4a01d25c0975ac7f561bafe22ca21459dbc483f10cf6c76b850b4f4c9481201a

Sharing

Copy URL Twitter E-mail

General

Target

4a01d25c0975ac7f561bafe22ca21459dbc483f10cf6c76b850b4f4c9481201a
Size

3.4MB
MD5

c5d0f414ef9e9d2ad966cfdcb1c6c04a
SHA1

8264653a36c8891de545c746a0707fe504fc8a9d
SHA256

4a01d25c0975ac7f561bafe22ca21459dbc483f10cf6c76b850b4f4c9481201a
SHA512

43feba516b4148f008da595d75a3beca958babd400ca3a17799866a5337088743665732aa85660e11a6370a82bd8b914f35b46e2b6ea207b7c0e8fb8d7813c6a
SSDEEP

49152:UI/UtAAJvKhyoG2Vbn0ymjvf3WNsr+YUNOQGdL5FFVoEWQVHWbuSDXFrw:UztAxh5Vj0J+YUNOQ6NFFCEWiHqtk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a01d25c0975ac7f561bafe22ca21459dbc483f10cf6c76b850b4f4c9481201a

Files

4a01d25c0975ac7f561bafe22ca21459dbc483f10cf6c76b850b4f4c9481201a
.exe windows:4 windows x86

312cc8e86630a7fd3784055dd35973a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_GetAttributes
HidD_GetManufacturerString
HidD_GetProductString
HidD_GetIndexedString
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetHidGuid

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces

kernel32

ExitProcess
RaiseException
HeapFree
HeapAlloc
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
TerminateProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
LCMapStringW
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetEnvironmentVariableA
GetLocaleInfoW
GetProfileStringA
InterlockedExchange
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetPrivateProfileStringA
CopyFileA
WritePrivateProfileStringA
GetModuleHandleA
VirtualProtect
VirtualQuery
DeleteFileA
Sleep
QueryPerformanceCounter
CloseHandle
GetLastError
CreateFileA
CreateEventA
DeviceIoControl
WaitForSingleObject
WriteFile
ResetEvent
GetOverlappedResult
ReadFile
SetEvent
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
GetPrivateProfileSectionA
UnmapViewOfFile
SetCurrentDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
WritePrivateProfileSectionA
Beep
MoveFileA
QueryPerformanceFrequency
GetCurrentThreadId
SuspendThread
ResumeThread
MapViewOfFile
CreateFileMappingA
GetFileSize
GetExitCodeProcess
CreateProcessA
GetShortPathNameA
GetFileAttributesA
SetFileTime
GetFileTime
GetLongPathNameA
GetModuleFileNameA
LockResource
LoadResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
GetPrivateProfileIntA
MultiByteToWideChar
IsDBCSLeadByte
GetStartupInfoA
CreatePipe
GetVolumeInformationA
SetupComm
SetCommMask
SetCommState
GetCommState
SetCommTimeouts
CancelIo
SetCommConfig
GetDefaultCommConfigA
WaitCommEvent
GetCommTimeouts
GlobalUnlock
GlobalLock
GetTempFileNameA
GetTempPathA
GetACP
GetVersion
LCMapStringA
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesA
lstrcatA
lstrcpyA
GetLocaleInfoA
MulDiv
LocalFree
FormatMessageA
GlobalAlloc
lstrcpynA
lstrlenA
WinExec
GetSystemTime
SetLastError
GetCurrentProcess
GetWindowsDirectoryA
InterlockedIncrement
InterlockedDecrement
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
SetThreadPriority
lstrcmpA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThread
GetTickCount
GlobalFree
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrlenW
GetProfileIntA
EnterCriticalSection
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetDiskFreeSpaceA
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
GlobalSize
RtlUnwind
GetTimeZoneInformation
GetLocalTime

