87f0ecf7b361609993aa4fc3a5cd2a46dea06da5b153d3c45ad76476024df7e8

Sharing

Copy URL

Twitter E-mail

General

Target

87f0ecf7b361609993aa4fc3a5cd2a46dea06da5b153d3c45ad76476024df7e8
Size

2.8MB
MD5

e11381342d3e27375c25f4d7417c2164
SHA1

b361a6ec3ff78e58a5954c2855f31156210846a8
SHA256

87f0ecf7b361609993aa4fc3a5cd2a46dea06da5b153d3c45ad76476024df7e8
SHA512

98c0b90c8244abad13aa2340ce09cbfcbf3af8197ba050f715a59bd191f119ac77ed44efb3e407ae217e80de0aa3e5eb4226b0f2a75007f61152dee405f66ae6
SSDEEP

49152:kB2tuSfg0G3pH4b5gf5IRn86R+f3jjKgIIm1+pSB8j9zgnCd6RQ:kBIuS/G3pH4b5fn86RY3jjKgIXMSyju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87f0ecf7b361609993aa4fc3a5cd2a46dea06da5b153d3c45ad76476024df7e8

Files

87f0ecf7b361609993aa4fc3a5cd2a46dea06da5b153d3c45ad76476024df7e8
.exe windows:5 windows x86

21ba41e22ba17f4cd0fa247e782749b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
WinExec
CreateThread
GetTempPathA
MoveFileExA
CreateDirectoryA
RemoveDirectoryA
GetTickCount
GetFileSize
ReadFile
CreateEventA
CopyFileA
GetCurrentProcessId
OpenProcess
CreateProcessA
lstrlenA
CreateFileA
WriteFile
FreeResource
MultiByteToWideChar
GetCommandLineW
WaitForSingleObject
CloseHandle
DeleteFileA
GetCurrentDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetLastError
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
VirtualFree
HeapCreate
LCMapStringW
LCMapStringA
IsValidCodePage
GetACP
GetStdHandle
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RaiseException
GetStartupInfoA
GetCommandLineA
HeapFree
ExitProcess
Sleep
HeapAlloc
HeapReAlloc
RtlUnwind
SetErrorMode
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsFree
GlobalFree
GlobalUnlock
GlobalLock
MulDiv
LocalFree
FormatMessageA
GlobalAlloc
SetLastError
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringA
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
GetModuleFileNameW
InterlockedDecrement
FindClose
FileTimeToLocalFileTime
FindFirstFileA
lstrcmpA
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetFileSizeEx
GetFileTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleW
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc

user32

GetDC
EndDialog
IsWindowEnabled
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetMenuItemCount
GetMenuItemID
GetMenuState
GetWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
PtInRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetKeyState
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
SetWindowsHookExA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
DestroyIcon
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
BeginPaint
EndPaint
GetWindowThreadProcessId
GetCursorPos
IsRectEmpty
SetTimer
KillTimer
SetCapture
ReleaseCapture
ValidateRect
TranslateMessage
GetMessageA
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
WaitMessage
CharUpperA
TranslateAcceleratorA
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
GetSysColorBrush
GetMenuItemInfoA
CopyAcceleratorTableA
SetRect
InvalidateRgn
CharNextA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
DrawStateA
CopyRect
InflateRect
OffsetRect
FillRect
FrameRect
DrawFocusRect
ClientToScreen
GetActiveWindow
GetNextDlgTabItem
LoadImageA
InvalidateRect
GetClientRect
GetWindowRect
PostMessageA
GetWindowDC
SetWindowRgn
ReleaseDC
GetParent
WindowFromPoint
GetWindowLongA
SetCursor
SetWindowPos
EnableWindow
SendMessageA
ModifyMenuA
GetDesktopWindow
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
PeekMessageA
PostQuitMessage
wsprintfA
GetSystemMetrics
SetLayeredWindowAttributes
LoadIconA
LoadCursorA
IsIconic
DrawIcon
CallNextHookEx
AdjustWindowRectEx
GetFocus
MessageBoxA
IsWindow
SetWindowLongA
RedrawWindow
DestroyMenu
LoadMenuA
DestroyCursor
GetSysColor
GetSubMenu
TrackPopupMenuEx
UnregisterClassA

gdi32

LineTo
MoveToEx
SetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
GetPixel
SetPixel
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
GetStockObject
SelectObject
CreateRectRgn
CombineRgn
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetTextColor
GetRgnBox
GetTextExtentPoint32A
Ellipse
LPtoDP
CreateEllipticRgn
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectA
CreatePen
GetDeviceCaps
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
DeleteObject
GetDIBits
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
GetBkColor
BitBlt
StretchBlt

advapi32

RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA

shell32

DragQueryFileA
DragFinish
CommandLineToArgvW
ShellExecuteExA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

urlmon

URLDownloadToFileA

winmm

PlaySoundA

wininet

InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetSetOptionA
InternetOpenA
DeleteUrlCacheEntry
HttpQueryInfoA
InternetOpenUrlA

ws2_32

closesocket
accept
socket
select
gethostbyname
htonl
htons
inet_addr
bind
WSAGetLastError
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21ba41e22ba17f4cd0fa247e782749b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

oledlg

urlmon

winmm

wininet

ws2_32

oleacc

winspool.drv

comdlg32

oleaut32

Sections

.text Size: 318KB - Virtual size: 317KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 11KB - Virtual size: 65KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 50KB - Virtual size: 50KB

.text
Size: 318KB - Virtual size: 317KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 11KB - Virtual size: 65KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 50KB - Virtual size: 50KB