a7985078f370c26b766f358b5a16158d42f6aab047f0f139ccae54cf582f6e1c

Sharing

Copy URL Twitter E-mail

General

Target

a7985078f370c26b766f358b5a16158d42f6aab047f0f139ccae54cf582f6e1c
Size

3.1MB
MD5

cbd16a952c8c6593505d836d874629d8
SHA1

0e1f9c930416156efb47de83d6f876187da2cfb5
SHA256

a7985078f370c26b766f358b5a16158d42f6aab047f0f139ccae54cf582f6e1c
SHA512

8dbd3575d95752312b492791fd28897053e45a420fc158c71a9dacfe1f0bcf580086745ca7f54ce6ce32aaa5e4c534994a461cb3a985134bbc1986633be7acdd
SSDEEP

98304:MM8rXjVexW9Wpjv8/34Uv/t3WOZCWyHa1Sqoodq+1Y/LWIguK3bb:titWpiCvWSmHEWIguGbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7985078f370c26b766f358b5a16158d42f6aab047f0f139ccae54cf582f6e1c

Files

a7985078f370c26b766f358b5a16158d42f6aab047f0f139ccae54cf582f6e1c
.exe windows:5 windows x86

899aa062e2c991b9eb55cf8fdf03d29d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

hid

HidD_SetFeature
HidD_SetOutputReport
HidD_GetInputReport
HidD_GetAttributes
HidD_GetHidGuid
HidD_GetFeature
HidD_GetPreparsedData
HidP_GetCaps
HidP_GetSpecificButtonCaps
HidP_GetSpecificValueCaps
HidP_MaxUsageListLength
HidP_GetUsages
HidP_GetUsageValue
HidP_GetScaledUsageValue

kernel32

CreateFileA
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetConsoleCP
IsValidLocale
LCMapStringW
FatalAppExitA
SetConsoleCtrlHandler
IsValidCodePage
GetOEMCP
GetACP
EnumSystemLocalesA
HeapDestroy
GetTimeZoneInformation
GetConsoleMode
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
InterlockedCompareExchange
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
HeapReAlloc
RaiseException
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
DecodePointer
EncodePointer
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetNumberFormatW
GetWindowsDirectoryW
GetTempFileNameW
LocalLock
LocalUnlock
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
MoveFileW
lstrcmpiW
GetStringTypeExW
DeleteFileW
GetCurrentDirectoryW
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetCPInfo
GetSystemDirectoryW
GetAtomNameW
GlobalGetAtomNameW
lstrlenA
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SuspendThread
ResumeThread
SetThreadPriority
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GetCurrentProcessId
lstrlenW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
GetProcAddress
CompareStringW
LoadLibraryW
ActivateActCtx
DeactivateActCtx
SetLastError
FreeLibrary
lstrcmpW
GetOverlappedResult
GetTickCount
GetLocalTime
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ReadFile
WriteFile
GetLastError
GetTempPathW
CreateDirectoryW
WaitForMultipleObjects
TerminateThread
SetEvent
ExitProcess
CreateEventW
CreateThread
WideCharToMultiByte
MultiByteToWideChar
ResetEvent
WaitForSingleObject
CreateFileW
CloseHandle
ExitThread
OutputDebugStringW
Sleep
Beep
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameW
LoadResource
LockResource
SizeofResource
FindResourceW
MulDiv
GetStringTypeW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
lstrcpyW
QueryPerformanceCounter
GetLocaleInfoA

