dafabe460cd9655addb8c6b1cd7be1ae7c6b57e8a420cc7aa618d159171df1c4

Sharing

Copy URL Twitter E-mail

General

Target

dafabe460cd9655addb8c6b1cd7be1ae7c6b57e8a420cc7aa618d159171df1c4
Size

3.2MB
MD5

85cb64acc7093ad0a9c5ce0cdfde9151
SHA1

be7821878a1bf25894694cc2e1837d31f302ee1b
SHA256

dafabe460cd9655addb8c6b1cd7be1ae7c6b57e8a420cc7aa618d159171df1c4
SHA512

eda60b84421c5ebaaded43549bff11d6beae3121a58c460c0335c8215bc1c27d4803661a794759aac45565242893ad7b56ba6e2425636c4db812ffbaa776445c
SSDEEP

98304:8OisQYNdpkfk/jCDewTX0+P342WcMeb3CzMOrh7/R/:8Ois3TuX0h2v3CzM8Fd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dafabe460cd9655addb8c6b1cd7be1ae7c6b57e8a420cc7aa618d159171df1c4

Files

dafabe460cd9655addb8c6b1cd7be1ae7c6b57e8a420cc7aa618d159171df1c4
.exe windows:5 windows x86

cfcfd1e01b41150a44c602b4b9be29b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
Sleep
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CreateFileA
SetFilePointer
GlobalAlloc
MultiByteToWideChar
GetWindowsDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
GetModuleHandleA
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetModuleFileNameA
GetDriveTypeA
GetVersionExA
GetFileInformationByHandle
GetModuleHandleW
lstrcmpA
InterlockedExchange
CompareStringA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
GlobalAddAtomA
GetCurrentProcessId
LoadLibraryW
GlobalFree
FreeResource
FindResourceA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
MulDiv
lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
FileTimeToSystemTime
FindClose
FindFirstFileA
FileTimeToLocalFileTime
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetThreadLocale
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
RtlUnwind
RaiseException
EncodePointer
DecodePointer
ExitThread
CreateThread
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
HeapCreate
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
GetDriveTypeW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
CloseHandle
ExitProcess
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
FindFirstFileExA

user32

IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
WindowFromPoint
LoadCursorW
WaitMessage
GetDC
ReleaseDC
GetKeyNameTextA
MapVirtualKeyA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoA
DestroyMenu
GetMenuStringA
SystemParametersInfoA
RemoveMenu
InsertMenuA
IntersectRect
DeleteMenu
RealChildWindowFromPoint
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
GetSysColorBrush
CharUpperA
MessageBeep
SetRect
CharNextA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
UnregisterClassA
SetWindowRgn
SetParent
DestroyAcceleratorTable
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
DrawIconEx
RegisterWindowMessageA
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatA
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
UnionRect
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
GetUpdateRect
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
CheckMenuItem
PostQuitMessage
LoadIconW
IsWindow
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
GetMonitorInfoA
MapWindowPoints
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
GetWindowRect
LoadBitmapW
SendMessageA
MonitorFromWindow
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
CheckDlgButton
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetSystemMetrics
IsIconic
TranslateMessage
DispatchMessageA
DrawFrameControl
GetActiveWindow
GetFocus
GetSysColor
IsWindowVisible
GetWindowThreadProcessId
EmptyClipboard
SetClipboardData
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
EnableMenuItem
SetWindowPos
GetWindowTextA
GetKeyState
GetWindowLongA
GetForegroundWindow
IsZoomed
BringWindowToTop
wsprintfA
InflateRect
FrameRect
DrawStateA
OffsetRect
DrawEdge
DestroyIcon
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
SetMenuDefaultItem
LoadIconA
GetParent
InvalidateRect
SetCursor
SetWindowLongA
LoadCursorA
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
EnableWindow
ClientToScreen
PostMessageA
SetTimer
GetDesktopWindow
MessageBoxA
ScreenToClient
CreatePopupMenu
KillTimer
LoadMenuW
GetSubMenu
GetCursorPos

gdi32

ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
TextOutA
CreateBitmap
GetPixel
GetWindowExtEx
GetViewportExtEx
RectVisible
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
PtVisible
SetPixelV
GetTextFaceA
SetTextAlign
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateSolidBrush
CreateFontIndirectA
GetObjectA
GetStockObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgnIndirect
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
SetBkColor
SetTextColor
EnumFontFamiliesA
GetTextMetricsA
CreateDIBitmap
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateDCA
CopyMetaFileA
GetTextExtentPoint32A
CreateHatchBrush
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx

advapi32

RegSetValueExA
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
RegDeleteKeyA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
CryptImportKey
RegQueryValueExA
RegEnumKeyA
RegQueryValueA

shell32

SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleCreateMenuDescriptor
OleInitialize

oleaut32

SystemTimeToVariantTime
VarBstrFromDate
VariantTimeToSystemTime
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
SafeArrayDestroy
SysAllocString
VariantCopy

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

ws2_32

listen
accept
recvfrom
getaddrinfo
freeaddrinfo
getsockopt
bind
ntohs
getsockname
setsockopt
select
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
closesocket
getpeername
send
recv
htons
socket
WSAIoctl
WSAGetLastError
ioctlsocket
gethostname
htonl
ntohl
sendto
connect

winmm

PlaySoundA

wldap32

ord33
ord79
ord35
ord32
ord200
ord301
ord26
ord50
ord60
ord143
ord211
ord22
ord41
ord46
ord27
ord30

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfcfd1e01b41150a44c602b4b9be29b5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

ws2_32

winmm

wldap32

crypt32

oleacc

gdiplus

imm32

winspool.drv

comdlg32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 319KB - Virtual size: 318KB

.data Size: 25KB - Virtual size: 54KB

.reloc Size: 185KB - Virtual size: 185KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 319KB - Virtual size: 318KB

.data
Size: 25KB - Virtual size: 54KB

.reloc
Size: 185KB - Virtual size: 185KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB