3b5ff3fac642e409930139ab3945fd08ae1155bdea9fb37747458584ef8f6070

Sharing

Copy URL Twitter E-mail

General

Target

3b5ff3fac642e409930139ab3945fd08ae1155bdea9fb37747458584ef8f6070
Size

292KB
MD5

b6878215496ae3412d9334ff957d6606
SHA1

4d5696317e673f01b5fbde629c5e2627763275c9
SHA256

3b5ff3fac642e409930139ab3945fd08ae1155bdea9fb37747458584ef8f6070
SHA512

6ab1a2b78946510c4a1f123beb1920dccfc234cef936095cebfac8cabc76e4ea3bf16259dc6e748d7ca03a8e78f5a781b65d28434fb5bdf95b3e8d48750e5475
SSDEEP

6144:KlpnTCfwZM5kKcUXsMPqcF2XiRAyb0B+qH:KlpnTCfEM5HcUX9PGSRAyi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b5ff3fac642e409930139ab3945fd08ae1155bdea9fb37747458584ef8f6070

Files

3b5ff3fac642e409930139ab3945fd08ae1155bdea9fb37747458584ef8f6070
.exe windows:4 windows x86

dd5ce759b1f5ae5f8e0fd3f1301c5d50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
TerminateProcess
CreateThread
ExitThread
GetACP
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
RtlUnwind
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
SetErrorMode
GetProfileStringA
WritePrivateProfileStringA
GetFileSize
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
FindFirstFileA
FindClose
GetFileTime
GetFullPathNameA
GetFileAttributesA
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
lstrcmpA
GetCurrentThread
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
EnterCriticalSection
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
lstrlenW
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
GetTempPathA
GetModuleFileNameA
OpenProcess
CloseHandle
CreateFileA
DeviceIoControl
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
CreateMutexA
GetLastError
ReleaseMutex
GetProcessHeap
HeapAlloc
HeapFree
lstrlenA
GetProcAddress
FormatMessageA
LocalFree
FreeLibrary
FreeEnvironmentStringsW
LoadLibraryA

user32

PostThreadMessageA
CheckMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
ScreenToClient
CopyRect
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
RegisterClipboardFormatA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
AdjustWindowRectEx
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
GetWindowRect
EnableWindow
AnimateWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetCursorPos
GetSubMenu
EnableMenuItem
DestroyIcon
SetTimer
PostMessageA
IsIconic
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadMenuA
LoadIconA
FindWindowA
IsWindow
SetForegroundWindow
SendMessageA
GetParent
ShowWindow
InflateRect
MessageBeep
ModifyMenuA
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
KillTimer
GetSystemMetrics
DefDlgProcA
IsWindowUnicode
SetWindowPos
CharUpperA
GetSysColorBrush
LoadCursorA
SetMenuItemBitmaps
GetClassNameA
CharNextA
LoadStringA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetMessageA
TranslateMessage
ValidateRect
SetCursor
PostQuitMessage
GetDesktopWindow
InvalidateRect
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
SetWindowsHookExA
PtInRect

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
ScaleViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
LPtoDP
DPtoLP
GetTextColor
GetBkColor
GetMapMode
PatBlt
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

OpenServiceA
OpenSCManagerA
RegCloseKey
ControlService
CloseServiceHandle
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StringFromCLSID
CoTaskMemFree

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
VariantClear
VariantTimeToSystemTime
SysStringLen

wsock32

recv
closesocket
WSAStartup
gethostname
bind
WSACleanup
ioctlsocket
socket
htons
sendto
inet_addr
recvfrom
ntohs
gethostbyname

wininet

InternetGetLastResponseInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA

iphlpapi

GetIfEntry
GetIpForwardTable
GetAdaptersInfo

ws2_32

WSAIoctl

winmm

PlaySoundA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDescriptionA
SetupDiGetDeviceInstanceIdA
SetupDiClassNameFromGuidA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd5ce759b1f5ae5f8e0fd3f1301c5d50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

iphlpapi

ws2_32

winmm

psapi

setupapi

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 24KB - Virtual size: 41KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 24KB - Virtual size: 41KB

.rsrc
Size: 16KB - Virtual size: 16KB