8202870f3f5dc97d6b852d5585e154f968b3670a2a010e52539bdcead38fad13

Sharing

Copy URL Twitter E-mail

General

Target

8202870f3f5dc97d6b852d5585e154f968b3670a2a010e52539bdcead38fad13
Size

1.8MB
MD5

0fbf4e1ae6cf054f4154beaba45123a4
SHA1

5163494a1654cc4f45eb65449d10a71948da6eac
SHA256

8202870f3f5dc97d6b852d5585e154f968b3670a2a010e52539bdcead38fad13
SHA512

48ac27677952efce0092f8b7f547fe3bacd31ef7dc2cdc1b098fd78dfbdfb2a065bf8e86be7f0976e6459802338035ec0980ffc6382f07cfa2ff4461dfa4b1d2
SSDEEP

49152:GZBEgSvyuh3hYOT2Mv1NEeM8KD0Ola8qFiHE3Kqh7a:jgSvyuh3yOvv1NEeM8KdkiHE3K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8202870f3f5dc97d6b852d5585e154f968b3670a2a010e52539bdcead38fad13

Files

8202870f3f5dc97d6b852d5585e154f968b3670a2a010e52539bdcead38fad13
.exe windows:6 windows x86

eb3ca165504c35bf7bf6d9e90c8e9bdf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
UnhandledExceptionFilter
LCMapStringW
OutputDebugStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetTimeZoneInformation
IsValidCodePage
GetFileType
SetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
HeapQueryInformation
VirtualQuery
GetSystemInfo
GetModuleHandleExW
CreateFileA
ExitProcess
ExitThread
CreateThread
GetCommandLineA
GetSystemTimeAsFileTime
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
Sleep
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetTickCount
GetWindowsDirectoryA
GetCPInfo
GetOEMCP
SetErrorMode
FileTimeToSystemTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
LocalReAlloc
LocalAlloc
GlobalHandle
TerminateProcess
RtlUnwind
SetUnhandledExceptionFilter
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetACP
InitializeCriticalSection
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
EncodePointer
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
LoadLibraryA
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
FindResourceA
LoadLibraryW
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
SetLastError
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
WaitForSingleObject
WritePrivateProfileStringA
VirtualAlloc
CloseHandle
WriteFile
ReadFile
GetFileSize

user32

SubtractRect
CreateMenu
DestroyCursor
GetWindowRgn
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
PostThreadMessageA
SetParent
GetSystemMenu
UnionRect
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
LoadImageA
SetRectEmpty
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
GetMenuItemInfoA
DestroyMenu
InflateRect
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
OffsetRect
CharNextA
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
InvalidateRect
DeleteMenu
SystemParametersInfoA
CopyImage
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
IsDialogMessageA
SetWindowTextA
CheckDlgButton
GetUpdateRect
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SendDlgItemMessageA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
CharUpperA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
KillTimer
SetTimer
WaitMessage
CopyRect
ReleaseDC
GetDC
MapVirtualKeyA
GetKeyNameTextA
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongA
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
LockWindowUpdate
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
LoadBitmapW
GetParent
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
UnregisterClassA
LoadIconW
SetWindowLongA
GetWindowLongA
GetClientRect
DrawIcon
GetSystemMetrics
EnableWindow
IsIconic
SendMessageA
DestroyIcon

gdi32

TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
MoveToEx
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
SetROP2
SetPolyFillMode
GetObjectA
SetTextColor
Ellipse
CreateBitmap
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
PatBlt
CreateRectRgnIndirect
SetTextAlign

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
DragFinish
DragQueryFileA

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetWindowTheme
GetThemeSysColor
IsAppThemed
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
CloseThemeData
GetThemePartSize
OpenThemeData
DrawThemeParentBackground

ole32

CoCreateInstance
CoUninitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoInitialize
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoInitializeEx
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoRevokeClassObject
OleGetClipboard
CoRegisterMessageFilter
OleIsCurrentClipboard
CoCreateGuid
OleFlushClipboard

oleaut32

SysAllocStringLen
VarBstrFromDate
VariantCopy
LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysFreeString

oledlg

ord8

ws2_32

WSAStartup
WSACleanup
WSASetLastError

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb3ca165504c35bf7bf6d9e90c8e9bdf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

wininet

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 305KB - Virtual size: 305KB

.data Size: 26KB - Virtual size: 55KB

.rsrc Size: 37KB - Virtual size: 36KB

.reloc Size: 117KB - Virtual size: 117KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 305KB - Virtual size: 305KB

.data
Size: 26KB - Virtual size: 55KB

.rsrc
Size: 37KB - Virtual size: 36KB

.reloc
Size: 117KB - Virtual size: 117KB