328f8e4e5743df3877f994e2e0cf4c2050270f67a0a3be848a23835525a6afd5

Sharing

Copy URL

Twitter E-mail

General

Target

328f8e4e5743df3877f994e2e0cf4c2050270f67a0a3be848a23835525a6afd5
Size

2.6MB
MD5

f18cff9350f35acb07d15e99c4ebfbbc
SHA1

733060dcf35a2d2911e9591dbdb382b49b95b463
SHA256

328f8e4e5743df3877f994e2e0cf4c2050270f67a0a3be848a23835525a6afd5
SHA512

132c95468617608b5c204ab9f6d1fbec17df84149d73a565b79c4023ea9a162be74d9d0ab919a74072ef4b45ee7e0e0736aa7cb00dc02e077754e04af3ebc5d7
SSDEEP

49152:6EqeR6rQiPqSbiejpsX7FlJEumLYpJj/6dj1PVHlWJ5yIcY:6EK7qSOelsXPJEumLY3j/Sj1PVHG5y0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
328f8e4e5743df3877f994e2e0cf4c2050270f67a0a3be848a23835525a6afd5

Files

328f8e4e5743df3877f994e2e0cf4c2050270f67a0a3be848a23835525a6afd5
.dll windows:5 windows x86

ac3182bf47d92d29b0ffbde4b5992242

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAIoctl
inet_ntoa
inet_addr

shell32

SHChangeNotify
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ShellExecuteW
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoW

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpCloseHandle
WinHttpOpen

kernel32

WritePrivateProfileStringW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
SetErrorMode
GlobalFlags
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
lstrcpyW
FindResourceExW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
lstrcmpA
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualAlloc
GetTimeZoneInformation
GetFileType
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
SetThreadPriority
ResetEvent
SetEvent
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetStdHandle
GetACP
GetModuleFileNameA
ExitProcess
HeapQueryInformation
SetStdHandle
GetCommandLineW
DecodePointer
InterlockedExchange
LockResource
FreeLibrary
GetProcAddress
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalAlloc
LocalFree
VirtualQuery
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
OpenProcess
GetCurrentProcess
GlobalGetAtomNameW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
GetSystemDirectoryW
EncodePointer
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
lstrcmpiW
LoadLibraryExW
GetModuleHandleW
DuplicateHandle
OutputDebugStringA
UnlockFile
LockFile
FlushFileBuffers
CopyFileW
GlobalSize
GetCurrentProcessId
TerminateProcess
RaiseException
SetLastError
GetCurrentThread
GetModuleHandleA
Process32Next
Process32First
GetVersionExA
LoadLibraryA
SetEndOfFile
InitializeCriticalSection
GetPrivateProfileStringW
GetCurrentThreadId
SetFilePointer
GetPrivateProfileIntW
GetVersionExW
Sleep
ResumeThread
SuspendThread
GetExitCodeThread
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WideCharToMultiByte
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
GetVolumeInformationW
FindFirstFileW
DeleteFileW
CreateFileW
GetFullPathNameW
CreateDirectoryW
GetCurrentDirectoryW
GetWindowsDirectoryW
FindResourceW
OutputDebugStringW
GetModuleFileNameW
LoadLibraryW
CreateEventW
FormatMessageW
GetTickCount
GetSystemInfo
GetLocalTime
GetSystemTimeAsFileTime
MulDiv
CloseHandle
FindClose
ReadFile
WriteFile
GetFileSize
SizeofResource
LoadResource
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetCPInfo

