d019eb38c728f5177390404681a56aa54f532ad2d2d5b225bc5fdabcec2b3e61

Sharing

Copy URL Twitter E-mail

General

Target

d019eb38c728f5177390404681a56aa54f532ad2d2d5b225bc5fdabcec2b3e61
Size

612KB
MD5

107ebca1ecde022d57b6f7f2d60a604b
SHA1

d9fec49f980c208e4d048f201d648be6c199f719
SHA256

d019eb38c728f5177390404681a56aa54f532ad2d2d5b225bc5fdabcec2b3e61
SHA512

ba79277c74556d3e689456cca4abc2934c543c54f174039f4d6fc87019448ddff16941cb066649778034742070008c40eecf1488a45cc4bd5004cffa2daa8247
SSDEEP

12288:GJUKyYHkMcy5gyEppIdrzG8bRoZ91ogunSTTsa1vWwlIukEP/:wY6u0zG8WZ96xCTF31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d019eb38c728f5177390404681a56aa54f532ad2d2d5b225bc5fdabcec2b3e61

Files

d019eb38c728f5177390404681a56aa54f532ad2d2d5b225bc5fdabcec2b3e61
.exe windows:4 windows x86

64782ef151d635298d55b64da02383ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
select
recvfrom
closesocket
sendto
htons
socket
WSAGetLastError
WSASetLastError
connect
getpeername
getsockname
recv
send
setsockopt
ioctlsocket
inet_ntoa
__WSAFDIsSet
WSAStartup
WSACleanup
inet_addr
bind

kernel32

TerminateThread
GetExitCodeThread
GetVolumeInformationA
CreateEventA
FreeResource
LockResource
LoadResource
FindResourceA
LoadLibraryExA
GetSystemInfo
lstrcmpA
GlobalLock
SizeofResource
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalDeleteAtom
GlobalAddAtomA
GlobalUnlock
lstrcmpW
GlobalFindAtomA
GetModuleFileNameW
InterlockedDecrement
MulDiv
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetThreadLocale
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetFullPathNameA
GetFileTime
GetCPInfo
GetOEMCP
SetErrorMode
UnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
GetFileType
HeapReAlloc
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetACP
IsValidCodePage
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
VirtualProtect
WriteProcessMemory
ConnectNamedPipe
WaitNamedPipeA
CreateNamedPipeA
GetOverlappedResult
DisconnectNamedPipe
CompareFileTime
Process32First
GetPriorityClass
Process32Next
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateToolhelp32Snapshot
ReadFile
WriteFile
QueryDosDeviceA
OpenProcess
FlushFileBuffers
GetFileAttributesA
CreateProcessA
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
SetFileAttributesA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetDiskFreeSpaceExA
GetProcessHeap
HeapAlloc
HeapFree
GetCurrentProcess
MoveFileExA
GetTickCount
GetCurrentThreadId
WritePrivateProfileStringA
GetPrivateProfileStringA
SetSystemTime
GetVersion
MultiByteToWideChar
CompareStringA
InterlockedExchange
CompareStringW
WideCharToMultiByte
GlobalFree
GlobalAlloc
LocalFree
FormatMessageA
GetModuleHandleA
SetConsoleCtrlHandler
Sleep
GetStdHandle
AllocConsole
CopyFileA
GetSystemDirectoryA
lstrcpyA
lstrlenA
GetVersionExA
SetUnhandledExceptionFilter
ExitProcess
SetLastError
DeviceIoControl
CreateFileA
OpenMutexA
GetCurrentProcessId
FreeLibrary
OutputDebugStringA
GetProcAddress
LoadLibraryA
CloseHandle
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteFileA
LeaveCriticalSection
GetDriveTypeA
GetWindowsDirectoryA
GetLogicalDriveStringsA
CreateDirectoryA
GetLastError
GetModuleFileNameA
CreateMutexA
GlobalGetAtomNameA

user32

PostThreadMessageA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
PeekMessageA
DispatchMessageA
PostMessageA
PostQuitMessage
MessageBoxA
CharUpperA
DefWindowProcA
DestroyWindow
SetWindowLongA
GetPropA
EnableWindow
GetClientRect
GetSystemMetrics
SendMessageA
IsIconic
LoadIconA
GetWindowThreadProcessId
RemovePropA
LoadCursorA
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
RegisterClipboardFormatA
UnregisterClassA
DestroyMenu
IsRectEmpty
CopyAcceleratorTableA
CharNextA
AdjustWindowRectEx
TranslateMessage

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetDeviceCaps
GetBkColor
SetWindowExtEx
CreateRectRgnIndirect
GetRgnBox
GetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetTextColor
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SelectObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
DeleteService
QueryServiceStatus
RegCreateKeyA
CopySid
GetLengthSid
IsValidSid
LookupAccountNameA
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
CreateServiceA
ControlService
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueA
SetSecurityInfo
StartServiceA
OpenServiceA
CloseServiceHandle
OpenSCManagerA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoCreateInstance
CoInitializeEx
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysAllocString
VariantCopy
SysFreeString

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 436KB - Virtual size: 434KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64782ef151d635298d55b64da02383ea

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

Sections

.text Size: 436KB - Virtual size: 434KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 28KB - Virtual size: 39KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 436KB - Virtual size: 434KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 28KB - Virtual size: 39KB

.rsrc
Size: 40KB - Virtual size: 36KB