819400a8b73ba185e330c3b72d3c090a170a36a65362f0f9329cb755e960112f

Sharing

Copy URL

Twitter E-mail

General

Target

819400a8b73ba185e330c3b72d3c090a170a36a65362f0f9329cb755e960112f
Size

2.6MB
MD5

f5a31686ee7286374485440a6ca2b450
SHA1

a580fd1342c783c1af099c366f49549d9713bbcb
SHA256

819400a8b73ba185e330c3b72d3c090a170a36a65362f0f9329cb755e960112f
SHA512

c117b66aae3c494f44cee68f1ad7b822768777c937d4a7b431e3236e61688e7b7773b24a4331ee22662e84b1ae04f0051536e64b31ac6c041a28a7043d421e32
SSDEEP

49152:CpPXHzcrLxmZwCLBYVGns/RtQmjnPTLR3a:CpPXmMbZs/RtQmTk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
819400a8b73ba185e330c3b72d3c090a170a36a65362f0f9329cb755e960112f

Files

819400a8b73ba185e330c3b72d3c090a170a36a65362f0f9329cb755e960112f
.exe windows:4 windows x86

50b55b02875a2da002bc7814fffd2403

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetFullPathNameW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
WritePrivateProfileStringW
FileTimeToSystemTime
GetThreadLocale
lstrlenA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetVersion
GlobalGetAtomNameW
GetModuleHandleA
FormatMessageW
MulDiv
GetCurrentProcessId
InterlockedDecrement
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
CompareStringW
LoadLibraryA
SetLastError
lstrcmpW
GetProcAddress
GetVersionExA
lstrlenW
GlobalFree
FreeResource
ExitProcess
CreateFileMappingW
ReadFile
WriteFile
UnmapViewOfFile
MapViewOfFile
GetFileSize
CreateFileA
SetEvent
LocalFree
GetCommandLineW
GetModuleHandleW
MoveFileExW
WideCharToMultiByte
GetFileTime
SetEndOfFile
SetFilePointer
SetFileTime
CreateFileW
GetLocalTime
MultiByteToWideChar
DeleteFileW
GetModuleFileNameW
ResetEvent
Sleep
CreateEventW
CreateMutexW
GetCurrentThreadId
SetThreadPriority
CreateThread
CloseHandle
FindClose
FindNextFileW
FindFirstFileW
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
ReleaseMutex
WaitForSingleObject
GetStartupInfoA
GetTickCount

user32

GetSysColorBrush
UnregisterClassW
SetTimer
KillTimer
WindowFromPoint
GetDCEx
LockWindowUpdate
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
GetWindowThreadProcessId
GetMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
IsWindowVisible
GetMenuItemID
CreateWindowExW
GetClassInfoExW
GetClassInfoW
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
DefWindowProcW
CallWindowProcW
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetFocus
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsDialogMessageW
IsDlgButtonChecked
SendDlgItemMessageW
CheckDlgButton
GetWindowTextLengthW
GetWindowTextW
GetWindow
SetFocus
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
AppendMenuW
InsertMenuW
CreateMenu
DispatchMessageW
TranslateMessage
MessageBoxW
UpdateWindow
DrawMenuBar
GetMenuItemCount
GetMenu
LoadIconW
DrawTextW
EnableMenuItem
GetDlgItem
GetWindowRect
PeekMessageW
ScreenToClient
GetCursorPos
SetWindowTextW
GetClientRect
GetSystemMetrics
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
SystemParametersInfoW
GetMenuItemInfoW
InflateRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
LoadCursorW
wsprintfW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
RegisterClassW
TranslateAcceleratorW
PtInRect
SetCapture
ReleaseCapture
OffsetRect
ReleaseDC
GetDC
GetKeyState
SetRect
InvalidateRect
FillRect
FrameRect
GetClipboardData
SetClipboardData
EmptyClipboard
CloseClipboard
IsClipboardFormatAvailable
EnumClipboardFormats
CountClipboardFormats
OpenClipboard
SendMessageW
CharLowerW
PostMessageW
LoadStringW
SetCursor
DestroyMenu
TrackPopupMenu
ClientToScreen
GetSubMenu
LoadMenuW
EnableWindow
UnregisterClassA

gdi32

TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
CreateCompatibleBitmap
GetTextMetricsW
GetTextExtentPoint32W
GetCharWidthW
CreateFontW
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
GetTextColor
GetRgnBox
IntersectClipRect
ExcludeClipRect
SetMapMode
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
GetBkColor
RestoreDC
SaveDC
GetDeviceCaps
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
GetClipBox
DeleteDC
CreateDIBSection
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
SetTextColor
SetBkMode
Rectangle
Ellipse
CreateBrushIndirect
LineTo
MoveToEx
SelectObject
CreatePen
DeleteObject
CreateSolidBrush
SetDIBitsToDevice

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
ChooseFontW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
RegSetValueExW

shell32

SHGetPathFromIDListW
DragAcceptFiles
ShellExecuteW
SHChangeNotify
SHCreateDirectoryExW
SHParseDisplayName
DragFinish
SHGetMalloc
DragQueryFileW
SHBrowseForFolderW
CommandLineToArgvW
SHFileOperationW
SHOpenFolderAndSelectItems

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRenameExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
OleFlushClipboard
CLSIDFromProgID
CoTaskMemFree
CoUninitialize
CoInitialize
CLSIDFromString
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

wininet

InternetQueryDataAvailable
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetReadFile

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 604KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50b55b02875a2da002bc7814fffd2403

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 604KB - Virtual size: 600KB

.data Size: 32KB - Virtual size: 71KB

.rsrc Size: 116KB - Virtual size: 113KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 604KB - Virtual size: 600KB

.data
Size: 32KB - Virtual size: 71KB

.rsrc
Size: 116KB - Virtual size: 113KB