c8af971e7cddba64cabe98e03694ca9369e3f91be4bb69c9a1677b0100b28644

Sharing

Copy URL Twitter E-mail

General

Target

c8af971e7cddba64cabe98e03694ca9369e3f91be4bb69c9a1677b0100b28644
Size

3.3MB
MD5

85bfd5e7b4f9d9589d0214979d1679ca
SHA1

4115fd7e46e87126d9579138a46ef556c6cb80e0
SHA256

c8af971e7cddba64cabe98e03694ca9369e3f91be4bb69c9a1677b0100b28644
SHA512

d4a74b4a727a6718f34994629777a38e28f0da260745c606889d372c6d1e31f644e1d4788c859c31e31d65e8301bf011cdb35c3415c341308809f483faaf54bf
SSDEEP

49152:Pf93aM2Kg3jls+itsSOt8AkOD8j2y2ILgAxbf/bydeK+:93aM2K8xs+iGPkODcX2IEAxbf/Gd1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8af971e7cddba64cabe98e03694ca9369e3f91be4bb69c9a1677b0100b28644

Files

c8af971e7cddba64cabe98e03694ca9369e3f91be4bb69c9a1677b0100b28644
.exe windows:6 windows x86

73b9b516121498f95aa5ec8d21b15df1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
TerminateProcess
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
QueryPerformanceCounter
SetFilePointerEx
OutputDebugStringW
CompareStringEx
LCMapStringEx
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetProcessHeap
GetFileType
InitializeCriticalSectionEx
GetStartupInfoW
InitOnceExecuteOnce
GetStdHandle
IsValidCodePage
SetStdHandle
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
GetLastError
HeapQueryInformation
HeapSize
HeapReAlloc
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
GetCommandLineA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetUserDefaultUILanguage
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetWindowsDirectoryA
GetCPInfo
GetOEMCP
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
InterlockedIncrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsSetValue
TlsGetValue
TlsAlloc
GetACP
InitializeCriticalSection
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
CopyFileA
FormatMessageA
MulDiv
GlobalSize
GetTickCount
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLocaleInfoEx
GetThreadPreferredUILanguages
CompareStringA
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
RegisterApplicationRestart
RegisterApplicationRecoveryCallback
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
GetVersionExA
GetCurrentThread
InterlockedExchange
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
CloseHandle
FindResourceA
LoadLibraryW
GlobalFree
GlobalUnlock
GlobalLock
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetVersion
SetLastError
OutputDebugStringA
GetFileAttributesW
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
MultiByteToWideChar
LoadLibraryA
lstrlenA
LocalFree
GetProcAddress
FreeLibrary
VirtualFree
VirtualAlloc
InterlockedDecrement
Sleep
ReadConsoleW

user32

LoadAcceleratorsW
GetKeyboardState
LockWindowUpdate
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
SetParent
UnionRect
GetKeyNameTextA
MapVirtualKeyA
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
ReuseDDElParam
UnpackDDElParam
LoadImageA
SetRectEmpty
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
OffsetRect
CharNextA
PostThreadMessageA
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
DestroyIcon
KillTimer
SetTimer
DeleteMenu
CopyImage
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
IsDialogMessageA
SetWindowTextA
CheckDlgButton
SubtractRect
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
SystemParametersInfoA
InflateRect
CopyRect
GetMenuItemInfoA
DestroyMenu
FillRect
GetSysColor
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics
GetSystemMenu
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
CharUpperA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
CreateAcceleratorTableA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
ChangeWindowMessageFilter
SetClassLongA
SetCursorPos
GetWindowRgn
DestroyCursor
CreateMenu
LoadIconA
AppendMenuA
DrawIcon
InvalidateRect
DestroyAcceleratorTable
MoveWindow
GetClientRect
LoadIconW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
MessageBoxA
GetWindowThreadProcessId
GetLastActivePopup
RegisterClipboardFormatA
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
ToAsciiEx

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
SetTextAlign
ExtTextOutA
TextOutA
MoveToEx
GetObjectA
CreatePolygonRgn
BitBlt
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
SelectObject
DeleteObject
CreateDIBitmap
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
DragFinish
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetKnownFolderPath
SHCreateItemFromParsingName
SHGetFileInfoA
DragQueryFileA

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetWindowTheme
GetThemeSysColor
IsAppThemed
GetThemePartSize
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
BeginBufferedPaint
EndBufferedPaint
OpenThemeData
GetCurrentThemeName
GetThemeColor
CloseThemeData

dwmapi

DwmDefWindowProc
DwmSetWindowAttribute
DwmIsCompositionEnabled

ole32

ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateGuid
CoUninitialize
OleRun
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoGetClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoRevokeClassObject
OleFlushClipboard
CLSIDFromProgID
DoDragDrop
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoTaskMemAlloc
OleIsCurrentClipboard

oleaut32

SafeArrayPutElement
VariantInit
VariantClear
VariantCopy
SysAllocStringLen
SysAllocStringByteLen
VariantChangeType
SysStringLen
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayUnaccessData
VarBstrFromDate
SafeArrayAccessData
SafeArrayCreate
SysFreeString
GetErrorInfo

oledlg

ord8

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73b9b516121498f95aa5ec8d21b15df1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 293KB - Virtual size: 293KB

.data Size: 315KB - Virtual size: 344KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 164KB - Virtual size: 164KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 293KB - Virtual size: 293KB

.data
Size: 315KB - Virtual size: 344KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 164KB - Virtual size: 164KB