8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377

Sharing

Copy URL

Twitter E-mail

General

Target

8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377
Size

2.5MB
MD5

97d92f76e8cbe66a6f4a202cd7798ae5
SHA1

bac776090d16c197a94f50f6f69852c17b86e46d
SHA256

8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377
SHA512

f0c1faa6341c8b4c0a37358d18f0ce582e36c9cbe181ae31a6632696437931e38c666d651cd1d7aec082089ce0a3575213d1fb51c723a50912b121ede5368a94
SSDEEP

24576:KXqtba4lOOWuk04i7jjU6k7QeLqB4dTbCOdIxZM:KXRDirU6k7KB4dToZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377

Files

8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377
.exe windows:5 windows x86

dd4a3e2318fc0c6c2159478b808704cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipDeleteGraphics
GdipGetImageWidth
GdipAlloc
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipBitmapSetPixel
GdipCloneImage
GdipFree
GdiplusStartup
GdipGetImageHeight
GdipGetPropertyItem
GdipDrawImageI
GdipCreateFromHDC
GdiplusShutdown
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromFile

kernel32

GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentProcessId
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetTickCount
GetThreadLocale
FindClose
FindNextFileW
FindFirstFileW
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsSetValue
LocalReAlloc
DeleteCriticalSection
CompareStringW
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
GetFileSizeEx
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
HeapSize
VirtualQuery
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
GetTimeZoneInformation
SetStdHandle
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryW
GetDriveTypeA
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
GetVersionExA
SetLastError
FormatMessageW
FreeResource
VirtualProtectEx
VirtualQueryEx
MulDiv
InterlockedExchangeAdd
CreateProcessW
GetCommandLineW
LocalFree
FlushFileBuffers
WriteFile
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Process32NextW
SetFilePointer
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
ExpandEnvironmentStringsW
WaitForSingleObject
Beep
SetCurrentDirectoryW
DeleteFileW
CopyFileW
lstrlenA
GetFileSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
GetSystemInfo
VirtualAlloc
GetModuleHandleA
lstrcatA
VirtualFree
lstrcmpA
GetFileAttributesW
GetModuleHandleW
lstrcpyW
lstrcpynW
GetSystemDirectoryW
GetDiskFreeSpaceExW
GetModuleFileNameW
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryA
GetProcAddress
GetCurrentThreadId
lstrlenW
lstrcmpiW
GetCurrentThread
SetThreadPriority
VirtualProtect
FlushInstructionCache
GetVersionExW
TlsAlloc
TlsFree
GlobalFree
lstrcmpW
GetModuleFileNameA
CreateFileW
SetFileTime
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentProcess
GetLastError
TerminateThread
CloseHandle
CreateThread
GetCurrentDirectoryA
FreeLibrary
WritePrivateProfileStringW

user32

GetPropW
SetPropW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
CheckMenuItem
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MoveWindow
ClientToScreen
PostQuitMessage
ValidateRect
SetCursor
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
SetCapture
ReleaseCapture
CharUpperW
PostThreadMessageW
UnregisterClassW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
CallWindowProcW
GetMenu
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CreateDialogIndirectParamW
GetDlgItem
EndDialog
GetWindowLongW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RemovePropW
BeginPaint
GetCursorInfo
GetNextDlgTabItem
GetSysColor
CreateAcceleratorTableW
IsWindowEnabled
GetActiveWindow
SetActiveWindow
DestroyAcceleratorTable
GetFocus
CreateWindowExW
EnumChildWindows
SetWindowLongW
GetWindowDC
WindowFromPoint
GetCursor
DrawIconEx
PrintWindow
SetMenu
RedrawWindow
SetFocus
SetWindowTextW
FlashWindowEx
ShowCaret
HideCaret
GetIconInfo
TranslateAcceleratorW
IsDialogMessageW
DefWindowProcW
RegisterClassExW
CreatePopupMenu
CreateMenu
MessageBoxW
VkKeyScanW
GetAsyncKeyState
InflateRect
GetDlgCtrlID
GetDesktopWindow
IntersectRect
IsRectEmpty
InvalidateRect
MessageBoxA
GetKeyState
wsprintfW
IsClipboardFormatAvailable
ChildWindowFromPoint
GetWindowTextLengthW
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
ShowWindow
SetWindowPos
GetParent
ScreenToClient
DestroyWindow
IsIconic
GetSystemMenu
PostMessageW
AppendMenuW
DrawIcon
RegisterClipboardFormatW
mouse_event
SetCursorPos
EnumWindows
GetClipboardData
GetWindowTextW
IsWindowVisible
GetClassNameW
GetKeyNameTextW
EqualRect
SystemParametersInfoW
keybd_event
MapVirtualKeyW
GetDC
ReleaseDC
LoadIconW
PeekMessageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetRect
IsWindow
SetForegroundWindow
GetSystemMetrics
KillTimer
ExitWindowsEx
RegisterHotKey
GetCursorPos
EnableWindow
SetClipboardViewer
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ChangeClipboardChain
SetTimer
UpdateWindow
EndPaint
GetClassInfoExW
GetClientRect
GetWindowRect
SendMessageW
GetMessageW
DispatchMessageW
TranslateMessage
UnregisterHotKey
PtInRect
LoadCursorW

gdi32

CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontW
Ellipse
DeleteObject
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetTextColor
SetBkColor
SetMapMode
LineTo
MoveToEx
GetCurrentObject
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetBkColor
GetTextColor
GetRgnBox
GetBitmapBits
GetMapMode
CreateRectRgnIndirect
SetBitmapBits
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateDIBitmap
GetTextExtentPoint32W
GetTextMetricsW
CreatePalette
CreateDCW
GetDeviceCaps
DeleteDC
GetObjectW
GetStockObject
RestoreDC
SaveDC
SelectPalette
RealizePalette
GetDIBits
CreateBitmap
GetClipBox
SetBkMode

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueExW
AdjustTokenPrivileges
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
GetUserNameW
RegQueryValueExW
LookupPrivilegeValueW
OpenProcessToken
LookupPrivilegeValueA

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
OleRun
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

VariantInit
SysStringLen
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantCopy
SysFreeString
SysAllocString
VariantClear
SafeArrayDestroy
OleCreateFontIndirect
GetErrorInfo

winmm

PlaySoundW

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winhttp

WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpConnect
WinHttpOpen
WinHttpCloseHandle
WinHttpReadData
WinHttpQueryHeaders

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd4a3e2318fc0c6c2159478b808704cc

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

iphlpapi

version

winhttp

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 20KB - Virtual size: 279KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 102KB - Virtual size: 101KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 20KB - Virtual size: 279KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 102KB - Virtual size: 101KB