77ba4885a44e7d8cfa0ab22871c12a8879c9d91eb4932869a2e0590dd1cbbd0d

Sharing

Copy URL

Twitter E-mail

General

Target

77ba4885a44e7d8cfa0ab22871c12a8879c9d91eb4932869a2e0590dd1cbbd0d
Size

15.5MB
MD5

28a896d2d26b0c4374e7b790b4fdf1f4
SHA1

0e1d49e478c2788e449e06ba9183349af0360a6d
SHA256

77ba4885a44e7d8cfa0ab22871c12a8879c9d91eb4932869a2e0590dd1cbbd0d
SHA512

8b03988a10d17766e9c386dd48ac8c0888b996623cc69a97235bb03a6b0cf5e34bad379ffdb530c2e090770b00fb7c0e4796dbca55f81eb16c0c0405afdb4848
SSDEEP

196608:Oiau0AVR9oMJsI5SiGZtGzQn8ktRyPBfakJrN/VC3c7+vADDlXYOXYuQcg8ktR2f:OJu0APFoiO8zbfRqRADDloO5QZfYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77ba4885a44e7d8cfa0ab22871c12a8879c9d91eb4932869a2e0590dd1cbbd0d

Files

77ba4885a44e7d8cfa0ab22871c12a8879c9d91eb4932869a2e0590dd1cbbd0d
.exe windows:6 windows x86

4b0bfd9f27e50a4c35502f1d72b217fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
FreeResource
LockResource
LoadResource
FindResourceW
GetTickCount
GetUserDefaultLCID
LoadLibraryW
FreeLibrary
CreateDirectoryW
ReadFile
GetCommandLineW
RemoveDirectoryW
CreatePipe
PeekNamedPipe
GetFileAttributesW
GlobalFlags
GetSystemInfo
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateProcessW
CopyFileW
VirtualQuery
GenerateConsoleCtrlEvent
GetExitCodeProcess
ResetEvent
GetLocalTime
GetSystemTimeAsFileTime
FlushInstructionCache
lstrcmpiW
LoadLibraryExW
GetCurrentProcess
IsBadCodePtr
FlushFileBuffers
WriteConsoleW
SetEnvironmentVariableW
SetEvent
GlobalUnlock
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFileSizeEx
SetEndOfFile
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
ReadConsoleW
SetStdHandle
GetStdHandle
GetCommandLineA
GetFileType
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
QueryPerformanceCounter
GetStartupInfoW
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCPInfo
LCMapStringEx
GetStringTypeW
LoadLibraryExA
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetEnvironmentVariableW
OutputDebugStringA
WaitForMultipleObjects
WaitNamedPipeW
TransactNamedPipe
SetNamedPipeHandleState
WriteFile
VirtualQueryEx
GetProcessId
CreateSemaphoreW
SetUnhandledExceptionFilter
CreateFileW
MulDiv
GlobalLock
GlobalAlloc
GlobalFree
GlobalSize
GetEnvironmentStringsW
GetModuleFileNameW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetTickCount64
GetTimeZoneInformation
Sleep
VirtualFree
VirtualAlloc
VirtualProtect
LoadLibraryA
GetModuleHandleA
MoveFileW
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
GetComputerNameW
CreateEventW
OpenEventW
SetWaitableTimer
CreateWaitableTimerW
CreateThread
TerminateThread
GetExitCodeThread
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
FindClose
FindNextFileW
FindFirstFileW
MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
ExitProcess
InitializeCriticalSection
IsDebuggerPresent
DebugBreak
GetModuleFileNameA
DeleteCriticalSection
GetCurrentThreadId
GetModuleHandleW
GetProcessHeap
GetCurrentProcessId
CreateMutexExW
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
CloseHandle
HeapReAlloc
OpenSemaphoreW
WaitForSingleObjectEx
OutputDebugStringW
GetLastError
FormatMessageW
HeapSize
ReleaseMutex
WaitForSingleObject
InitializeCriticalSectionEx
GetModuleHandleExW
ReleaseSemaphore
SetLastError
HeapFree
CreateSemaphoreExW
FreeEnvironmentStringsW