user32

GetNextDlgGroupItem
SetWindowPlacement
GetWindowTextLengthA
DestroyWindow
CreateWindowExA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
IntersectRect
IsChild
TranslateMessage
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
CharUpperA
SendMessageW
GetQueueStatus
DrawIcon
CallWindowProcA
SetRectEmpty
GetDCEx
BeginDeferWindowPos
EndDeferWindowPos
ShowScrollBar
MessageBeep
CopyIcon
EqualRect
ShowCursor
MapWindowPoints
GetMessagePos
ValidateRect
GetClassInfoA
DefWindowProcA
GrayStringA
TabbedTextOutA
WindowFromPoint
GetMessageA
ClientToScreen
DispatchMessageA
GetDlgCtrlID
IsRectEmpty
GetSysColorBrush
GetClassLongA
DrawStateA
DestroyIcon
LoadBitmapA
GetActiveWindow
IsZoomed
GetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
DrawMenuBar
wsprintfA
CopyAcceleratorTableA
ReplyMessage
GetWindowPlacement
ShowWindow
SetWindowLongA
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
GetDlgItem
SetCaretPos
CreateCaret
ShowCaret
HideCaret
DrawIconEx
DrawEdge
SetCursorPos
DrawTextExA
InflateRect
DrawTextA
PtInRect
DrawFocusRect
LoadCursorA
SetCursor
ChildWindowFromPoint
IsWindowVisible
SystemParametersInfoA
ScreenToClient
GetWindow
CopyRect
RedrawWindow
IsWindow
AdjustWindowRectEx
ScrollDC
ReleaseCapture
GetCapture
SetCapture
SetRect
SetForegroundWindow
GetWindowLongA
FillRect
LockWindowUpdate
GetDC
ReleaseDC
GetClientRect
GetSystemMetrics
SetTimer
KillTimer
LoadIconA
GetSysColor
GetWindowRect
OffsetRect
DestroyCursor
UnregisterClassA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SendMessageA
PostMessageA
EnumWindows
GetWindowTextA
SetWindowPos
GetTabbedTextExtentA
GetFocus
SetFocus
InvalidateRect
GetKeyState
UpdateWindow
DeleteMenu
LoadMenuA
DestroyMenu
GetMenuStringW
ModifyMenuW
GetMenuItemInfoA
GetMenuStringA
GetMenu
SetMenu
CreatePopupMenu
SetMenuItemInfoA
AppendMenuA
CheckMenuItem
MapDialogRect
SetWindowContextHelpId
CharNextA
PostThreadMessageA
GetClassNameA
InvertRect
GetSystemMenu
LoadStringA
SetClipboardData
SetParent
GetMenuItemCount
GetMenuItemID
ModifyMenuA
GetSubMenu
InsertMenuA
FindWindowExA
GetParent
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
PeekMessageA
IsIconic
RegisterDeviceNotificationA
UnregisterDeviceNotification
MessageBoxA
EnableWindow
GetDesktopWindow
SendMessageTimeoutA
GetWindowThreadProcessId
FindWindowA
wvsprintfA
BeginPaint
EndPaint
GetWindowDC
EndDialog
CreateDialogIndirectParamA
RegisterClipboardFormatA
ShowOwnedPopups
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
BringWindowToTop
LoadAcceleratorsA
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
SendDlgItemMessageA
SetActiveWindow
DeferWindowPos
TrackPopupMenu
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
WinHelpA
DrawFrameControl
RegisterClassA
ScrollWindow

gdi32

GetTextExtentPointA
GetTextExtentPoint32A
SetPixel
CreatePen
SelectObject
BitBlt
CreateCompatibleDC
GetMapMode
GetStockObject
CreateDIBitmap
GetWindowOrgEx
GetTextFaceA
GetROP2
GetBkMode
GetTextAlign
GetPolyFillMode
GetStretchBltMode
GetNearestColor
CopyMetaFileA
GetBkColor
CreateFontA
GetCharWidthA
StretchDIBits
SetAbortProc
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
LPtoDP
DPtoLP
CombineRgn
SetRectRgn
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
StartDocA
SetBkColor
PtInRegion
FillRgn
CreatePolygonRgn
GetTextColor
Escape
ExtTextOutA
RectVisible
PtVisible
GetCurrentObject
GetClipBox
SetBkMode
SetTextColor
DeleteObject
Rectangle
TextOutW
GetTextExtentPointW
RoundRect
CreateDCA
GetDeviceCaps
DeleteDC
TextOutA
GetObjectA
FloodFill
GetPixel
CreateCompatibleBitmap
StretchBlt
GetBitmapBits
CreateBitmap
EnumFontFamiliesExA
GetTextMetricsA
CreateFontIndirectA
GetTextExtentPoint32W
CreateRectRgnIndirect
PatBlt
CreateSolidBrush

comdlg32

PrintDlgA
GetOpenFileNameA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
ExtractIconA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_LoadImageA
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_DragEnter
ImageList_GetIcon
ImageList_Draw
ord8
ord14
ord17
ImageList_DrawIndirect
ord13

oledlg

ord8

ole32

CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
ReleaseStgMedium

olepro32

ord253

oleaut32

SafeArrayGetDim
SafeArrayDestroy
VariantClear
SafeArrayPutElement
SysAllocStringLen
SysStringLen
VariantInit
SafeArrayCreateVector
SysFreeString
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayCreate
SysAllocStringByteLen
VariantTimeToSystemTime

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
FtpGetFileA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imm32

ImmGetVirtualKey

wsock32

ntohl
htonl
WSAStartup
WSACleanup
select
closesocket
recv
send
connect
htons
ioctlsocket
gethostbyname
socket

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 664KB - Virtual size: 663KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

312cc8e86630a7fd3784055dd35973a7

Headers

File Characteristics

Imports

hid

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

version

imm32

wsock32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 188KB - Virtual size: 187KB

.data Size: 260KB - Virtual size: 1.5MB

.rsrc Size: 664KB - Virtual size: 663KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 188KB - Virtual size: 187KB

.data
Size: 260KB - Virtual size: 1.5MB

.rsrc
Size: 664KB - Virtual size: 663KB