dc5815f43912baae5dea8536e10c920baf6f34be1ab935c1bfafb5a0a1d94736

Sharing

Copy URL

Twitter E-mail

General

Target

dc5815f43912baae5dea8536e10c920baf6f34be1ab935c1bfafb5a0a1d94736
Size

3.5MB
MD5

3e53516184b2be5325177df522537cd3
SHA1

35b77c9b05c1d2c69749cb47fdcc241723ab87e2
SHA256

dc5815f43912baae5dea8536e10c920baf6f34be1ab935c1bfafb5a0a1d94736
SHA512

b796d8132876b5d090a29388d42790371e1f7bb27d41e2a39d4cc1821b248d5d213e82bffeafe881fe5122f811f73a16b7e94255bd5e5cae8730182b1401166a
SSDEEP

98304:RpD0xORKZVYXfPXJn4NyuQY2dHn9TFHk4kI:R+YXfPuyuQppE4kI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc5815f43912baae5dea8536e10c920baf6f34be1ab935c1bfafb5a0a1d94736

Files

dc5815f43912baae5dea8536e10c920baf6f34be1ab935c1bfafb5a0a1d94736
.exe windows:4 windows x86

1627869cbf543f9c60a29b99d787b68c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_GetAttributes
HidD_GetManufacturerString
HidD_GetProductString
HidD_GetIndexedString
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetHidGuid

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces

kernel32

ExitProcess
RaiseException
HeapFree
HeapAlloc
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
TerminateProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
LCMapStringW
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetEnvironmentVariableA
GetLocaleInfoW
GetProfileStringA
InterlockedExchange
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetPrivateProfileStringA
CopyFileA
WritePrivateProfileStringA
GetModuleHandleA
VirtualProtect
VirtualQuery
DeleteFileA
Sleep
QueryPerformanceCounter
CloseHandle
GetLastError
CreateFileA
CreateEventA
DeviceIoControl
WaitForSingleObject
WriteFile
ResetEvent
GetOverlappedResult
ReadFile
SetEvent
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
GetPrivateProfileSectionA
UnmapViewOfFile
SetCurrentDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
WritePrivateProfileSectionA
Beep
MoveFileA
QueryPerformanceFrequency
GetCurrentThreadId
SuspendThread
ResumeThread
MapViewOfFile
CreateFileMappingA
GetFileSize
GetExitCodeProcess
CreateProcessA
GetShortPathNameA
GetFileAttributesA
SetFileTime
GetFileTime
GetLongPathNameA
GetModuleFileNameA
LockResource
LoadResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
GetPrivateProfileIntA
MultiByteToWideChar
IsDBCSLeadByte
GetStartupInfoA
CreatePipe
GetVolumeInformationA
SetupComm
SetCommMask
SetCommState
GetCommState
SetCommTimeouts
CancelIo
SetCommConfig
GetDefaultCommConfigA
WaitCommEvent
GetCommTimeouts
GlobalUnlock
GlobalLock
GetTempFileNameA
GetTempPathA
SystemTimeToFileTime
GetACP
GetVersion
LCMapStringA
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesA
lstrcatA
lstrcpyA
GetLocaleInfoA
LocalFree
FormatMessageA
MulDiv
GlobalAlloc
lstrcpynA
lstrlenA
WinExec
GetSystemTime
SetLastError
GetCurrentProcess
GetWindowsDirectoryA
InterlockedIncrement
InterlockedDecrement
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
SetThreadPriority
lstrcmpA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThread
GetTickCount
GlobalFree
LocalFileTimeToFileTime
lstrlenW
GetProfileIntA
EnterCriticalSection
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetDiskFreeSpaceA
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
GlobalSize
RtlUnwind
GetTimeZoneInformation
GetLocalTime