user32

GetSubMenu
DestroyAcceleratorTable
CreateAcceleratorTableW
DestroyMenu
TranslateAcceleratorW
AppendMenuW
TrackPopupMenu
CreatePopupMenu
DeleteMenu
GetMenuItemCount
GetMenu
ModifyMenuW
wsprintfW
DestroyIcon
UnregisterClassW
MessageBoxW
SendMessageW
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
FindWindowW
FindWindowExW
GetWindowRect
GetMonitorInfoW
GetWindowTextLengthW
GetWindowTextW
CharNextW
PostQuitMessage
GetDlgItem
FillRect
RedrawWindow
EndPaint
GetNextDlgTabItem
BeginPaint
IntersectRect
IsRectEmpty
SetMenu
IsChild
GetDlgCtrlID
IsWindowEnabled
DrawIcon
SetWindowRgn
GetSystemMenu
GetLastActivePopup
PtInRect
OffsetRect
MessageBeep
DrawTextW
SetRect
IsZoomed
GetTopWindow
CreateMenu
GetCursorPos
MonitorFromWindow
SetActiveWindow
WaitForInputIdle
OpenClipboard
CloseClipboard
EmptyClipboard
GetKeyState
SetWindowPos
PostMessageW
MoveWindow
IsIconic
ShowScrollBar
IsWindow
GetWindowThreadProcessId
GetClassNameW
IsWindowVisible
GetPropW
CallWindowProcW
RemovePropW
GetWindowLongW
SetWindowLongW
InvalidateRect
ShowWindow
SetParent
GetActiveWindow
DefWindowProcW
WinHelpW
GetClipboardData
SetClipboardData
DestroyWindow
GetMessageW
ClientToScreen
GetClassInfoExW
RegisterClassExW
IsDialogMessageW
GetSysColor
SetWindowTextW
EnableWindow
GetParent
ScreenToClient
GetFocus
CreateWindowExW
LoadStringW
SetPropW
LoadIconW
LoadCursorW
GetDesktopWindow
LoadImageW
GetDC
GetSystemMetrics
GetWindowDC
GetClientRect
ReleaseDC
SetForegroundWindow
EnumWindows
AdjustWindowRectEx
GetWindow
SetCursor
SetFocus

gdi32

CombineRgn
CreateRectRgn
GetTextMetricsW
ExcludeClipRect
GetClipBox
SetBkMode
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
DeleteObject
SetStretchBltMode
GetObjectW
DeleteDC
GetDeviceCaps
CreateRoundRectRgn
CreateEllipticRgn
SetTextColor
SetBkColor
CreateSolidBrush
CreateFontIndirectW
GdiAlphaBlend
GetStockObject

comdlg32

GetSaveFileNameW
ChooseFontW
GetOpenFileNameW

advapi32

RegGetValueW
EventWriteTransfer
EventSetInformation
EventRegister
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
EventUnregister

shell32

DragFinish
DragQueryFileW
SHGetSpecialFolderPathW
ShellExecuteW
Shell_NotifyIconW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateGuid
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromProgID
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VarUI4FromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
SafeArrayDestroy
VariantInit
SysAllocString
SysFreeString

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetIcon

hpsocket_u

HP_Destroy_TcpPullClient
HP_Create_TcpPullClient

gdiplus

GdipCreateBitmapFromFile
GdipGetImageWidth
GdipSetCompositingMode
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipCreateBitmapFromScan0

ntdll

RtlCaptureContext

psapi

EnumProcesses

shlwapi

PathFileExistsW
PathIsDirectoryW

ws2_32

WSACleanup

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 419KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.4MB - Virtual size: 13.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b0bfd9f27e50a4c35502f1d72b217fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

hpsocket_u

gdiplus

ntdll

psapi

shlwapi

ws2_32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 419KB - Virtual size: 419KB

.data Size: 43KB - Virtual size: 1.4MB

.rsrc Size: 13.4MB - Virtual size: 13.4MB

.reloc Size: 136KB - Virtual size: 135KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 419KB - Virtual size: 419KB

.data
Size: 43KB - Virtual size: 1.4MB

.rsrc
Size: 13.4MB - Virtual size: 13.4MB

.reloc
Size: 136KB - Virtual size: 135KB