737d7ee27ce62b5606970dd7564a55ce41dc49452a97952f62db482366f84631

Sharing

Copy URL

Twitter E-mail

General

Target

737d7ee27ce62b5606970dd7564a55ce41dc49452a97952f62db482366f84631
Size

1.9MB
MD5

bf871679e38ef627c5affe87b35a4ac8
SHA1

b43830a588b1b7e53b4e5cdcc8167a6d65045d18
SHA256

737d7ee27ce62b5606970dd7564a55ce41dc49452a97952f62db482366f84631
SHA512

b2cc2556fe7209f3914137fc34eef982ef672474e80794dcd07732600821e98758744b1adf13a0bc10e292f56bc539ccb35ba23e07773792b4b27a0e44e3486d
SSDEEP

24576:kzbqLh//9lf8DUAbFHm3EUCQLj6NlguzlHTLTS+1FJXWg:AbKdg+0mLj4lF5TLT5z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
737d7ee27ce62b5606970dd7564a55ce41dc49452a97952f62db482366f84631

Files

737d7ee27ce62b5606970dd7564a55ce41dc49452a97952f62db482366f84631
.exe windows:6 windows x86

c700ba44cc7d2e2b692536c9117e27e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
CloseHandle
GlobalFree
LoadLibraryW
Sleep
WaitForSingleObject
GetVersionExW
GetModuleFileNameW
GetProcAddress
FreeLibrary
WideCharToMultiByte
GetTickCount
SizeofResource
HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
LockResource
HeapReAlloc
RaiseException
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
GlobalAlloc
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
SetEndOfFile
SetStdHandle
GetConsoleCP
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetACP
GetStdHandle
ExitProcess
GetFileType
GetTimeZoneInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
MultiByteToWideChar
CreateDirectoryW
CreateFileW
GetFileAttributesW
GetCurrentThreadId
FileTimeToSystemTime
DeleteFileW
MoveFileExW
CreateProcessW
CopyFileW
GetTempFileNameW
GetFileTime
ReadFile
SetLastError
GetCurrentProcess
WriteFile
SetFilePointer
ExitThread
CreateEventW
FormatMessageW
CreateThread
LocalFree
GetFileSize
GetCommandLineW
GetTempPathW
GetSystemDirectoryW
GetCurrentProcessId
GetModuleHandleW
OpenMutexW
OpenEventW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
FlushFileBuffers
LoadLibraryExW
lstrlenW
LocalAlloc
OutputDebugStringW
lstrcpyW
CreateMutexW
ReleaseMutex
SetEvent
OpenFileMappingW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
InitializeCriticalSection
GetDiskFreeSpaceExW
GetSystemTime
GlobalHandle
TerminateProcess
lstrcatW
GetLocalTime
VirtualQuery
IsDebuggerPresent
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
ResetEvent
SetFileAttributesW

user32

FindWindowW
GetDesktopWindow
SetForegroundWindow
IsIconic
ShowWindow
GetDC
MonitorFromPoint
TranslateMessage
DispatchMessageW
IsWindow
GetMessageW
NotifyWinEvent
GetPropW
GetCursorPos
SendInput
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
PostMessageW
GetWindowTextW
EnableWindow
GetParent
GetMonitorInfoW
SetWindowLongW
ReleaseDC
wvsprintfW
wsprintfW
DrawTextW
UpdateLayeredWindow
EndPaint
BeginPaint
ReleaseCapture
AppendMenuW
SetCursor
DestroyMenu
IsWindowEnabled
TrackMouseEvent
SetMenuItemInfoW
ClientToScreen
SetTimer
TrackPopupMenu
GetWindowPlacement
RegisterClassExW
CreatePopupMenu
SetCapture
InsertMenuItemW
GetKeyState
GetFocus
ScreenToClient
MoveWindow
SetRectEmpty
KillTimer
LoadCursorW
SetPropW
SetFocus
SetWindowTextW
ShowScrollBar
GetScrollInfo
SubtractRect
MonitorFromRect
IntersectRect
RegisterClipboardFormatW
LoadIconW
LoadImageW
GetWindowRect
GetForegroundWindow
GetClipboardData
PtInRect
GetWindowLongW
GetWindowTextLengthW
DefWindowProcW
CallWindowProcW
DestroyWindow
IsWindowVisible
SetWindowPos
CreateWindowExW
SendMessageW
GetSystemMetrics

gdi32

DeleteObject
DeleteDC
CreateCompatibleDC
GetFontData
GetObjectW
SetBkMode
GetStockObject
SetTextColor
CreateDIBSection
SelectObject
BitBlt
CreateFontIndirectW
SetTextCharacterExtra

imm32

ImmDisableIME
ImmGetContext
ImmNotifyIME

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

GetProcessMemoryInfo

wininet

HttpOpenRequestA
InternetWriteFile
InternetCrackUrlA
InternetOpenW
HttpEndRequestW
HttpSendRequestExW
InternetCloseHandle
InternetConnectA
InternetReadFile
HttpAddRequestHeadersW
InternetGetConnectedState

msimg32

AlphaBlend

oleacc

LresultFromObject
AccessibleObjectFromWindow

advapi32

CryptAcquireContextW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
GetLengthSid
AddAccessAllowedAceEx
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorSacl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
SetSecurityDescriptorDacl
CryptDecrypt
CryptSetKeyParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptReleaseContext
GetSecurityDescriptorSacl
RegCreateKeyExW
RegSetValueExW

shell32

SHFileOperationW
SHGetFolderPathW
ShellExecuteW

ole32

CoUninitialize
CoInitialize

oleaut32

SysAllocString

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 491KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c700ba44cc7d2e2b692536c9117e27e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

imm32

version

psapi

wininet

msimg32

oleacc

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 491KB - Virtual size: 491KB

.data Size: 30KB - Virtual size: 114KB

.rsrc Size: 209KB - Virtual size: 208KB

.reloc Size: 142KB - Virtual size: 144KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 491KB - Virtual size: 491KB

.data
Size: 30KB - Virtual size: 114KB

.rsrc
Size: 209KB - Virtual size: 208KB

.reloc
Size: 142KB - Virtual size: 144KB