99e5a73cdd60dc37aa02437b0fb10ba75aa39e446f4145bec1bce341fd1a6ed3

Sharing

Copy URL Twitter E-mail

General

Target

99e5a73cdd60dc37aa02437b0fb10ba75aa39e446f4145bec1bce341fd1a6ed3
Size

4.4MB
MD5

d05c75b7189daab4a4dbd1939dcc66f8
SHA1

da281493b8c1aea87ec8ee12aea6c056703ef895
SHA256

99e5a73cdd60dc37aa02437b0fb10ba75aa39e446f4145bec1bce341fd1a6ed3
SHA512

aafec803cd4f747706d5fe9d9114336807cff12856688908db4ff412388742ce5af6e1df3c99fd72b6a6d473f8b02124aaf364769f00519fc7a1987bb1d19f7f
SSDEEP

98304:55u2dsT6L+dSDBuJcdv4HpLt+VndduUK7SBNeDdU:5Ja6L+dSDBuRHpedWmBwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99e5a73cdd60dc37aa02437b0fb10ba75aa39e446f4145bec1bce341fd1a6ed3

Files

99e5a73cdd60dc37aa02437b0fb10ba75aa39e446f4145bec1bce341fd1a6ed3
.exe windows:6 windows x86

e5b45c463be0ad0f3e458a3f8f3e7ec5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ioctlsocket
getnameinfo
sendto
recvfrom
listen
accept
freeaddrinfo
gethostname
WSAStartup
WSACleanup
getaddrinfo
WSAIoctl
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
select
WSASetLastError
__WSAFDIsSet
socket
WSAGetLastError
shutdown

iphlpapi

GetAdaptersInfo

shlwapi

PathRemoveFileSpecA
PathAddBackslashW
PathRemoveFileSpecW
PathAddBackslashA

wldap32

ord60
ord211
ord79
ord46
ord217
ord143
ord301
ord200
ord30
ord35
ord41
ord22
ord50
ord26
ord27
ord32
ord33

crypt32

CertFindCertificateInStore
CertGetCertificateContextProperty
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFreeCertificateContext

imm32

ImmSetCompositionWindow
ImmGetCompositionStringW
ImmNotifyIME
ImmGetContext
ImmReleaseContext
ImmAssociateContextEx
ImmSetCandidateWindow

opengl32

glDisable
glPushMatrix
glPixelStorei
glTexSubImage2D
glOrtho
glPushAttrib
glEnable
glColor4f
wglCreateContext
wglDeleteContext
wglMakeCurrent
glPopMatrix
glViewport
glInterleavedArrays
glClear
glTexEnvf
glPopAttrib
glBindTexture
glGenTextures
glEnd
glMatrixMode
glRotatef
glVertex2f
glTexImage2D
glDrawArrays
glVertex2i
glClearColor
glBegin
glHint
glDeleteTextures
glTexParameteri
glLoadIdentity
glLineWidth
glColor3f
glBlendFunc

d3d11

D3D11CreateDevice

kernel32

GetProcessAffinityMask
GetNumaHighestNodeNumber
CloseHandle
WaitForMultipleObjects
PostQueuedCompletionStatus
SetEvent
DeleteCriticalSection
Sleep
GetCurrentThreadId
GetLastError
InitializeCriticalSection
CreateEventW
CreateIoCompletionPort
EnterCriticalSection
LeaveCriticalSection
GetQueuedCompletionStatus
WaitForSingleObject
GetTickCount
SetFilePointerEx
WriteFile
CreateFileA
GetFileSizeEx
SetEndOfFile
ReadFile
DeleteFileA
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
FindClose
FindFirstFileW
FindNextFileW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetFileAttributesW
CreateDirectoryW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
WinExec
CreateDirectoryA
CreateFileW
GetPrivateProfileStringW
LoadLibraryW
FreeLibrary
GetSystemInfo
WritePrivateProfileStringW
CreateProcessW
ExitProcess
GetPrivateProfileIntA
GetCommandLineW
GetModuleHandleA
GetEnvironmentVariableA
SetEnvironmentVariableA
SetDllDirectoryA
GetCurrentProcessId
InitializeCriticalSectionEx
RaiseException
DecodePointer
GetCurrentDirectoryW
GetFileSize
FreeResource
LoadResource
LockResource
SizeofResource
GlobalLock
GlobalUnlock
FindResourceW
MulDiv
InitializeCriticalSectionAndSpinCount
GlobalAlloc
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
SystemTimeToFileTime
lstrcpynW
lstrcmpiW
GetCurrentProcess
TerminateProcess
GetVersionExW
IsProcessorFeaturePresent
GetPrivateProfileIntW
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetSystemTime
GetStdHandle
OutputDebugStringA
OutputDebugStringW
FormatMessageA
GetDriveTypeW
CreateTimerQueueTimer
DeleteTimerQueueTimer
TryEnterCriticalSection
SleepEx
GetTickCount64
WaitForSingleObjectEx
ExpandEnvironmentStringsA
GetFileType
PeekNamedPipe
SetLastError
VerSetConditionMask
GetSystemDirectoryA
LoadLibraryA
VerifyVersionInfoA
GetEnvironmentVariableW
GetConsoleMode
ReadConsoleA
ReadConsoleW
SetConsoleMode
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
FormatMessageW
SwitchToFiber
DeleteFiber
CreateFiber
QueryPerformanceCounter
ConvertFiberToThread
ConvertThreadToFiber
QueryPerformanceFrequency
GetCurrentThread
GetThreadTimes
SetEnvironmentVariableW
VerifyVersionInfoW
UnhandledExceptionFilter
InitializeSListHead
ResetEvent
GetStartupInfoW
DuplicateHandle
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
LoadLibraryExW
VirtualAlloc
VirtualFree
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
GetFileAttributesExW
ExitThread
SystemTimeToTzSpecificLocalTime
SetConsoleCtrlHandler
GetFullPathNameW
GetFullPathNameA
HeapAlloc
HeapFree
HeapReAlloc
GetACP
GetConsoleCP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
HeapSize
GetProcessHeap
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
SetThreadPriority
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
GetThreadPriority
VirtualQuery
LoadLibraryExA
GetLogicalProcessorInformation
IsDebuggerPresent
LocalFree
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
GetExitCodeThread
ChangeTimerQueueTimer

