a4f50d6a1302ce3868d29c607675fe0e4edf03618987d640cf18e38661553143

Sharing

Copy URL Twitter E-mail

General

Target

a4f50d6a1302ce3868d29c607675fe0e4edf03618987d640cf18e38661553143
Size

5.6MB
MD5

d203fc782dcb6cf96f4f77bb1329bbdc
SHA1

7d6ae371c5f38077c90201deee80cc12cf6f38be
SHA256

a4f50d6a1302ce3868d29c607675fe0e4edf03618987d640cf18e38661553143
SHA512

c5fcde052e716043539884ff08c119c54da4d960bcb3462c94816f03d075b8cff7b330a53a36d6095ffdc04e3dac983d3db7520f56a759d3d79cd00b9fc5c57a
SSDEEP

98304:rFr8DitrfkMAXg4Qbr3C4JZuhojeI4ZZfXSbMFp3os2YabfWMs1d3sMh5/K:rFrbt1xbr3t+3lXSwFpYj1StC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4f50d6a1302ce3868d29c607675fe0e4edf03618987d640cf18e38661553143

Files

a4f50d6a1302ce3868d29c607675fe0e4edf03618987d640cf18e38661553143
.exe windows:4 windows x86

adceaaeff3c3c2f95ea2db39de2bf8e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetAtomNameW
HeapCreate
HeapDestroy
lstrcmpiA
RtlZeroMemory
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleHandleA
ExitProcess
HeapReAlloc
IsBadReadPtr
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
DeleteFileA
Sleep
MapViewOfFile
GetTickCount
CloseHandle
WriteFile
GetCommandLineA
FreeLibrary
GetCommandLineW
LoadLibraryA
LCMapStringA
CreateFileMappingA
OpenFileMappingA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
CreateFileA
GetDiskFreeSpaceExA
GlobalMemoryStatusEx
Process32Next
Process32First
CreateToolhelp32Snapshot
GetFileAttributesA
GetCurrentProcess
GetCurrentDirectoryW
TerminateProcess
GetModuleHandleW
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenW
lstrlenA
LocalSize
WideCharToMultiByte
HeapFree
InterlockedDecrement
InterlockedIncrement
RtlMoveMemory
HeapAlloc
GetProcessHeap
CreateThread
CreateEventA
OpenEventA
CreateMutexA
SetWaitableTimer
CreateWaitableTimerA
GetProcAddress
UnmapViewOfFile
WaitForSingleObject
MultiByteToWideChar
LocalFree
LocalAlloc
OpenProcess
GetCurrentProcessId

user32

wsprintfA
DispatchMessageA
GetMessageA
PeekMessageA
RemovePropA
RemovePropW
GetPropA
GetPropW
SetPropA
SetPropW
KillTimer
MessageBoxW
SetWindowTextW
SetParent
MoveWindow
UpdateWindow
ValidateRect
MessageBoxA
MenuItemFromPoint
GetMenuDefaultItem
GetMenuState
GetMenuItemRect
GetMenuStringW
TrackPopupMenu
SetForegroundWindow
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
SetMenuInfo
InsertMenuW
AppendMenuW
IsWindowVisible
GetWindowTextA
GetClassNameA
CharLowerW
CharUpperW
LoadStringW
SetMenuDefaultItem
SetMenuItemInfoW
RemoveMenu
CheckMenuItem
GetWindowThreadProcessId
CreateWindowStationA
SetTimer
GetAsyncKeyState
CallWindowProcA
GetIconInfo
DestroyCursor
DestroyIcon
FindWindowA
MsgWaitForMultipleObjects
GetMenuItemInfoW
GetMenuItemCount
DestroyMenu
GetMenuInfo
LoadMenuW
InvalidateRect
ScreenToClient
PostMessageW
ShowWindow
CallWindowProcW
CreateMDIWindowW
DialogBoxParamW
CreateDialogParamW
EndDialog
DialogBoxIndirectParamW
DestroyWindow
SetClassLongW
GetClassLongW
CreateDialogIndirectParamW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
PostQuitMessage
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
TranslateMDISysAccel
IsChild
GetSystemMenu
CreatePopupMenu
CreateMenu
UpdateLayeredWindow
SystemParametersInfoW
RegisterWindowMessageW
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
EnumPropsExW
IsWindow
SetWindowRgn
BeginPaint
EndPaint
TrackMouseEvent
GetDlgItem
GetAncestor
SetWindowLongW
FindWindowExW
GetMessageW
GetClassNameW
GetWindowTextLengthW
GetWindowTextW
GetParent
GetWindowLongW
SendMessageW
SetCursor
GetClientRect
SetCapture
ReleaseCapture
LoadCursorW
DestroyAcceleratorTable
GetSysColor
IsWindowEnabled
EnableWindow
SetWindowPos
GetWindowRect
GetNextDlgTabItem
SetFocus
GetDC
DrawTextA
ReleaseDC
OffsetRect
DefWindowProcW
GetWindowDC
FillRect
ClientToScreen
CreateIconFromResourceEx
LoadImageW
LoadIconW
CopyIcon
DrawIconEx
SetRect
GetFocus

