567be047245fd2abacf0cf94a7a649e4d5e4bccbb6d7b4f85e12c8f4fdbf8098

Sharing

Copy URL Twitter E-mail

General

Target

567be047245fd2abacf0cf94a7a649e4d5e4bccbb6d7b4f85e12c8f4fdbf8098
Size

14.3MB
MD5

6b9213cbe37dfffd26564df430bea6ab
SHA1

75bc0d4fb839fed1d1e5a13e99c7ca761fde67f2
SHA256

567be047245fd2abacf0cf94a7a649e4d5e4bccbb6d7b4f85e12c8f4fdbf8098
SHA512

964d772b77f10ff640178fec28c3d5e28f63eb546cde66d86b67e72b28e57a596cb69c8f398146d86cda43e69be1841451948c26bb3244cb5e72fe9547a07f3b
SSDEEP

393216:3hBsPA6NsMWHjQ9gEKpRUOsb7GeuBJRKjYdFS:3hBnUcKqpOhbKfroyI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
567be047245fd2abacf0cf94a7a649e4d5e4bccbb6d7b4f85e12c8f4fdbf8098

Files

567be047245fd2abacf0cf94a7a649e4d5e4bccbb6d7b4f85e12c8f4fdbf8098
.exe windows:5 windows x86

9c33b6b42ab4200437de43d7bcfa07aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
ExitThread
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetModuleHandleExW
GetACP
GetOEMCP
GetStringTypeW
SetFilePointerEx
GetTimeZoneInformation
OutputDebugStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetEnvironmentVariableA
ExitProcess
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
SetErrorMode
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalGetAtomNameW
GetThreadLocale
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
ResumeThread
lstrcmpA
GetCurrentThread
GetFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
GetCurrentProcessId
GlobalFindAtomW
VirtualAlloc
LoadLibraryW
LoadLibraryA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
Sleep
CreateProcessW
GetPrivateProfileIntW
WritePrivateProfileStringW
SetEvent
ResetEvent
CreateFileA
SetThreadPriority
GetModuleFileNameA
GetTempFileNameA
GetTempPathA
GetSystemTime
IsWow64Process
CreateEventW
EnterCriticalSection
LeaveCriticalSection
lstrcpynW
TerminateThread
CreateThread
lstrcpyW
RemoveDirectoryW
SetLastError
GetFileSizeEx
GetTempPathW
GetModuleFileNameW
CopyFileW
GetPrivateProfileStringW
FreeResource
lstrcmpW
GetSystemInfo
GetProcAddress
TerminateProcess
CreateProcessA
GetVersionExW
OpenProcess
GetModuleHandleW
WaitForSingleObject
GetCurrentProcess
FileTimeToSystemTime
GetTickCount
UnmapViewOfFile
GetFileSize
LocalFileTimeToFileTime
CloseHandle
GetCurrentDirectoryW
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
WriteFile
SetFileTime
CreateDirectoryW
SystemTimeToFileTime
SetFilePointer
DeleteFileW
DeleteCriticalSection
FindNextFileW
DecodePointer
RtlUnwind
WideCharToMultiByte
GetSystemTimeAsFileTime
GlobalAddAtomW
LockResource
FindClose
HeapSize
GetLastError
RaiseException
HeapDestroy
SizeofResource
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
MoveFileExW
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
FindFirstFileW
HeapReAlloc
IsValidCodePage

user32

CharNextW
GetSysColorBrush
GetSystemMetrics
ShowOwnedPopups
TranslateMessage
GetMessageW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
InflateRect
DefFrameProcW
DrawMenuBar
FrameRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
DrawTextExW
DrawTextW
WindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
CopyIcon
ShowWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsRectEmpty
OffsetRect
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
IsWindowEnabled
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
DestroyMenu
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetMenuItemInfoW
CopyImage
RealChildWindowFromPoint
RegisterClipboardFormatW
CharUpperW
DeleteMenu
SetTimer
KillTimer
GetNextDlgGroupItem
MessageBeep
DrawIcon
GetWindowRgn
DestroyCursor
GetDoubleClickTime
SetClassLongW
LockWindowUpdate
SetParent
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
LoadImageW
SetRectEmpty
DrawFocusRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
UnhookWindowsHookEx
DefMDIChildProcW
GetMenuDefaultItem
CreatePopupMenu
PostThreadMessageW
DestroyIcon
IsIconic
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
SetForegroundWindow
MoveWindow
UpdateWindow
SetWindowPos
PostMessageW
ScreenToClient
DrawIconEx
SystemParametersInfoW
GetClientRect
GetSysColor
GetParent
LoadCursorW
SetCursor
InvalidateRect
SetWindowRgn
GetWindowRect
FillRect
GetDC
ReleaseDC
LoadBitmapW
EnableWindow
SendMessageW
GetCursorPos
SetCapture
PtInRect
ReleaseCapture
GetCapture
GetAsyncKeyState
GetWindowThreadProcessId
GetDesktopWindow
wsprintfW
UnregisterClassW
SendDlgItemMessageA

advapi32

OpenProcessToken
RegQueryValueExW
LookupPrivilegeValueW
RegOpenKeyExW
AdjustTokenPrivileges
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW

ole32

ReleaseStgMedium
OleGetClipboard
CoGetClassObject
OleDuplicateData
StgCreateDocfileOnILockBytes
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoInitializeEx
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW
SHGetFolderPathW
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetFileInfoW

oleaut32

VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantChangeType
VariantCopy
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
SysFreeString

shlwapi

SHDeleteKeyW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindFileNameW
PathRemoveFileSpecW

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

gdi32

GetTextFaceW
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
RoundRect
CreateRoundRectRgn
OffsetRgn
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetDIBColorTable
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetBkColor
DPtoLP
SetRectRgn
GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
GetStockObject
CreateCompatibleDC
SelectObject
DeleteObject
CreateDIBSection
DeleteDC
GetObjectW
CreateCompatibleBitmap
StretchBlt
CreateRectRgn
GetPixel
CombineRgn
BitBlt
CreateFontIndirectW
CopyMetaFileW
CreateDCW
GetDeviceCaps
SetBkColor
SetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateBitmap
PatBlt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_Draw
ImageList_AddMasked

uxtheme

DrawThemeText
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetThemePartSize
DrawThemeParentBackground
OpenThemeData

oledlg

OleUIBusyW

gdiplus

GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipAlloc
GdipBitmapUnlockBits
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDisposeImage

wininet

InternetCloseHandle
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetSetFilePointer
InternetCheckConnectionW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20.6MB - Virtual size: 20.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c33b6b42ab4200437de43d7bcfa07aa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

psapi

gdi32

msimg32

winspool.drv

comctl32

uxtheme

oledlg

gdiplus

wininet

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 351KB - Virtual size: 351KB

.data Size: 27KB - Virtual size: 62KB

.rsrc Size: 20.6MB - Virtual size: 20.6MB

.reloc Size: 124KB - Virtual size: 123KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 351KB - Virtual size: 351KB

.data
Size: 27KB - Virtual size: 62KB

.rsrc
Size: 20.6MB - Virtual size: 20.6MB

.reloc
Size: 124KB - Virtual size: 123KB