c1df04bf80e30c4779064c931aee6dd1738124b83e368ac9659318e3fad55dd3

Sharing

Copy URL Twitter E-mail

General

Target

c1df04bf80e30c4779064c931aee6dd1738124b83e368ac9659318e3fad55dd3
Size

3.4MB
MD5

c63287dd5fafc38871d12293a776bb7b
SHA1

4307394f4ddf8e3c81dbeef88a704b0792746142
SHA256

c1df04bf80e30c4779064c931aee6dd1738124b83e368ac9659318e3fad55dd3
SHA512

facb920a18c1171fd079721e679f61b76e1baf47bc3fd6e4df96a01002ee89f9e667ad8b29d3b60cfda9b434e9e23c347ee52105855fc5dbeeabebf5bdf63b71
SSDEEP

98304:mTldeNsPjviuq1ZkF9TKCd/7WYxQkXy1FLOAkGkzdnEVomFHKnPx:YPKyxQkXy1FLOyomFHKnPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1df04bf80e30c4779064c931aee6dd1738124b83e368ac9659318e3fad55dd3

Files

c1df04bf80e30c4779064c931aee6dd1738124b83e368ac9659318e3fad55dd3
.exe windows:6 windows x86

357d27887dfaed1bba89370a6617c42f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
FreeEnvironmentStringsW
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
FormatMessageA
AreFileApisANSI
SetFilePointerEx
GetCPInfo
LCMapStringW
GetStringTypeW
OutputDebugStringW
SetEnvironmentVariableA
WriteConsoleW
GetSystemInfo
CloseHandle
WaitForSingleObject
SizeofResource
LockResource
LoadResource
FindResourceW
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetVolumeInformationW
FindFirstFileW
FindNextFileW
GetModuleFileNameW
FindClose
CreateFileW
Sleep
DeleteFileW
GetWindowsDirectoryW
lstrcmpW
ReadFile
GetCurrentProcess
TerminateProcess
ResumeThread
GetModuleHandleA
FormatMessageW
LoadLibraryW
GetProcAddress
GetCurrentProcessId
CreateProcessW
MultiByteToWideChar
WideCharToMultiByte
DeviceIoControl
GetVersionExW
GetSystemDirectoryW
LocalFree
GetModuleHandleW
FreeLibrary
GetCurrentThread
GetCurrentThreadId
LoadLibraryExW
GlobalAlloc
GlobalLock
GlobalDeleteAtom
lstrcmpA
FreeResource
GlobalFree
lstrcpyW
OutputDebugStringA
SetLastError
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalUnlock
GlobalSize
MulDiv
CopyFileW
SetEvent
CreateEventW
SetThreadPriority
GlobalAddAtomW
EncodePointer
GlobalFindAtomW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
GetThreadLocale
VerSetConditionMask
VerifyVersionInfoW
GetFileAttributesW
GetFileSize
GlobalGetAtomNameW
FileTimeToSystemTime
FlushFileBuffers
GetFullPathNameW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
VirtualProtect
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetTickCount
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
FindResourceExW
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW

user32

MessageBeep
GetNextDlgGroupItem
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
SetLayeredWindowAttributes
SystemParametersInfoW
CopyRect
GetMenuItemInfoW
DestroyMenu
IsDialogMessageW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetFocus
GetDlgCtrlID
CheckDlgButton
SetDlgItemTextW
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
GetSystemMetrics
GetClientRect
DestroyAcceleratorTable
MoveWindow
GetIconInfo
GetClassNameW
InvalidateRect
UpdateWindow
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
SetRectEmpty
EnumDisplayMonitors
SetParent
MonitorFromPoint
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
LoadMenuW
BeginPaint
ReleaseDC
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableScrollBar
GetMessagePos
GetDoubleClickTime
EnableWindow
UnregisterClassW
PostMessageW
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
RegisterWindowMessageW
DrawEdge
DrawFrameControl
IsWindowVisible
IsIconic
GetFocus
DrawStateW
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
MessageBoxW
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
SetClassLongW
GetUpdateRect
SendDlgItemMessageA
GetDC
GetWindowDC
ShowWindow
CopyIcon
UpdateLayeredWindow
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
GetKeyNameTextW
SubtractRect
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
InvertRect
HideCaret
GetWindowRgn
DestroyCursor
CreateMenu
DrawIcon
GetComboBoxInfo

gdi32

GetTextFaceW
SetPixelV
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExW
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
Rectangle
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
DPtoLP
SetRectRgn
GetMapMode
GetRgnBox
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
GetObjectW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

SystemFunction036
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

DragQueryFileW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
DragFinish
SHGetFileInfoW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeText
DrawThemeParentBackground
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

ole32

IsAccelerator
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
VariantClear
VariantCopy
VarBstrFromDate
VariantChangeType
OleCreateFontIndirect
SystemTimeToVariantTime
SysStringLen
SafeArrayDestroy
VariantTimeToSystemTime
LoadTypeLi

oledlg

OleUIBusyW

gdiplus

GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

357d27887dfaed1bba89370a6617c42f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 356KB - Virtual size: 355KB

.data Size: 27KB - Virtual size: 53KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 129KB - Virtual size: 128KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 356KB - Virtual size: 355KB

.data
Size: 27KB - Virtual size: 53KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 129KB - Virtual size: 128KB