advapi32

OpenProcessToken
AllocateAndInitializeSid
GetTokenInformation
EqualSid
FreeSid
DeleteService
ControlService
OpenServiceA
CloseServiceHandle
StartServiceA
CreateServiceA
OpenSCManagerA

shell32

DragAcceptFiles
CommandLineToArgvW
Shell_NotifyIconW
DragFinish
DragQueryFileW
ShellExecuteA
ShellExecuteExW

ole32

CoUninitialize
CoInitialize
CLSIDFromString
GetHGlobalFromStream
StringFromGUID2
CreateStreamOnHGlobal

winmm

PlaySoundA

shlwapi

wvnsprintfW
StrToIntW
StrTrimW
PathFindFileNameW
PathRemoveFileSpecW
StrToIntExW

ws2_32

WSAStartup
socket
htons
inet_addr
connect
gethostbyname
send
recv
getsockname
ntohs
WSAAsyncSelect
select
WSACleanup
closesocket

gdi32

CreatePatternBrush
CreateEllipticRgn
CreateFontIndirectW
GetDIBits
StretchBlt
SetStretchBltMode
GetStretchBltMode
BitBlt
CreateRoundRectRgn
CreateDIBSection
CreateCompatibleDC
GetObjectW
CreateSolidBrush
GetStockObject
SetBkColor
SetBkMode
SetTextColor
DeleteDC
SelectObject
DeleteObject

