cdccb6f8c67149d69b8fac6a6b1affc1e389339b3754573605bd03fd68ab14b6

Sharing

Copy URL

Twitter E-mail

General

Target

cdccb6f8c67149d69b8fac6a6b1affc1e389339b3754573605bd03fd68ab14b6
Size

6.6MB
MD5

9ae0980472e7d69665b7b356df3cc653
SHA1

1b2a4bd83a894aea96d07b26af83cf34fcd201f5
SHA256

cdccb6f8c67149d69b8fac6a6b1affc1e389339b3754573605bd03fd68ab14b6
SHA512

413da72a13a10f2d8fc98f6f1a12e9560c380f1ccd339b1ca61da45b2e14687451f25dcbdadb8b37c26ee6a9f3af95aaafcdf8568cf9443b6637d74aa321bd43
SSDEEP

49152:8jl8cuVrgPo0pX9YXQyvSIFyg/287I8Pvf+kSghX9z4XR0YvE7R4gngyYfvUMKx:0iMnExtRvcW2qX9kRDaR4kgyYBKx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdccb6f8c67149d69b8fac6a6b1affc1e389339b3754573605bd03fd68ab14b6

Files

cdccb6f8c67149d69b8fac6a6b1affc1e389339b3754573605bd03fd68ab14b6
.exe windows:4 windows x86

df319e5a6412b689014edd243db0b92f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt

imagehlp

MapFileAndCheckSumA

rmconvert

_NEW_RMCONVERT@0

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetEnvironmentVariableA
GetTimeZoneInformation
GetACP
HeapReAlloc
HeapSize
RaiseException
GetCommandLineA
GetStartupInfoA
ExitThread
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetFileTime
GetFileSize
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
lstrcmpA
GetCurrentThread
GlobalAlloc
GlobalFree
lstrcpynA
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
SetLastError
InterlockedIncrement
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersion
GetVersionExA
lstrlenW
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MulDiv
lstrcpyA
GetUserDefaultLangID
GetPrivateProfileIntA
GetModuleHandleA
GetLogicalDriveStringsA
GetDriveTypeA
GetSystemDirectoryA
InterlockedDecrement
GetLastError
OutputDebugStringA
SetFilePointer
ReadFile
GetTickCount
DeleteFileA
CreateFileA
WriteFile
GetTempPathA
CreateDirectoryA
GetShortPathNameA
FindFirstFileA
GetProcAddress
FreeLibrary
LoadLibraryA
FindNextFileA
FindClose
lstrlenA
MultiByteToWideChar
GetFileAttributesA
Sleep
WaitForSingleObject
CloseHandle
CreateThread
WritePrivateProfileStringA
GetPrivateProfileStringA
GetStringTypeW

user32

MessageBeep
CopyAcceleratorTableA
CharNextA
GetDesktopWindow
GetClassNameA
CharUpperA
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetMessageA
TranslateMessage
ValidateRect
wvsprintfA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
IntersectRect
GetWindowPlacement
DeleteMenu
GetIconInfo
GetSysColorBrush
DrawIconEx
SetRect
DestroyIcon
SystemParametersInfoA
GetMenuItemID
SetRectEmpty
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetSysColor
InsertMenuA
CreateMenu
CreatePopupMenu
ModifyMenuA
FrameRect
IsIconic
DrawIcon
GetSystemMenu
RemoveMenu
IsWindow
GetDC
GetCapture
PostMessageA
PostThreadMessageA
LockWindowUpdate
GetDCEx
RegisterClipboardFormatA
GetNextDlgGroupItem
GetWindowLongA
DrawTextA
GetMenuState
IsMenu
DrawMenuBar
GetDlgCtrlID
SetWindowTextA
GetSubMenu
GetMenuItemCount
GetMenuItemInfoA
EnumChildWindows
LoadStringA
GetMenuStringA
AppendMenuA
wsprintfA
CheckMenuRadioItem
ClientToScreen
WindowFromPoint
GetSystemMetrics
GetClientRect
GetWindowRect
UpdateWindow
InvalidateRect
CopyRect
EnableWindow
LoadCursorA
DestroyCursor
SendMessageA
InflateRect
DrawFocusRect
DrawEdge
GetCursorPos
PtInRect
GetParent
SetCursor
EqualRect
SetTimer
KillTimer
ReleaseCapture
SetCapture
RedrawWindow
MoveWindow
SetWindowLongA
SetParent
FindWindowA
ShowWindow
SetWindowRgn
LoadBitmapA
GetFocus
OffsetRect
ReleaseDC
GetWindowDC
MessageBoxA
FillRect
IsWindowVisible
RegisterWindowMessageA
LoadIconA
LoadImageA
BringWindowToTop
GetNextDlgTabItem

gdi32

GetViewportExtEx
GetWindowExtEx
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
SetRectRgn
DPtoLP
StretchDIBits
GetCharWidthA
GetTextColor
GetBkColor
LPtoDP
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
CreateDIBitmap
PatBlt
CreateSolidBrush
CreateBitmap
PtVisible
CreatePatternBrush
SaveDC
CreateRectRgnIndirect
SetBkColor
GetClipBox
CreatePolygonRgn
FrameRgn
SetPixel
CreateDIBSection
GetTextExtentPoint32W
GetBkMode
GetPixel
SelectClipRgn
Rectangle
Ellipse
CreatePen
RoundRect
SetBkMode
CreateICA
GetDeviceCaps
DeleteDC
CreateRectRgn
CombineRgn
StretchBlt
SelectObject
CreateFontA
SetTextColor
CreateRoundRectRgn
DeleteObject
GetStockObject
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
UnrealizeObject
GetTextExtentPointA
RestoreDC

comdlg32

GetOpenFileNameW
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
ChooseColorA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

Shell_NotifyIconA
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_SetBkColor
ImageList_Draw
ImageList_GetBkColor
ImageList_GetIconSize
ImageList_GetIcon
ord17
ImageList_Destroy
ImageList_Create
_TrackMouseEvent

oledlg

ord8

ole32

CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
CLSIDFromProgID
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
OleUninitialize
CLSIDFromString
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
VariantTimeToSystemTime
SysStringLen
VariantClear
SysAllocStringLen
SysFreeString
GetErrorInfo

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipFree
GdipAlloc
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipCreateFromHDC
GdipDrawImageRectI
GdipReleaseDC
GdipDeleteGraphics
GdipGetImageWidth
GdipGetImageHeight

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

msvfw32

DrawDibClose
DrawDibOpen
DrawDibDraw

Exports

Exports

_NEW_AVIENCWRAPPER@0
_NEW_QTDLL@0

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Code_Boo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df319e5a6412b689014edd243db0b92f

Headers

File Characteristics

Imports

msimg32

imagehlp

rmconvert

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

gdiplus

version

msvfw32

Exports

Exports

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

Code_Boo Size: 4KB - Virtual size: 4KB

.code Size: 84KB - Virtual size: 84KB

.rdata Size: 92KB - Virtual size: 92KB

.data Size: 48KB - Virtual size: 66KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.text
Size: 3.3MB - Virtual size: 3.3MB

Code_Boo
Size: 4KB - Virtual size: 4KB

.code
Size: 84KB - Virtual size: 84KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 48KB - Virtual size: 66KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB