87946fbac0d25dc6d17d33204a12d225a78e5c88fd99b850a3f1fe4f0d21afb1

Sharing

Copy URL

Twitter E-mail

General

Target

87946fbac0d25dc6d17d33204a12d225a78e5c88fd99b850a3f1fe4f0d21afb1
Size

2.2MB
MD5

d93ae8cf48c5ac6530e21594333b0a23
SHA1

da9d66907afbe4faeac899e90bb876b511f5852b
SHA256

87946fbac0d25dc6d17d33204a12d225a78e5c88fd99b850a3f1fe4f0d21afb1
SHA512

18ca2b88e0577b5e3403e8d8d3857ccad13d7e1a7d511944a7ce40866bd6ea0c03d407c1915e4300ff26224b2861bdaf98e5aeb3350dd55caf2d02267d5a9524
SSDEEP

49152:w3/cMF7sgsTmeALy/MzOpoo55EDQCsaA+tY3XFwFjmFNLP32NuZ8VMNVlPf:slF7sgsTmeiysOf55EDQCsaA+ttmrLPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87946fbac0d25dc6d17d33204a12d225a78e5c88fd99b850a3f1fe4f0d21afb1

Files

87946fbac0d25dc6d17d33204a12d225a78e5c88fd99b850a3f1fe4f0d21afb1
.exe windows:5 windows x86

601365636016786e7bfc856f3851434c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
IsValidCodePage
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
SetStdHandle
GetCurrentDirectoryW
GetStringTypeW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
CreateFileW
HeapSize
HeapQueryInformation
VirtualQuery
VirtualAlloc
RaiseException
RtlUnwind
FindFirstFileExA
GetDriveTypeA
GetFileInformationByHandle
ExitThread
GetSystemTimeAsFileTime
Sleep
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
IsDebuggerPresent
GetProfileIntA
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
GetOEMCP
GetCPInfo
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
SetErrorMode
GetACP
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetVersionExA
LoadLibraryW
lstrcmpW
GetCurrentProcessId
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetThreadLocale
GetPrivateProfileStringA
GetPrivateProfileIntA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SearchPathA
TerminateProcess
FindResourceA
FreeResource
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
ActivateActCtx
DeactivateActCtx
InterlockedExchange
lstrcmpA
GetModuleHandleW
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
lstrlenW
MulDiv
MultiByteToWideChar
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
LoadLibraryA
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
GetTickCount
SetEvent
VirtualFreeEx
WritePrivateProfileStringA
GetModuleFileNameA
ReadProcessMemory
VirtualAllocEx
OpenProcess
GetCurrentProcess
GetModuleHandleA
GetProcAddress
CreateThread
EscapeCommFunction
PurgeComm
SetupComm
SetCommMask
GetOverlappedResult
WaitForSingleObject
CreateEventA
SetCommTimeouts
GetCommTimeouts
SetCommState
GetCommState
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
lstrlenA
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
FindResourceW
DeleteFileA
FindClose
FindFirstFileA
GetSystemInfo
UnmapViewOfFile
CloseHandle
GetLastError
CreateFileA
LCMapStringW

user32

CharUpperBuffA
CopyIcon
FrameRect
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
CopyImage
GetIconInfo
HideCaret
InvertRect
RegisterClipboardFormatA
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongA
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
UnregisterClassA
DestroyIcon
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
NotifyWinEvent
RedrawWindow
SetWindowRgn
LoadMenuW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IntersectRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
OffsetRect
CharNextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
LoadCursorA
GetSysColorBrush
SystemParametersInfoA
GetMenuItemInfoA
InflateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
PostThreadMessageA
CheckDlgButton
InvalidateRect
DrawStateA
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
GetFocus
GetWindowRect
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
PtInRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowRgn
FillRect
GetLastActivePopup
MessageBoxA
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
CopyRect
CharUpperA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
AppendMenuA
GetSystemMenu
EnableWindow
SendMessageA
GetWindowThreadProcessId
FindWindowExA
FindWindowA
wsprintfA
DestroyMenu

gdi32

CreateRoundRectRgn
OffsetViewportOrgEx
CreateDIBSection
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
DPtoLP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceA
SetPixelV
SetViewportOrgEx
SelectObject
Escape
GetMapMode
CombineRgn
ExtTextOutA
SetRectRgn
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
GetTextExtentPoint32A
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
TextOutA
RectVisible
PtVisible
GetViewportOrgEx
GetDeviceCaps
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
SetViewportExtEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteKeyA
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
CryptReleaseContext

shell32

DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHAppBarMessage
ShellExecuteA
DragFinish

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathStripPathA
PathRemoveFileSpecW

ole32

OleLockRunning
RegisterDragDrop
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal

oleaut32

SysFreeString
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen

oledlg

ord8

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP

wldap32

ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord46

ws2_32

bind
ntohs
getsockname
htons
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl
setsockopt

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

601365636016786e7bfc856f3851434c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

wldap32

ws2_32

crypt32

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 321KB - Virtual size: 321KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 264KB - Virtual size: 263KB

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 321KB - Virtual size: 321KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 264KB - Virtual size: 263KB

.reloc
Size: 175KB - Virtual size: 175KB