comctl32

InitCommonControlsEx

gdiplus

GdipMeasureCharacterRanges
GdipDrawDriverString
GdipDrawImage
GdipDrawImageRectRect
GdipDrawImageRect
GdipDrawImagePoints
GdipDrawImagePointRect
GdipDrawImagePointsRect
GdipSetClipGraphics
GdipSetClipPath
GdipSetClipRect
GdipSetClipRegion
GdipSetClipHrgn
GdipResetClip
GdipTranslateClip
GdipGetClip
GdipGetClipBounds
GdipGetVisibleClipBounds
GdipIsClipEmpty
GdipIsVisibleClipEmpty
GdipIsVisiblePoint
GdipIsVisibleRect
GdipDrawArc
GdipRestoreGraphics
GdipBeginContainer
GdipBeginContainer2
GdipEndContainer
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipCloneImage
GdipGetImageRawFormat
GdipGetImagePixelFormat
GdipSaveImageToStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageDimension
GdipGetImageBounds
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipGetImageThumbnail
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipCreateHICONFromBitmap
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCloneBitmapArea
GdipBitmapSetResolution
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipCreateMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipCreateFromHWND
GdipCreateFont
GdipCreateFontFromLogfontW
GdipDeletePrivateFontCollection
GdipDeleteFontFamily
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneFont
GdipGetLogFontW
GdipGetLogFontA
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontUnit
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipCreatePath
GdipCreatePath2
GdipClonePath
GdipResetPath
GdipGetPathFillMode
GdipSetPathFillMode
GdipGetPointCount
GdipGetPathData
GdipStartPathFigure
GdipClosePathFigure
GdipClosePathFigures
GdipSetPathMarker
GdipClearPathMarkers
GdipReversePath
GdipGetPathLastPoint
GdipAddPathLine
GdipAddPathArc
GdipAddPathBezier
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathRectangle
GdipAddPathLineI
GdipAddPathArcI
GdipAddPathEllipse
GdipAddPathPie
GdipAddPathPolygon
GdipAddPathPath
GdipAddPathString
GdipTransformPath
GdipGetPathWorldBounds
GdipFlattenPath
GdipWidenPath
GdipWindingModeOutline
GdipWarpPath
GdipDrawPath
GdipCreateRegion
GdipCreateRegionRect
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRgnData
GdipCloneRegion
GdipSetInfinite
GdipSetEmpty
GdipCombineRegionRect
GdipCombineRegionRegion
GdipCombineRegionPath
GdipTranslateRegion
GdipTransformRegion
GdipGetRegionBounds
GdipGetRegionDataSize
GdipGetRegionData
GdipGetRegionHRgn
GdipIsEmptyRegion
GdipIsInfiniteRegion
GdipIsEqualRegion
GdipIsVisibleRegionPoint
GdipIsVisibleRegionRect
GdipGetRegionScansCount
GdipGetRegionScans
GdipCreateMatrix2
GdipCreateMatrix3
GdipCloneMatrix
GdipSetMatrixElements
GdipGetMatrixElements
GdipMultiplyMatrix
GdipInvertMatrix
GdipScaleMatrix
GdipShearMatrix
GdipTransformMatrixPoints
GdipVectorTransformMatrixPoints
GdipIsMatrixInvertible
GdipIsMatrixIdentity
GdipIsMatrixEqual
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilyMonospace
GdipGetFamilyName
GdipIsStyleAvailable
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipDrawLine
GdipGetNearestColor
GdipTransformPointsI
GdipTransformPoints
GdipDrawPolygon
GdipDrawPie
GdipGetDpiY
GdipGetDpiX
GdipGetPageScale
GdipSetPageScale
GdipGetPageUnit
GdipSetPageUnit
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDeleteMatrix
GdipGetWorldTransform
GdipSetWorldTransform
GdipGetPixelOffsetMode
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipReleaseDC
GdipGetDC
GdipFlush
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesColorMatrix
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesWrapMode
GdipSetImageAttributesRemapTable
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesColorKeys
GdipSetImageAttributesGamma
GdipSetImageAttributesNoOp
GdipSetImageAttributesThreshold
GdipResetImageAttributes
GdipSetImageAttributesToIdentity
GdipCloneImageAttributes
GdipCreateImageAttributes
GdipDeleteRegion
GdipDeletePath
GdipDeleteFont
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipDeleteBrush
GdipFillRectangle
GdipCreateTexture
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2
GdipFillClosedCurve
GdipFillPath
GdipFillPie
GdipFillEllipse
GdipFillPolygon
GdipGraphicsClear
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2
GdipIsOutlineVisiblePathPoint
GdipDrawCurve
GdipDrawEllipse
GdipDrawRectangle
GdipIsVisiblePathPoint
GdipDrawBezier
GdipSaveGraphics
GdipSetImageAttributesOutputChannelColorProfile

atl

ord42

crypt32

CryptStringToBinaryW

uxtheme

SetWindowTheme

msimg32

AlphaBlend

msvcrt

_stricmp
??2@YAPAXI@Z
atoi
_ftol
sprintf
strtod
_atoi64
strncpy
strncmp
_CIfmod
floor
strchr
atof
srand
strrchr
free
??3@YAXPAX@Z
malloc
strstr
realloc

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 852KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adceaaeff3c3c2f95ea2db39de2bf8e7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

winmm

shlwapi

ws2_32

gdi32

comctl32

gdiplus

atl

crypt32

uxtheme

msimg32

msvcrt

oleaut32

iphlpapi

psapi

winspool.drv

comdlg32

Sections

.text Size: 852KB - Virtual size: 852KB

.sedata Size: 4.7MB - Virtual size: 4.7MB

.idata Size: 13KB - Virtual size: 16KB

.rsrc Size: 17KB - Virtual size: 20KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 852KB - Virtual size: 852KB

.sedata
Size: 4.7MB - Virtual size: 4.7MB

.idata
Size: 13KB - Virtual size: 16KB

.rsrc
Size: 17KB - Virtual size: 20KB

.sedata
Size: 4KB - Virtual size: 4KB