ffa3ecb4931a2f3926b913c56f292cab4838a4a1007f955a35ddf3714d978e65

Sharing

Copy URL Twitter E-mail

General

Target

ffa3ecb4931a2f3926b913c56f292cab4838a4a1007f955a35ddf3714d978e65
Size

3.4MB
MD5

a0dc9887a84196a7fde2c089240d754a
SHA1

60461be5bb0d94e6b7f6a9b006144c0d2a767594
SHA256

ffa3ecb4931a2f3926b913c56f292cab4838a4a1007f955a35ddf3714d978e65
SHA512

ee89d0d6b894c2337f8f43efe05d488c1509da2bb84d0a261a4e530e5ae01dcad0496f8923af4a349718a344e6bc60f91e9575c9bae4da3a65c39065648d95cd
SSDEEP

49152:lgTfNgQadU5RWIu4cnzgl2L0imVm33psE/ipTe:tdDIu42Em33psEMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffa3ecb4931a2f3926b913c56f292cab4838a4a1007f955a35ddf3714d978e65

Files

ffa3ecb4931a2f3926b913c56f292cab4838a4a1007f955a35ddf3714d978e65
.exe windows:5 windows x64

3d3f3282202b8cd424b589144767eaf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapAlloc
HeapReAlloc
CreateProcessA
MoveFileA
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
UnhandledExceptionFilter
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetFileAttributesA
CreatePipe
GetExitCodeProcess
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetEnvironmentStrings
TerminateProcess
RtlPcToFileHeader
RaiseException
HeapFree
ExitProcess
RtlUnwindEx
RtlLookupFunctionEntry
GetStartupInfoW
GetFileSizeEx
GetFileAttributesW
SetErrorMode
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GlobalFlags
GetProfileIntW
lstrlenA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
FormatMessageW
LocalFree
VirtualProtect
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalGetAtomNameW
WideCharToMultiByte
GlobalReAlloc
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetCurrentThreadId
SetLastError
MulDiv
GetVersion
GetLocaleInfoW
EnumSystemLocalesW
lstrlenW
lstrcpyW
GetTickCount
RemoveDirectoryW
CreateDirectoryW
CopyFileW
MoveFileExW
GetModuleHandleW
GetModuleFileNameA
GetLastError
FormatMessageA
LoadLibraryA
EndUpdateResourceW
BeginUpdateResourceW
IsBadReadPtr
FreeLibrary
FindNextFileW
GetTempPathW
GetTempFileNameW
UpdateResourceW
DeleteFileW
CreateFileW
CreateFileA
GetCurrentProcess
GetVersionExW
Sleep
CreateProcessW
GetShortPathNameW
GlobalFree
DeleteFileA
ReleaseMutex
WaitForSingleObject
FindFirstFileW
FindClose
CreateMutexW
VirtualAlloc
CompareStringA
CompareStringW
GlobalSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeResource
OpenThread
TerminateThread
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynW
LoadLibraryW
GetProcAddress
GetWindowsDirectoryW
GetSystemDirectoryW
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
ExitThread
GetLongPathNameW
GetFileSize
ReadFile
VirtualFree
CreateThread
GetModuleFileNameW
GetCommandLineW
GetTempPathA
GetTempFileNameA
WriteFile