user32

MonitorFromPoint
InflateRect
LoadCursorW
AdjustWindowRectEx
GetPropW
SetPropW
GetMenu
EnableWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
DefWindowProcW
SetWindowRgn
PtInRect
IsRectEmpty
OffsetRect
UnionRect
IntersectRect
GetSysColor
MapWindowPoints
ScreenToClient
GetCursorPos
GetClientRect
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetKeyState
GetFocus
UpdateLayeredWindow
SetFocus
IsZoomed
IsWindowVisible
DestroyWindow
IsWindow
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
FindWindowW
GetWindowLongW
PostQuitMessage
ShowWindow
SetWindowLongW
MessageBoxW
CharNextW
GetSystemMetrics
LoadImageW
SetForegroundWindow
BringWindowToTop
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
PostMessageW
SetWindowPos
GetWindowRect
IsIconic
MonitorFromWindow
GetWindow
GetParent
SendMessageW
RedrawWindow
MoveWindow
DestroyCaret
VkKeyScanExW
CloseTouchInputHandle
GetTouchInputInfo
WindowFromPoint
SetClassLongW
GetCapture
RegisterTouchWindow
GetDoubleClickTime
TrackMouseEvent
GetMessageTime
LoadAcceleratorsW
IsDialogMessageW
TranslateAcceleratorW
RegisterWindowMessageW
SetParent
MonitorFromRect
GetWindowPlacement
SetWindowPlacement
DeferWindowPos
EnumChildWindows
EndDialog
RemovePropW
BeginDeferWindowPos
SetMenu
LoadIconW
EndDeferWindowPos
DialogBoxParamW
UpdateWindow
GetAncestor
GetUserObjectInformationW
GetProcessWindowStation
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
GetGUIThreadInfo
InvalidateRgn
CreateAcceleratorTableW
DrawTextA
wsprintfA
EqualRect
IsWindowEnabled
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SystemParametersInfoW
wsprintfW
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret
TrackPopupMenu
AppendMenuW
EnableMenuItem
DestroyMenu
CreatePopupMenu
SetRect
FillRect
DrawTextW
CharPrevW
SetCursor
GetActiveWindow
GetWindowRgn
GetMonitorInfoW

gdi32

StretchBlt
SetStretchBltMode
SetTextColor
GetTextExtentPoint32W
SetBkMode
TextOutW
GdiFlush
CreatePatternBrush
GetTextExtentPointA
FillRgn
GetBitmapBits
SetBitmapBits
CreateFontW
SetRectRgn
SelectClipRgn
SwapBuffers
ChoosePixelFormat
MoveToEx
ExtSelectClipRgn
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
SetBkColor
CreateDIBSection
PtInRegion
CreateRectRgn
CreateRoundRectRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
CreateCompatibleBitmap
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SelectObject
SetPixelFormat
LineTo
SaveDC
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleDC
GetObjectA
BitBlt

comdlg32

FindTextW

advapi32

CryptExportKey
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
CryptDecrypt

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
ShellExecuteA
DragQueryFileW
DragAcceptFiles
ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoUninitialize
RegisterDragDrop
DoDragDrop
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipLoadImageFromStreamICM
GdipDeleteBrush
GdipCreateSolidFill
GdipCloneBrush
GdipSetPenMode
GdipLoadImageFromStream
GdipFree
GdiplusStartup
GdiplusShutdown
GdipRotateWorldTransform
GdipCreatePen1
GdipAlloc
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangleI
GdipDrawRectangleI
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipDeletePen

bcrypt

BCryptGenRandom

winhttp

WinHttpConnect
WinHttpSendRequest
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpReadData
WinHttpOpen
WinHttpReceiveResponse
WinHttpCrackUrl

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 879KB - Virtual size: 878KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5b45c463be0ad0f3e458a3f8f3e7ec5

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

iphlpapi

shlwapi

wldap32

crypt32

imm32

opengl32

d3d11

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

bcrypt

winhttp

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 879KB - Virtual size: 878KB

.data Size: 42KB - Virtual size: 67KB

.gfids Size: 3KB - Virtual size: 3KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 117KB - Virtual size: 116KB

.reloc Size: 186KB - Virtual size: 185KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 879KB - Virtual size: 878KB

.data
Size: 42KB - Virtual size: 67KB

.gfids
Size: 3KB - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 117KB - Virtual size: 116KB

.reloc
Size: 186KB - Virtual size: 185KB