2f9b1fc28d2b909f6015f990f7b50b5162cb9de88a4e1379c59b3c988f291d8d

Sharing

Copy URL Twitter E-mail

General

Target

2f9b1fc28d2b909f6015f990f7b50b5162cb9de88a4e1379c59b3c988f291d8d
Size

2.6MB
MD5

33283b0db05feba75ea571fddf0edfcc
SHA1

4983e2c592a5de2f5de0f764eff4975ce25a3bbb
SHA256

2f9b1fc28d2b909f6015f990f7b50b5162cb9de88a4e1379c59b3c988f291d8d
SHA512

c685de1f301388bbba999f5e605f8d8619589ad495bdc2f7ef6088be914cb4940d1e8c80c7e5423c9b8bc73a165ad0f765fe711eba1a963190e4b143117b4fcb
SSDEEP

49152:v/163ynXLUbQboaYkdH8SCU1DuggSd34tIN5sImaJX62WB2kJYGe97u:vw3yXkQboaYkdH821DuggSd34tIN5hju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f9b1fc28d2b909f6015f990f7b50b5162cb9de88a4e1379c59b3c988f291d8d

Files

2f9b1fc28d2b909f6015f990f7b50b5162cb9de88a4e1379c59b3c988f291d8d
.exe windows:5 windows x86

b53810c2dfecfa47171ad2462982747c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetCurrentDirectoryW
GetTimeZoneInformation
GetProcessHeap
CreateFileW
LCMapStringW
CompareStringW
GetStringTypeW
GetDriveTypeW
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetStdHandle
HeapSize
HeapQueryInformation
VirtualQuery
VirtualAlloc
FindFirstFileExA
GetDriveTypeA
GetFileInformationByHandle
CreateThread
ExitThread
GetSystemTimeAsFileTime
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
DecodePointer
EncodePointer
RaiseException
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
InitializeCriticalSectionAndSpinCount
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
SetErrorMode
GetNumberFormatA
GetWindowsDirectoryA
FileTimeToSystemTime
GetTempFileNameA
GetFileTime
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetThreadLocale
GetACP
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
CopyFileA
GlobalSize
LocalFree
lstrlenW
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
MulDiv
GlobalUnlock
GlobalFree
GetCurrentProcessId
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
ActivateActCtx
DeactivateActCtx
MultiByteToWideChar
lstrcmpW
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
WaitForSingleObject
GetModuleHandleA
LoadLibraryA
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
GetProcAddress
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrlenA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
Sleep
GetModuleFileNameA
lstrcpyA
lstrcatA
WritePrivateProfileStringA
GetTempPathA
GetTickCount
DeleteFileA
FlushViewOfFile
FindFirstFileA
FindClose
CreateFileA
GetLastError
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
GlobalMemoryStatusEx
SetEnvironmentVariableA
GetSystemInfo

user32

GetNextDlgGroupItem
InvalidateRgn
IntersectRect
SetRect
CopyAcceleratorTableA
CharNextA
CharUpperA
DestroyIcon
WaitMessage
WindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
DestroyMenu
GetMenuItemInfoA
InflateRect
GetSysColorBrush
RealChildWindowFromPoint
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
LoadCursorW
SetCapture
KillTimer
SetTimer
OffsetRect
IsRectEmpty
InvalidateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
PostQuitMessage
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassNameA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
MessageBeep
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CallWindowProcA
GetMenu
EnableWindow
GetSystemMetrics
DrawIcon
SendMessageA
IsIconic
GetWindowLongA
SetWindowLongA
SetWindowPos
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SystemParametersInfoA
GetClassLongA
SetClassLongA
SetPropA
FillRect
SetWindowRgn
wsprintfA
LoadBitmapA
LoadImageA
IsWindow
MapWindowPoints
DefWindowProcA
LoadIconA
LoadCursorA
RedrawWindow
GetMenuDefaultItem
MapVirtualKeyA
GetAsyncKeyState
EnableScrollBar
InvertRect
DrawFocusRect
GetWindowRgn
DestroyCursor
RegisterClassExA
PtInRect
DrawTextA
ReleaseCapture
PostMessageA
IsZoomed
GetPropA
GetDC
ReleaseDC
DrawIconEx
LoadIconW
GetClientRect
UnregisterClassA
TranslateAcceleratorA
BringWindowToTop
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
SubtractRect
HideCaret
CharUpperBuffA
CopyIcon
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
PostThreadMessageA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnionRect
GetKeyNameTextA
RegisterClipboardFormatA
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
DestroyAcceleratorTable
SetParent
CopyImage
GetIconInfo
NotifyWinEvent
DestroyWindow
GetDoubleClickTime

gdi32

GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateHatchBrush
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateDIBSection
CopyMetaFileA
CreateDCA
CreateFontIndirectA
GetTextExtentPoint32A
CreateDIBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetViewportExtEx
GetTextColor
GetRgnBox
SetRectRgn
GetMapMode
PatBlt
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
Polyline
Polygon
SetDIBColorTable
SetPixel
Rectangle
OffsetRgn
EnumFontFamiliesExA
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
CreateBitmap
CreateCompatibleBitmap
CreateRectRgn
CreateRoundRectRgn
CombineRgn
DeleteObject
CreateSolidBrush
CreateCompatibleDC
SetBkMode
CreateFontA
StretchBlt
SelectObject
SetTextColor
GetBkColor
BitBlt

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
CryptReleaseContext

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
DragQueryFileA
SHGetFileInfoA
ShellExecuteA
SHAppBarMessage
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathStripPathA
PathRemoveFileSpecW

ole32

CoCreateGuid
CLSIDFromProgID
CLSIDFromString
OleDraw
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoCreateInstance
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRevokeClassObject

oleaut32

SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SysAllocStringByteLen
VarBstrFromDate
SysAllocString
SysFreeString
VariantInit
SysAllocStringLen
VariantChangeType
VariantClear

oledlg

ord8

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

ws2_32

accept
recvfrom
listen
getaddrinfo
freeaddrinfo
connect
ioctlsocket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
gethostname
htonl
ntohl
socket
sendto

wldap32

ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord41
ord46
ord22
ord211
ord143
ord60
ord50

crypt32

CertFreeCertificateContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 329KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b53810c2dfecfa47171ad2462982747c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

ws2_32

wldap32

crypt32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 329KB - Virtual size: 329KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 616KB - Virtual size: 615KB

.reloc Size: 179KB - Virtual size: 179KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 329KB - Virtual size: 329KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 616KB - Virtual size: 615KB

.reloc
Size: 179KB - Virtual size: 179KB