3fb6abdd7e92603aa9fea2388954f28066f93421ecb4b7718e30c35d41ccf153

Sharing

Copy URL

Twitter E-mail

General

Target

3fb6abdd7e92603aa9fea2388954f28066f93421ecb4b7718e30c35d41ccf153
Size

3.6MB
MD5

c04d362ed6cd26df59bf926e19fba376
SHA1

226b1948f77977f6419108d254ddb4f56c438ea7
SHA256

3fb6abdd7e92603aa9fea2388954f28066f93421ecb4b7718e30c35d41ccf153
SHA512

f548b5ecfb4e4b6742c6d8fe55846d484579d2b496d6a83a7d681f2e49bd9d177e0f7b283a8f3c20c82d54781a97eb457128d150f4f66d69dfdda952db6af280
SSDEEP

98304:mYk4b1axvwTVO/A9aJwMo83k+A9QUKcDDjyGQs9FLOAkGkzdnEVomFHKnPFU:I18s/Va/6UKcDDGGQ6FLOyomFHKnPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb6abdd7e92603aa9fea2388954f28066f93421ecb4b7718e30c35d41ccf153

Files

3fb6abdd7e92603aa9fea2388954f28066f93421ecb4b7718e30c35d41ccf153
.exe windows:5 windows x86

e50ea8a53c1ca1a765f1fa3fc241a477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumWindows
SystemParametersInfoW
IsWindow
IsIconic
ShowWindow
IsWindowVisible
SetForegroundWindow
SetActiveWindow
GetLastActivePopup
SendMessageW
GetPropW
GetParent
GetWindowRect
KillTimer
SetTimer
EnableWindow
SetRect
GetDC
ReleaseDC
InvalidateRect
FillRect
CopyRect
GetWindowLongW
SetWindowLongW
UpdateLayeredWindow
SetClassLongW
LoadCursorW
GetClientRect
SetWindowRgn
PtInRect
BringWindowToTop
GetFocus
IsZoomed
GetMonitorInfoW
MonitorFromWindow
LoadIconW
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
PostMessageW
SetWindowPos
SetLayeredWindowAttributes
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
IsWindowEnabled
MessageBoxW
GetWindowThreadProcessId
UnhookWindowsHookEx
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
GetSysColor
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
DrawIcon
GetWindowRgn
DestroyCursor
CreateMenu
InvertRect
HideCaret
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
IsClipboardFormatAvailable
SubtractRect
PostThreadMessageW
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
GetIconInfo
GetDoubleClickTime
LockWindowUpdate
SetCursorPos
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
WaitMessage
MonitorFromPoint
UnionRect
EnableScrollBar
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
MessageBeep
DeleteMenu
GetSystemMenu
GetAsyncKeyState
TrackMouseEvent
EnumDisplayMonitors
SetRectEmpty
SendDlgItemMessageA
CopyImage
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
DrawIconEx
IsRectEmpty
OffsetRect
DrawFocusRect
GetSysColorBrush
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
IntersectRect
InflateRect
WindowFromPoint
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DrawStateW
CharUpperW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
LoadMenuW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
GetSystemMetrics

ole32

CoDisconnectObject
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoCreateGuid
CLSIDFromString
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SysFreeString
OleLoadPicture
SysAllocStringLen
VariantInit
VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString

shlwapi

PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
SHDeleteValueW
SHDeleteKeyW
PathIsDirectoryEmptyW
PathFileExistsW

shell32

SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
SHAppBarMessage
SHGetDesktopFolder
SHBrowseForFolderW
SHGetMalloc
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFolderPathW
ShellExecuteW
SHFileOperationW

version

VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

kernel32

GetVersionExW
GetCurrentProcess
FreeLibrary
SizeofResource
SetEnvironmentVariableA
LCMapStringW
OutputDebugStringW
GetTimeZoneInformation
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
WriteConsoleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
VirtualQuery
VirtualAlloc
GetSystemTimeAsFileTime
HeapQueryInformation
RtlUnwind
AreFileApisANSI
GetModuleHandleExW
ExitProcess
ExitThread
IsProcessorFeaturePresent
IsDebuggerPresent
SetStdHandle
GetConsoleCP
GetFileType
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetCommandLineW
FindResourceExW
VirtualProtect
GetProfileIntW
GetTickCount
SearchPathW
GetWindowsDirectoryW
GetTempFileNameW
GetCurrentDirectoryW
VerifyVersionInfoW
VerSetConditionMask
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetThreadLocale
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentProcessId
SetLastError
FormatMessageW
LocalFree
GlobalSize
CreateThread
TerminateThread
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
ResetEvent
SetEvent
ResumeThread
MulDiv
CreateEventW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
lstrcpyW
TerminateProcess
OpenProcess
Process32NextW
lstrcmpiW
Process32FirstW
CreateToolhelp32Snapshot
WaitForSingleObjectEx
GetPrivateProfileStringW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
FreeResource
WriteFile
CreateFileW
MultiByteToWideChar
CopyFileW
GetTempPathW
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
RemoveDirectoryW
GetModuleHandleW
FindResourceW
LoadResource
LockResource
GetModuleFileNameW
Sleep
CreateMutexW
CloseHandle
GetSystemInfo
LoadLibraryA
GetProcAddress
GetLastError
GetStdHandle

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
SelectObject
GetDeviceCaps
Polygon
CreateFontW
GetTextExtentPoint32W
PatBlt
GetTextFaceW
SetPixelV
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
EnumFontFamiliesExW
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
Rectangle
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
GetRgnBox
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetTextMetricsW
Polyline
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectW
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
CreateDCW
CopyMetaFileW
GetStockObject
GetObjectW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegDeleteKeyW

comctl32

InitCommonControlsEx
_TrackMouseEvent

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeParentBackground
DrawThemeText
GetCurrentThemeName
IsAppThemed

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipFillPieI
GdipFillRectangleI
GdipCreateBitmapFromScan0
GdipDeleteBrush
GdipCreateSolidFill
GdipDrawLineI
GdipDrawArcI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDeletePen
GdipCreatePen1
GdipSetSmoothingMode
GdipReleaseDC
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromStream
GdipCloneBrush

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e50ea8a53c1ca1a765f1fa3fc241a477

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

oleaut32

shlwapi

shell32

version

winmm

kernel32

gdi32

msimg32

winspool.drv

advapi32

comctl32

uxtheme

oledlg

gdiplus

imm32

oleacc

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 342KB - Virtual size: 342KB

.data Size: 26KB - Virtual size: 65KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 124KB - Virtual size: 124KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 342KB - Virtual size: 342KB

.data
Size: 26KB - Virtual size: 65KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 124KB - Virtual size: 124KB