GetBkColor
GetBkMode
GetBoundsRect
GetCurrentPositionEx
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRgnBox
GetStretchBltMode
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SetPaletteEntries
GetCharWidthA
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsA
StartDocA
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBSection
GetTextExtentPointA
GetTextExtentPoint32W
EnumFontFamiliesExA
GetObjectType
DeleteObject
DeleteDC
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
ExtTextOutA
CreateDCA
SetPixel
GetSystemPaletteEntries
SetDIBColorTable
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderPathA

shlwapi

PathFindExtensionA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindFileNameA

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemePartSize
IsAppThemed

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleIsCurrentClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
IsAccelerator
CoRevokeClassObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleGetClipboard
OleLockRunning
OleTranslateAccelerator
StringFromGUID2
CoGetClassObject
CoDisconnectObject
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
StringFromCLSID
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoLockObjectExternal
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
VariantChangeType
OleCreateFontIndirect
VariantCopy
VarBstrFromDate
SysAllocStringByteLen
VariantClear
VariantInit
SysAllocStringLen

oledlg

ord8

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 465KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94c8f02d7632d65ac11e15e2c092e96f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 465KB - Virtual size: 464KB

.data Size: 303KB - Virtual size: 331KB

.rsrc Size: 79KB - Virtual size: 80KB

.reloc Size: 198KB - Virtual size: 198KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 465KB - Virtual size: 464KB

.data
Size: 303KB - Virtual size: 331KB

.rsrc
Size: 79KB - Virtual size: 80KB

.reloc
Size: 198KB - Virtual size: 198KB