user32

SetWindowContextHelpId
CharUpperW
UnregisterClassW
CharNextW
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SystemParametersInfoA
UnpackDDElParam
ReuseDDElParam
WinHelpW
GetWindowThreadProcessId
IsWindowEnabled
SetWindowLongW
PeekMessageW
LoadAcceleratorsW
UpdateWindow
InsertMenuItemW
GetLastActivePopup
BringWindowToTop
TranslateAcceleratorW
GetMenuStringW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgCtrlID
EqualRect
GetDoubleClickTime
GetCapture
InvertRect
ClipCursor
DrawFrameControl
ShowScrollBar
UnionRect
SetParent
SetFocus
GetDesktopWindow
DrawMenuBar
RemoveMenu
ModifyMenuW
InsertMenuW
GetMenuState
GetMenuItemID
GetMenuDefaultItem
DeleteMenu
DrawEdge
ValidateRect
BeginPaint
EndPaint
SetMenu
GetMenuItemCount
CallNextHookEx
GetClassNameW
SetPropW
CallWindowProcW
GetPropW
RemovePropW
UnhookWindowsHookEx
SetWindowsHookExW
IntersectRect
IsRectEmpty
ShowOwnedPopups
GetMenu
WindowFromDC
CopyAcceleratorTableW
MapVirtualKeyW
GetKeyNameTextW
CopyImage
SystemParametersInfoW
IsMenu
GetWindowDC
GetWindow
SetWindowPlacement
IsDialogMessageW
SetActiveWindow
GetMessagePos
MapWindowPoints
GetSysColorBrush
ShowCursor
TrackMouseEvent
IsWindow
MessageBeep
SetCapture
SetTimer
SetRectEmpty
SetRect
PtInRect
GetMessageW
CopyIcon
GetKeyState
ReleaseCapture
GetCursor
GetClassInfoW
DefWindowProcW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowLongW
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
DrawFocusRect
DrawStateW
FrameRect
OffsetRect
InflateRect
CopyRect
LoadMenuW
LoadImageW
GetIconInfo
CreateIconIndirect
TrackPopupMenuEx
SetCursor
DestroyIcon
DestroyCursor
GetDC
ReleaseDC
CreateIconFromResourceEx
GetSysColor
FillRect
CreateWindowExW
SetWindowPos
MessageBoxA
DrawIconEx
EndDialog
GetDlgItemTextA
MessageBoxW
IsDlgButtonChecked
GetWindowTextLengthW
SetDlgItemTextW
PostMessageW
GetWindowTextA
GetClipboardData
IsClipboardFormatAvailable
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
MapDialogRect
EnumClipboardFormats
GetClipboardFormatNameW
IsWindowVisible
CreateDialogParamW
SetWindowTextA
RedrawWindow
SetWindowTextW
MoveWindow
OpenClipboard
SendMessageA
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
CreateDialogIndirectParamW
RegisterWindowMessageW
SendDlgItemMessageA
SendDlgItemMessageW
GetMenuItemInfoW
GetClassLongPtrW
EmptyClipboard
RegisterClipboardFormatW
SetClipboardData
CloseClipboard
GetParent
wsprintfA
AppendMenuW
LoadIconW
LoadCursorW
ScreenToClient
GetWindowRect
IsIconic
GetSubMenu
CreatePopupMenu
DrawIcon
GetWindowPlacement
GetWindowLongPtrW
SetWindowLongPtrW
GetWindowTextW
ShowWindow
SetForegroundWindow
GetSystemMetrics
LoadBitmapW
InvalidateRect
GetClientRect
wsprintfW
GetDlgItemTextW
GetDlgItem
EnableWindow
TranslateMessage
DispatchMessageW
IsChild
GetFocus
MenuItemFromPoint
SendMessageW
GetCursorPos
KillTimer
DestroyMenu
GetSystemMenu
GetMenuItemRect

gdi32

GetTextMetricsW
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetClipBox
ExtSelectClipRgn
CopyMetaFileW
GetMapMode
GetCharWidthW
StretchDIBits
GetRgnBox
SetBkMode
RestoreDC
OffsetWindowOrgEx
SaveDC
SetTextAlign
MoveToEx
GetTextExtentPointW
GetCurrentPositionEx
GetTextColor
EndDoc
AbortDoc
EndPage
StartPage
StartDocW
GetBkColor
PatBlt
DPtoLP
CreateEllipticRgn
CreateRoundRectRgn
RoundRect
GetNearestColor
SetBrushOrgEx
GetDeviceCaps
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
UnrealizeObject
SelectClipRgn
SetWindowOrgEx
ScaleWindowExtEx
CreateSolidBrush
Rectangle
CreateFontW
CreatePen
GetDIBits
SetDIBits
PtInRegion
StretchBlt
FillRgn
CreatePolygonRgn
PlgBlt
SetBoundsRect
Escape
ExtTextOutW
RectVisible
PtVisible
GetPixel
SetPixel
SetTextColor
GetStockObject
SetStretchBltMode
SelectPalette
RealizePalette
CreateDIBitmap
CreatePalette
CreateDIBSection
GetCurrentObject
CreateBitmap
GetObjectW
SetBkColor
DeleteDC
GetTextExtentPoint32W
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
TextOutA
TextOutW
CreateFontIndirectW
DeleteObject
GetTextAlign

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegSetValueW
RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegCreateKeyW
RegQueryValueW

shell32

ExtractIconW
DragQueryFileW
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
DragFinish

comctl32

ord17
ImageList_Add
ImageList_Create
ImageList_Destroy
InitCommonControlsEx
ord8
_TrackMouseEvent
ImageList_GetIconSize
ImageList_DrawEx

shlwapi

PathMatchSpecW
StrRetToStrW
StrFormatByteSizeW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
ReleaseStgMedium
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoUninitialize
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoGetClassObject
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject

oleaut32

SysAllocString
OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
OleLoadPicture

gdiplus

GdipCreateSolidFill
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeleteBrush
GdipDisposeImage
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipFillRectangleI
GdipCloneImage

imagehlp

BindImageEx
MapFileAndCheckSumW
UnDecorateSymbolName

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 640KB - Virtual size: 639KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 671KB - Virtual size: 671KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d3f3282202b8cd424b589144767eaf4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

imagehlp

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 640KB - Virtual size: 639KB

.data Size: 67KB - Virtual size: 102KB

.pdata Size: 96KB - Virtual size: 96KB

.rsrc Size: 671KB - Virtual size: 671KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 640KB - Virtual size: 639KB

.data
Size: 67KB - Virtual size: 102KB

.pdata
Size: 96KB - Virtual size: 96KB

.rsrc
Size: 671KB - Virtual size: 671KB