55cfaa2c9fec16ed2721fbb45dfe80c60873b8426752b9d9093e5756995b4bd4

Sharing

Copy URL Twitter E-mail

General

Target

55cfaa2c9fec16ed2721fbb45dfe80c60873b8426752b9d9093e5756995b4bd4
Size

504KB
MD5

1a80012add125a5a6f9631070c18b065
SHA1

84d285e963deb16d9d86bcef71aeb486791e09e5
SHA256

55cfaa2c9fec16ed2721fbb45dfe80c60873b8426752b9d9093e5756995b4bd4
SHA512

1fac26b7809da8e901aa4dc2c5611d6f67d2a928718f228b3e09fd3e88837267eb5bead0c3a4b05f05c71ae9a3e3be0a2ee259596fbff93e3b0057f12cd9abbd
SSDEEP

12288:gKPQ01cc6KS+WwTfnH4q6mG42ZF/uzsQcwf8X:gX5Kvnt2Z5g8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55cfaa2c9fec16ed2721fbb45dfe80c60873b8426752b9d9093e5756995b4bd4

Files

55cfaa2c9fec16ed2721fbb45dfe80c60873b8426752b9d9093e5756995b4bd4
.dll windows:4 windows x86

2652bbbd39a2825d183333175745410e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
FreeEnvironmentStringsA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapCreate
lstrcpyA
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
IsBadWritePtr
GetACP
HeapSize
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetTickCount
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetThreadLocale
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
GetCurrentThread
GlobalFree
FormatMessageA
LocalFree
GlobalReAlloc
lstrcpynA
lstrcmpA
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameA
CreateFileA
WriteFile
CloseHandle
FreeLibrary
VirtualFree
Sleep
VirtualAlloc
LoadLibraryA
GetProcAddress
GetProcessHeap
SetStdHandle

user32

GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetDesktopWindow
DestroyMenu
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
WindowFromPoint
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
UnpackDDElParam
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetMenu
SetPropA
UnhookWindowsHookEx
GetPropA
GetCursorPos
SendMessageA
InvalidateRect
GetParent
GetSubMenu
LoadMenuA
EnableWindow
MessageBeep
GetClientRect
SetWindowLongA
SetCursor
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
CreateDialogIndirectParamA
EndDialog
SetRectEmpty
GetScrollRange
TranslateAcceleratorA
GetWindowPlacement
GetSystemMetrics
GetDlgCtrlID
IsIconic
GetFocus
IsChild
AdjustWindowRectEx
FillRect
SetCapture
RedrawWindow
ReleaseCapture
PtInRect
IsWindow
GetSysColor
InflateRect
ReleaseDC
GetDC
GetWindowRect
LoadIconA
LoadBitmapA
AnimateWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetKeyState
UpdateWindow
LoadCursorA
SetTimer
BringWindowToTop
IsZoomed
SetCursorPos
DestroyCursor
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
SetRect
LoadStringA
GetSysColorBrush
GetClassNameA
KillTimer
GetClassLongA
ReuseDDElParam
FindWindowA
PostThreadMessageA
SetParent
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
CharUpperA
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
GetDlgItem
LoadAcceleratorsA

gdi32

GetViewportExtEx
GetWindowExtEx
CreatePen
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
StretchDIBits
CreateCompatibleBitmap
GetCharWidthA
GetTextMetricsA
Rectangle
DPtoLP
GetDeviceCaps
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetMapMode
SetRectRgn
CombineRgn
LPtoDP
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
CreateRectRgn
DeleteObject
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
GetViewportOrgEx
GetStockObject
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
BitBlt
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
IntersectClipRect

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SysAllocStringLen
SysFreeString
VariantTimeToSystemTime
SysStringLen

odbc32

ord10
ord5
ord16
ord61
ord13
ord18
ord11
ord3
ord14
ord9
ord15
ord51
ord45
ord50
ord1
ord2
ord41
ord68
ord12
ord46
ord19
ord44
ord8
ord59
ord20
ord49
ord48
ord4
ord72
ord17

Exports

Exports

SetCOMProfile
WSCreateInstance

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2652bbbd39a2825d183333175745410e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

Exports

Exports

Sections

.text Size: 240KB - Virtual size: 239KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 148KB - Virtual size: 160KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 36KB - Virtual size: 33KB

.text
Size: 240KB - Virtual size: 239KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 148KB - Virtual size: 160KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 36KB - Virtual size: 33KB