user32

UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
DrawIcon
FrameRect
CopyIcon
GetSystemMenu
DrawFrameControl
DrawEdge
DrawStateW
SetParent
SetWindowRgn
SetClassLongW
SetLayeredWindowAttributes
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
ReleaseCapture
SetCapture
GetNextDlgGroupItem
DeleteMenu
DestroyIcon
MapDialogRect
GetAsyncKeyState
CopyImage
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
GetSysColorBrush
SetCursor
ShowOwnedPopups
PostQuitMessage
GetMessageW
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SendDlgItemMessageA
WindowFromPoint
GetCursorPos
MapVirtualKeyW
GetKeyNameTextW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
LoadMenuW
WaitMessage
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetClassNameW
GetClassLongW
MapWindowPoints
AdjustWindowRectEx
RemovePropW
ReuseDDElParam
SetPropW
ShowScrollBar
RegisterClipboardFormatW
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
IsDialogMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsWindowEnabled
GetFocus
SetFocus
MessageBoxW
GetWindowRect
GetClientRect
ReleaseDC
GetDC
SetForegroundWindow
GetDlgCtrlID
CheckDlgButton
SetDlgItemTextW
IsWindow
InflateRect
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
GetSystemMetrics
CharUpperW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetComboBoxInfo
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
GetPropW
ModifyMenuW
GetForegroundWindow
GetKeyboardState
EmptyClipboard
SetClipboardData
CloseClipboard
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
DestroyCursor
GetScrollRange
ClientToScreen
GetSysColor
SetRect
SetRectEmpty
CopyRect
IntersectRect
UnionRect
OffsetRect
IsRectEmpty
EqualRect
PtInRect
GetWindowLongW
GetDesktopWindow
GetParent
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
PostMessageW
AttachThreadInput
UnregisterClassW
ShowWindow
SetWindowPos
IsWindowVisible
IsIconic
IsZoomed
OpenClipboard
GetTopWindow
GetWindowThreadProcessId
GetWindow
LoadImageW
GetMonitorInfoW
EnumDisplayMonitors
EnableWindow
TrackMouseEvent
RedrawWindow
InvalidateRect
GetDlgItem
SetTimer
KillTimer
LoadIconW
LoadStringW
BringWindowToTop
DefWindowProcW
RegisterClassExW
CreateWindowExW
DestroyWindow
MoveWindow
GetWindowRgn
SetWindowLongW
LoadCursorW
wsprintfA
SetCursorPos

gdi32

CopyMetaFileW
CreateBitmap
CreateHatchBrush
CreatePatternBrush
CreateSolidBrush
Escape
ExcludeClipRect
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
PtInRegion
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesExW
GetNearestPaletteIndex
GetPaletteEntries
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
StretchBlt
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
SetRectRgn
CreateRectRgnIndirect
CreatePen
CreateFontW
GetObjectW
CreateDIBSection
SetPixel
SelectPalette
SelectObject
SelectClipRgn
RealizePalette
Rectangle
GetTextColor
GetSystemPaletteEntries
GetStockObject
GetPixel
GetDeviceCaps
Ellipse
DeleteObject
DeleteDC
CreateRectRgn
CreatePalette
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
SetWindowOrgEx
GetClipBox
BitBlt

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptReleaseContext
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
CryptAcquireContextA
CryptGenRandom
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
ImpersonateLoggedOnUser
RevertToSelf
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

GetCurrentThemeName
DrawThemeBackground
CloseThemeData
OpenThemeData
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
DrawThemeParentBackground
GetThemeColor
DrawThemeText

ole32

CoInitialize
CoUninitialize
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CoCreateInstance
CoDisconnectObject
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantClear
VariantCopy
VarBstrFromDate
VariantInit
VariantTimeToSystemTime
SysFreeString
SysAllocString
SysAllocStringLen

gdiplus

GdipGetImagePaletteSize
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImagePalette
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImagePixelFormat
GdipDrawCachedBitmap
GdipDeleteCachedBitmap
GdipCreateCachedBitmap
GdipDrawImageRectI
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipLoadImageFromStream
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipGetGenericFontFamilySansSerif
GdipDrawImageI
GdipFillRectangleI
GdipFillRectangle
GdipDeleteStringFormat
GdipCreateStringFormat
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

wsock32

WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
gethostbyname
socket
shutdown
setsockopt
send
select
recv
listen
htons
htonl
inet_ntoa
connect
closesocket
bind
accept
__WSAFDIsSet

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winmm

PlaySoundW

Exports

Exports

RunFTServer

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 426KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 16.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac3182bf47d92d29b0ffbde4b5992242

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

shell32

winhttp

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

imm32

wsock32

oleacc

winmm

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 426KB - Virtual size: 426KB

.data Size: 44KB - Virtual size: 16.2MB

.gfids Size: 103KB - Virtual size: 102KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 144KB - Virtual size: 143KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 426KB - Virtual size: 426KB

.data
Size: 44KB - Virtual size: 16.2MB

.gfids
Size: 103KB - Virtual size: 102KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 144KB - Virtual size: 143KB