3551394f645355989015b6788381f2e89229aa7880bb7feb9162d497a71a90c2

Sharing

Copy URL Twitter E-mail

General

Target

3551394f645355989015b6788381f2e89229aa7880bb7feb9162d497a71a90c2
Size

1.2MB
MD5

6e6ba8fd2712585411e91eb0ae6ca528
SHA1

61ca075953ef2e82e789e2a49700b4c389a2295f
SHA256

3551394f645355989015b6788381f2e89229aa7880bb7feb9162d497a71a90c2
SHA512

0e87a44ff7ba09037946abf79ba330bcd2aa49e16d5ddae37aa0400b67dae7c70a140f95603dc91957839443c53943e8f0786bada866c55a320d8d48df47ee14
SSDEEP

24576:Vwa+RfSHZ9ob+7db2WXV1U2lOfmpeFa1/:yS5q6Bb2WXVC2lOfm2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3551394f645355989015b6788381f2e89229aa7880bb7feb9162d497a71a90c2

Files

3551394f645355989015b6788381f2e89229aa7880bb7feb9162d497a71a90c2
.exe windows:4 windows x86

d820b16a5dac3c23bd7e0611a2368fe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyaddr
gethostname
getservbyport
WSAStartup
htons
ntohs
ntohl
htonl

mpr

WNetGetConnectionA

comctl32

CreateToolbarEx
ImageList_Create
ord17
PropertySheetA
ord6
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_ReplaceIcon

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

Sleep
SetThreadAffinityMask
GetCurrentThread
DeleteFileA
WaitForSingleObject
CreateProcessA
GetCommandLineA
ExpandEnvironmentStringsA
ReadProcessMemory
VirtualQueryEx
OpenProcess
SetFilePointer
ReadFile
GetSystemTimeAsFileTime
LoadLibraryA
UnmapViewOfFile
IsBadReadPtr
MapViewOfFile
CreateFileMappingA
PulseEvent
WaitForMultipleObjects
GetCurrentProcessId
SetPriorityClass
FindClose
FindFirstFileA
SetEnvironmentVariableA
SetProcessWorkingSetSize
CreateEventA
GetLocaleInfoA
FormatMessageA
OutputDebugStringA
TerminateProcess
DeviceIoControl
GetDriveTypeA
GetCurrentDirectoryA
GetFileTime
GetExitCodeThread
TerminateThread
GlobalMemoryStatus
DuplicateHandle
GetProcessAffinityMask
VirtualAlloc
GetPriorityClass
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalReAlloc
GetThreadContext
InterlockedIncrement
MultiByteToWideChar
GetCommandLineW
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
ExitProcess
LCMapStringW
LCMapStringA
VirtualQuery
VirtualProtect
WriteFile
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
IsBadWritePtr
HeapCreate
HeapDestroy
FatalAppExitA
GetVersionExA
GetStartupInfoA
GetCurrentThreadId
RtlUnwind
CreateThread
ResumeThread
ExitThread
HeapReAlloc
IsValidLocale
IsValidCodePage
SetStdHandle
GetSystemDirectoryA
lstrcpynA
GetFileAttributesA
lstrcmpA
WideCharToMultiByte
GetNumberFormatA
MulDiv
GetEnvironmentVariableA
lstrcmpiA
SetEvent
GetDateFormatA
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
GetProcessHeap
HeapAlloc
lstrcpyA
lstrcatA
HeapFree
GetTickCount
SwitchToThread
GetVersion
GetSystemInfo
GetModuleHandleA
GetProcAddress
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
FlushFileBuffers
EnumSystemLocalesA
SetUnhandledExceptionFilter
IsBadCodePtr
QueryPerformanceCounter
SetConsoleCtrlHandler
GetTimeZoneInformation
GetLastError
CloseHandle
IsBadStringPtrA
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatA
EnterCriticalSection
LeaveCriticalSection
LocalFree
LocalAlloc
GetModuleFileNameA
SetEndOfFile
GetLocaleInfoW
CompareStringA
CompareStringW
HeapSize
GetStdHandle
lstrlenW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetUserDefaultLCID
VirtualFree
RaiseException