user32

GetNextDlgGroupItem
SetWindowPlacement
GetWindowTextLengthA
DestroyWindow
CreateWindowExA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
IntersectRect
IsChild
TranslateMessage
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
CharUpperA
SendMessageW
GetQueueStatus
DrawIcon
CallWindowProcA
SetRectEmpty
GetDCEx
BeginDeferWindowPos
EndDeferWindowPos
ShowScrollBar
MessageBeep
CopyIcon
EqualRect
ShowCursor
MapWindowPoints
GetMessagePos
ValidateRect
GetClassInfoA
DefWindowProcA
GrayStringA
TabbedTextOutA
WindowFromPoint
GetMessageA
ClientToScreen
DispatchMessageA
GetDlgCtrlID
IsRectEmpty
GetSysColorBrush
GetClassLongA
DrawStateA
DestroyIcon
LoadBitmapA
GetActiveWindow
IsZoomed
GetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
DrawMenuBar
SetWindowPos
CopyAcceleratorTableA
GetWindowPlacement
ShowWindow
SetWindowLongA
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
GetDlgItem
SetCaretPos
CreateCaret
ShowCaret
HideCaret
DrawIconEx
DrawEdge
DrawFrameControl
DestroyCursor
InflateRect
DrawTextA
PtInRect
DrawFocusRect
LoadCursorA
SetCursor
ChildWindowFromPoint
IsWindowVisible
SystemParametersInfoA
ScreenToClient
GetWindow
CopyRect
ScrollDC
ReleaseCapture
GetCapture
SetCapture
SetRect
SetForegroundWindow
GetWindowLongA
FillRect
LockWindowUpdate
GetDC
ReleaseDC
SetTimer
KillTimer
GetSysColor
OffsetRect
GetWindowRect
GetSystemMetrics
RedrawWindow
IsWindow
AdjustWindowRectEx
LoadIconA
GetClientRect
GetFocus
wvsprintfA
UnregisterClassA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SendMessageA
PostMessageA
EnumWindows
GetWindowTextA
ReplyMessage
GetTabbedTextExtentA
UpdateWindow
SetFocus
InvalidateRect
GetKeyState
DeleteMenu
LoadMenuA
DestroyMenu
GetMenuStringW
ModifyMenuW
GetMenuItemInfoA
GetMenuStringA
GetMenu
SetMenu
CreatePopupMenu
SetMenuItemInfoA
AppendMenuA
CheckMenuItem
GetMenuItemCount
MapDialogRect
SetWindowContextHelpId
CharNextA
PostThreadMessageA
GetClassNameA
InvertRect
GetSystemMenu
SetParent
CloseClipboard
SetCursorPos
GetMenuItemID
ModifyMenuA
GetSubMenu
InsertMenuA
FindWindowExA
GetParent
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
PeekMessageA
IsIconic
RegisterDeviceNotificationA
UnregisterDeviceNotification
MessageBoxA
EnableWindow
wsprintfA
GetDesktopWindow
SendMessageTimeoutA
GetWindowThreadProcessId
FindWindowA
EndPaint
GetWindowDC
BeginPaint
EndDialog
CreateDialogIndirectParamA
RegisterClipboardFormatA
ShowOwnedPopups
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
BringWindowToTop
LoadAcceleratorsA
LoadStringA
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
SendDlgItemMessageA
SetActiveWindow
DeferWindowPos
TrackPopupMenu
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
WinHelpA
DrawTextExA
RegisterClassA
ScrollWindow

gdi32

GetTextExtentPointA
GetTextExtentPoint32A
SetPixel
CreatePen
SelectObject
BitBlt
CreateCompatibleDC
GetMapMode
GetStockObject
CreateDIBitmap
GetWindowOrgEx
GetTextFaceA
GetROP2
GetBkMode
GetTextAlign
GetPolyFillMode
GetStretchBltMode
GetNearestColor
CopyMetaFileA
GetBkColor
CreateFontA
GetCharWidthA
StretchDIBits
SetAbortProc
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
CombineRgn
SetRectRgn
DPtoLP
LPtoDP
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
StartDocA
SetBkColor
PtInRegion
FillRgn
CreatePolygonRgn
GetTextColor
Escape
ExtTextOutA
RectVisible
PtVisible
GetCurrentObject
GetClipBox
SetBkMode
SetTextColor
DeleteObject
Rectangle
TextOutW
GetTextExtentPointW
RoundRect
CreateDCA
GetDeviceCaps
DeleteDC
TextOutA
GetObjectA
FloodFill
GetPixel
CreateCompatibleBitmap
StretchBlt
GetBitmapBits
CreateBitmap
EnumFontFamiliesExA
GetTextMetricsA
CreateFontIndirectA
GetTextExtentPoint32W
CreateRectRgnIndirect
PatBlt
CreateSolidBrush

comdlg32

PrintDlgA
GetOpenFileNameA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegSetValueA
RegDeleteKeyA
RegOpenKeyA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
ExtractIconA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_LoadImageA
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_DragEnter
ImageList_GetIcon
ImageList_Draw
ord8
ord14
ord17
ImageList_DrawIndirect
ord13

oledlg

ord8

ole32

CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
ReleaseStgMedium

olepro32

ord253

oleaut32

SafeArrayGetDim
SafeArrayDestroy
VariantClear
SafeArrayPutElement
SysAllocStringLen
SysStringLen
VariantInit
SafeArrayCreateVector
SysFreeString
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayCreate
SysAllocStringByteLen
VariantTimeToSystemTime

wininet

InternetGetLastResponseInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
FtpGetFileA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imm32

ImmGetVirtualKey

wsock32

ntohl
htonl
WSAStartup
WSACleanup
select
closesocket
recv
send
connect
htons
ioctlsocket
gethostbyname
socket

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 664KB - Virtual size: 663KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1627869cbf543f9c60a29b99d787b68c

Headers

File Characteristics

Imports

hid

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

version

imm32

wsock32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 192KB - Virtual size: 188KB

.data Size: 264KB - Virtual size: 1.5MB

.rsrc Size: 664KB - Virtual size: 663KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 192KB - Virtual size: 188KB

.data
Size: 264KB - Virtual size: 1.5MB

.rsrc
Size: 664KB - Virtual size: 663KB