879b620644aba4fdcff98090358887ba8a2351b1dec65519131b1dfa2792f0e2

Sharing

Copy URL

Twitter E-mail

General

Target

879b620644aba4fdcff98090358887ba8a2351b1dec65519131b1dfa2792f0e2
Size

1.8MB
MD5

7c02d5ba289ed546d2722861de84d410
SHA1

bfa27a0be3166764ba8578e2a188b902ef6f26a6
SHA256

879b620644aba4fdcff98090358887ba8a2351b1dec65519131b1dfa2792f0e2
SHA512

6b327b26fd3029d913a1965f66bbb5859cc42b231d65d5fff1790cbea98ab191ceb8bb971589d1aecf123b871278ac43b5f9e4e9d6f9f074c9e53872778ec192
SSDEEP

49152:HyvEL7Qk3VRtfXbWW7qpiw1eQfTffXckNSAIA4tQU+iZhJZ+LXa8Op94002B:HycYk3VrXbWW7qH1eQfTXckNBIA4qaJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
879b620644aba4fdcff98090358887ba8a2351b1dec65519131b1dfa2792f0e2

Files

879b620644aba4fdcff98090358887ba8a2351b1dec65519131b1dfa2792f0e2
.exe windows:5 windows x86

6103cd27a10b8eefe3c4c72bc6690147

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
InterlockedExchange
GetLocaleInfoA
GetUserDefaultUILanguage
GetFileAttributesExA
GetACP
GetCPInfo
GetOEMCP
lstrcpyA
GetCurrentDirectoryA
GetWindowsDirectoryA
GetNumberFormatA
GetTempFileNameA
GetTempPathA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
GetSystemTimeAsFileTime
ExitProcess
DecodePointer
RaiseException
RtlUnwind
ExitThread
CreateThread
EncodePointer
HeapFree
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
HeapReAlloc
HeapAlloc
GetCommandLineA
HeapSetInformation
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
SetHandleCount
GetStartupInfoW
GetLocaleInfoW
IsValidCodePage
GetStringTypeW
HeapCreate
HeapDestroy
LCMapStringW
CreateFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
CompareStringW
GetConsoleCP
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
FindResourceA
FreeResource
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
LoadLibraryW
lstrcmpW
GlobalFlags
GlobalAddAtomA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
LoadLibraryA
lstrcmpiA
GetCurrentThreadId
ResumeThread
SetThreadPriority
FileTimeToSystemTime
lstrcmpA
GlobalGetAtomNameA
InterlockedIncrement
GetModuleHandleW
CompareStringA
GetModuleHandleA
GetProcAddress
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
DeactivateActCtx
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
lstrlenA
SetLastError
FileTimeToLocalFileTime
SetEnvironmentVariableA
QueryPerformanceCounter
GetTickCount
FindResourceExW
MultiByteToWideChar
GetLastError
FormatMessageA
LocalFree
Sleep
SetConsoleScreenBufferSize
CreateMutexA
WaitForMultipleObjects
WaitForSingleObject
ReleaseMutex
GetModuleFileNameA
GetLocalTime
CreateFileA
WideCharToMultiByte
ReadFile
WriteFile
GetCommState
SetCommState
SetupComm
SetCommTimeouts
GetStdHandle
SetConsoleTextAttribute
CloseHandle
FindResourceW
LoadResource
LockResource
SizeofResource

advapi32

RegEnumValueA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

winmm

PlaySoundA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCloneImage
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

user32

CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetKeyNameTextA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
HideCaret
EqualRect
DrawFrameControl
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
DestroyAcceleratorTable
CheckMenuItem
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
IsWindow
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
GetFocus
GetDesktopWindow
RealChildWindowFromPoint
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
CharUpperA
DestroyIcon
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetWindowTextLengthA
GetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
DrawFocusRect
InvertRect
ReleaseCapture
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
DeferWindowPos
WindowFromPoint
GetAsyncKeyState
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
RedrawWindow
IntersectRect
KillTimer
SetTimer
InvalidateRect
DeleteMenu
ShowOwnedPopups
SetCursor
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
GetForegroundWindow
GetNextDlgTabItem
EndDialog
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
OffsetRect
MessageBeep
NotifyWinEvent
EnableMenuItem
EnableScrollBar
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
PostQuitMessage
IsIconic
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
ScreenToClient
RemovePropA
CreateDialogIndirectParamA

gdi32

SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
DeleteObject
CreateDCA
CopyMetaFileA
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SelectClipRgn
CreateRectRgn
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHAppBarMessage
DragQueryFileA
DragFinish
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize

oleaut32

VariantClear
VariantChangeType
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
VariantInit
SysAllocString
SysStringLen
SysFreeString

comdlg32

GetFileTitleA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6103cd27a10b8eefe3c4c72bc6690147

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

winmm

msimg32

comctl32

shlwapi

oleacc

gdiplus

imm32

user32

gdi32

winspool.drv

shell32

ole32

oleaut32

comdlg32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 292KB - Virtual size: 292KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 178KB - Virtual size: 178KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 292KB - Virtual size: 292KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 178KB - Virtual size: 178KB