3b268dc65ac36d49b541130282e8f5a6381b2be631135879283c7c2ceec55710

Sharing

Copy URL Twitter E-mail

General

Target

3b268dc65ac36d49b541130282e8f5a6381b2be631135879283c7c2ceec55710
Size

2.6MB
MD5

8fc41cc27ffcdc7d6bbe751fa78e8047
SHA1

db3eec1387d3af9fc229498bba90910b173af569
SHA256

3b268dc65ac36d49b541130282e8f5a6381b2be631135879283c7c2ceec55710
SHA512

e97486ec4cdddaff67472479ca6ff9ca3c0c88844caa53e4dc6f69cbc033939ad54dd98890027a2a92813e76025a1d415fdcc072ebe4675c3dcfff9e509386f3
SSDEEP

49152:YaDVZK68vTsaUU4mUNecVokZw1I7wZMVxL7xg6RjUBhxR6WWsDc2:YaDjK68vTsa34PNpoH1I7woVgkj8hxRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b268dc65ac36d49b541130282e8f5a6381b2be631135879283c7c2ceec55710

Files

3b268dc65ac36d49b541130282e8f5a6381b2be631135879283c7c2ceec55710
.exe windows:6 windows x86

bd2b700b604c5f5aea9c036c275227a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
FindFirstFileExA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
WriteConsoleW
GetDateFormatW
GetStdHandle
ExitProcess
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
GetTimeFormatW
FileTimeToLocalFileTime
SizeofResource
LockResource
LoadResource
FindResourceW
ResetEvent
PurgeComm
GetModuleFileNameA
DeleteFileA
CloseHandle
CreateEventA
GetTickCount
Sleep
SetEvent
FindResourceA
InitializeCriticalSection
EnterCriticalSection
CreateFileA
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
LeaveCriticalSection
WaitCommEvent
GetLastError
ClearCommError
WaitForMultipleObjects
GetCommMask
ResumeThread
SuspendThread
FormatMessageA
LocalFree
WriteFile
GetOverlappedResult
WaitForSingleObject
ReadFile
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
OutputDebugStringA
SetLastError
FreeResource
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
InitializeCriticalSectionAndSpinCount
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
MultiByteToWideChar
CompareStringA
GlobalAlloc
GlobalSize
MulDiv
CopyFileA
GetCurrentProcessId
GetVersionExA
GetThreadLocale
WideCharToMultiByte
FindClose
FindFirstFileA
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetCurrentThread
lstrcmpA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetThreadPriority
GetACP
GlobalFlags
lstrcpyA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetCurrentDirectoryA
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
SetErrorMode
GetTempPathA
GetTempFileNameA
GetProfileIntA
SearchPathA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

GetIconInfo
DrawIconEx
LoadImageA
DrawFocusRect
GetMenuDefaultItem
CreatePopupMenu
MessageBeep
GetNextDlgGroupItem
KillTimer
SetTimer
DeleteMenu
LoadCursorW
WaitMessage
IsRectEmpty
InvalidateRgn
CopyAcceleratorTableA
ReleaseCapture
SetCapture
CharUpperA
GetAsyncKeyState
LoadCursorA
GetSysColorBrush
CopyImage
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
IntersectRect
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
SetCursor
ShowOwnedPopups
GetMessageA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
CharNextA
GetWindowThreadProcessId
FillRect
ClientToScreen
GetWindowDC
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
IsDialogMessageA
SetWindowTextA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
EnableScrollBar
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
HideCaret
InvertRect
NotifyWinEvent
EnableWindow
IsWindowVisible
GetDC
ReleaseDC
RedrawWindow
SetMenu
GetMenu
GetCapture
GetFocus
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
CallWindowProcA
DefWindowProcA
IsZoomed
LoadMenuW
BringWindowToTop
SetCursorPos
UpdateLayeredWindow
CopyIcon
FrameRect
RegisterClipboardFormatA
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
LoadIconW
GetSystemMenu
AppendMenuA
GetWindowRect
GetSystemMetrics
IsIconic
DrawIcon
SetRect
GetSysColor
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
FindWindowA
MessageBoxA
TranslateMessage
UnregisterClassA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetParent
SetWindowPos
GetKeyState
GetCursorPos
ScreenToClient
WindowFromPoint
SendDlgItemMessageA
SetRectEmpty
OffsetRect
RegisterWindowMessageA
GetMessagePos
GetMessageTime
PostMessageA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
UnionRect
GetDlgCtrlID
SendMessageA
GetClientRect
InvalidateRect
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
GetComboBoxInfo
MonitorFromPoint
GetWindowTextA
UpdateWindow

gdi32

GetTextFaceA
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
EnumFontFamiliesExA
CreateRoundRectRgn
Polyline
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetRgnBox
GetTextMetricsA
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32A
GetTextColor
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
DeleteObject
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
CreateDCA
CopyMetaFileA
SetTextColor
SetBkColor
DeleteDC
GetDIBits
Escape
ExtTextOutA
RectVisible
PtVisible
TextOutA
CreateFontA
CreatePolygonRgn
Polygon
Arc
CreatePen
Rectangle
CreateSolidBrush
BitBlt
GetBkColor
DPtoLP
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC
GetDeviceCaps
CreateFontIndirectA
GetObjectA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

SystemFunction036
RegEnumValueA
RegCloseKey
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

uxtheme

GetThemeSysColor
IsAppThemed
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize

ole32

CoDisconnectObject
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString
VariantCopy
OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringByteLen
VarBstrFromDate
LoadTypeLi
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

oledlg

ord8

winmm

timeKillEvent
PlaySoundA
timeSetEvent

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI
GdipGetImagePaletteSize
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 624KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd2b700b604c5f5aea9c036c275227a8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

gdiplus

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 347KB - Virtual size: 346KB

.data Size: 24KB - Virtual size: 2.5MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 624KB - Virtual size: 624KB

.reloc Size: 133KB - Virtual size: 133KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 347KB - Virtual size: 346KB

.data
Size: 24KB - Virtual size: 2.5MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 624KB - Virtual size: 624KB

.reloc
Size: 133KB - Virtual size: 133KB