user32

MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
RegisterClipboardFormatW
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadImageW
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
GetTabbedTextExtentW
SetRect
MessageBeep
IsClipboardFormatAvailable
GetDialogBaseUnits
CharUpperW
DestroyIcon
WaitMessage
ReleaseCapture
SetCapture
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
LoadCursorW
GetSysColorBrush
CopyImage
RealChildWindowFromPoint
WindowFromPoint
IntersectRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
MsgWaitForMultipleObjectsEx
MapVirtualKeyW
GetKeyNameTextW
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
UnionRect
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
PostQuitMessage
GetMenuStringW
InsertMenuW
RemoveMenu
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
FillRect
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetWindowRect
RedrawWindow
GetParent
EnableWindow
RegisterWindowMessageW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageW
SetMenuDefaultItem
SendNotifyMessageW
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
CopyIcon
CharUpperBuffW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
GetWindowRgn
EnumChildWindows
GetDCEx
SetCursor
GetClientRect
WindowFromDC
EqualRect
SendMessageW
BroadcastSystemMessageW
SetTimer
LoadIconW
DrawIcon
GetSystemMetrics
IsIconic
InvalidateRect
KillTimer
UpdateWindow
PostMessageW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
AppendMenuW
GetSystemMenu
SetWindowPos
GetDC
GetWindowLongW
IsWindow
GetSubMenu
LoadMenuW
GetWindow
PtInRect
CopyRect
SetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
MessageBoxW
GetMenuItemCount
GetMenuItemID
ValidateRect
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
InSendMessage

gdi32

PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetCharWidthW
GetBkColor
GetTextColor
GetRgnBox
StretchDIBits
GetCurrentObject
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
StartPage
EndPage
SetAbortProc
AbortDoc
CreateRectRgnIndirect
OffsetRgn
GetDIBits
SetPixel
RoundRect
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetPixelV
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CopyMetaFileW
CreateDCW
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
DeleteObject
GetDeviceCaps
CreateFontW
CreateFontIndirectW
EndDoc
GetStockObject
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetTextExtentPoint32W
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDIBColorTable
StretchBlt
CreateCompatibleBitmap
BitBlt
GetObjectW
DeleteDC
CreateCompatibleDC
SelectObject
CreateDIBSection
SetDIBColorTable
GetPixel

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

GetJobW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextW
RegCloseKey
RegSetValueW
RegQueryValueExW
RegOpenKeyExW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW
RegEnumValueW
CryptGetHashParam
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

shell32

SHBrowseForFolderW
ExtractIconW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
DragFinish
DragQueryFileW
ShellExecuteExW
SHAddToRecentDocs
SHGetMalloc
SHAppBarMessage

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

StrStrIW
PathFileExistsW
StrCatW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoDisconnectObject
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
OleGetIconOfClass
StringFromCLSID
OleCreateLinkToFile
OleCreateFromFile
CreateItemMoniker
CoInitializeEx
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
PropVariantCopy
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
OleSave
WriteClassStm
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CLSIDFromString
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
OleSetContainedObject
GetHGlobalFromILockBytes
SetConvertStg
CoTaskMemFree
CreateStreamOnHGlobal
OleLoad
OleCreate
CoTreatAsClass
OleCreateStaticFromData

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
VariantInit
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
VariantChangeType
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
RegisterTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
SysAllocStringLen
SafeArrayGetElement
LoadTypeLi

oledlg

OleUIBusyW

gdiplus

GdiplusShutdown
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawString
GdipCreateSolidFill
GdipCloneBrush
GdipCreateFromHWNDICM
GdipCreateFromHWND
GdipSetSmoothingMode
GdipDrawImageRectI
GdipCreateFontFamilyFromName
GdipCreateFont
GdipSetTextRenderingHint
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipCreateCachedBitmap
GdipDrawCachedBitmap
GdipResetWorldTransform
GdipDeleteCachedBitmap
GdipDeleteBrush
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCreateFromHDC
GdipDrawImageRectRect
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDeleteGraphics
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusStartup

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 538KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

899aa062e2c991b9eb55cf8fdf03d29d

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

hid

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 538KB - Virtual size: 538KB

.data Size: 37KB - Virtual size: 71KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 182KB - Virtual size: 182KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 538KB - Virtual size: 538KB

.data
Size: 37KB - Virtual size: 71KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 182KB - Virtual size: 182KB