user32

EnumWindows
SendMessageTimeoutA
GetWindow
GetDlgCtrlID
GetUserObjectSecurity
SetUserObjectSecurity
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CheckRadioButton
MsgWaitForMultipleObjects
PeekMessageA
DeleteMenu
LoadMenuA
InsertMenuA
TrackPopupMenu
GetCapture
SetCapture
DrawEdge
DrawFrameControl
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
OffsetRect
UnionRect
GetClassNameA
DeferWindowPos
SetPropA
IsZoomed
wsprintfA
GetMenuCheckMarkDimensions
SetForegroundWindow
GetDesktopWindow
FindWindowExA
IsIconic
GetWindowThreadProcessId
GetWindowTextA
RegisterWindowMessageA
SetClassLongA
CallWindowProcA
EnableWindow
CheckDlgButton
IsDlgButtonChecked
GetWindowPlacement
ModifyMenuA
AppendMenuA
TrackPopupMenuEx
GetMenu
GetSubMenu
GetMenuItemCount
EnableMenuItem
GetMenuItemID
GetPropA
GetMessageA
FillRect
DrawIconEx
GetDoubleClickTime
ScreenToClient
InvalidateRgn
SendMessageA
MessageBoxA
SetFocus
SetTimer
GetCursorPos
PtInRect
WindowFromPoint
KillTimer
LoadStringA
FindWindowA
PostMessageA
LoadIconA
LoadImageA
RegisterClassExA
RegisterClassA
SetWindowPlacement
UpdateWindow
DefDlgProcA
DefFrameProcA
LoadBitmapA
SetMenuItemBitmaps
CreateMenu
RemoveMenu
DrawMenuBar
ExitWindowsEx
RedrawWindow
GetWindowDC
LoadAcceleratorsA
DefMDIChildProcA
GetWindowLongA
SetWindowLongA
TranslateAcceleratorA
TranslateMessage
BeginPaint
EndPaint
ShowWindow
ClientToScreen
GetSystemMetrics
SetWindowPos
DefWindowProcA
GetClientRect
MapWindowPoints
DestroyWindow
CreateWindowExA
GetParent
IsWindowVisible
GetFocus
DrawTextA
GetDC
ReleaseDC
DialogBoxParamA
EndDialog
GetDlgItem
GetWindowRect
MoveWindow
SetDlgItemTextA
LoadCursorA
GetSysColorBrush
GetSysColor
ChildWindowFromPoint
InvalidateRect
SetCursor
IsDialogMessageA
DispatchMessageA
CreateDialogParamA
ReleaseCapture
GetDlgItemTextA
CheckMenuItem
PostQuitMessage
DestroyIcon
SetWindowTextA
CreatePopupMenu

gdi32

RestoreDC
GetDeviceCaps
SetTextAlign
Rectangle
GetTextExtentPoint32A
CreateSolidBrush
CreatePen
SetROP2
LineTo
SaveDC
StretchBlt
GetTextMetricsA
CreateCompatibleBitmap
ExtTextOutA
SetBkColor
BitBlt
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
GetStockObject
GetObjectA
CreateFontIndirectA
SetBkMode
MoveToEx
SelectObject
SetTextColor

comdlg32

ChooseFontA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
FindTextA

advapi32

OpenServiceA
CloseServiceHandle
IsValidSecurityDescriptor
SetKernelObjectSecurity
GetKernelObjectSecurity
OpenSCManagerA
RegConnectRegistryA
EqualSid
LookupAccountSidA
GetLengthSid
CopySid
RegEnumValueA
GetTokenInformation
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegCreateKeyA
RegSetValueExA
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
MapGenericMask
LookupPrivilegeNameA

shell32

SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA
CommandLineToArgvW

ole32

CoInitialize
CoCreateInstance

oleaut32

GetErrorInfo
SysAllocString
VariantClear
VariantChangeType
VariantInit
CreateErrorInfo
SysFreeString
SetErrorInfo

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 864KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d820b16a5dac3c23bd7e0611a2368fe8

Headers

File Characteristics

Imports

ws2_32

mpr

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 280KB - Virtual size: 276KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 16KB - Virtual size: 230KB

.rsrc Size: 864KB - Virtual size: 864KB

.text
Size: 280KB - Virtual size: 276KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 16KB - Virtual size: 230KB

.rsrc
Size: 864KB - Virtual size: 864KB