2d8a86298d6b903ec3e9adccf9b3134e6cd4b2c28ad1e611439a4402b293a30b

Sharing

Copy URL

Twitter E-mail

General

Target

2d8a86298d6b903ec3e9adccf9b3134e6cd4b2c28ad1e611439a4402b293a30b
Size

1.5MB
MD5

5fb69e05a113cb9744d68938dc791c6b
SHA1

af6039cab3e007f2e62edd8b1df733f68aec3411
SHA256

2d8a86298d6b903ec3e9adccf9b3134e6cd4b2c28ad1e611439a4402b293a30b
SHA512

d75c60c0abda8e5c0b5c25e40c939a6e1885dcbc188110f45706e362c682827d5741ea47006bd07d05f4c9e7e139dc8f52be7e3f22f8244812a37228801930ed
SSDEEP

49152:IWkUknUWdg5aYolQPKWGnCw/gakwRi2Cw0GhFIovKIZ3Q1e6PmS7R:WVnUWdrYFZGnCw/gakwRi2HX+Y9Q1e6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8a86298d6b903ec3e9adccf9b3134e6cd4b2c28ad1e611439a4402b293a30b

Files

2d8a86298d6b903ec3e9adccf9b3134e6cd4b2c28ad1e611439a4402b293a30b
.exe windows:5 windows x86

438cacf98e690605a446ce24ad94a516

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
lstrcmpW
LoadLibraryW
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
GetCurrentDirectoryA
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
lstrcpyA
GetThreadLocale
lstrcmpiA
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
FileTimeToSystemTime
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
GlobalAddAtomA
ExitProcess
DecodePointer
RtlUnwind
EncodePointer
RaiseException
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
ExitThread
CreateThread
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetStdHandle
IsProcessorFeaturePresent
IsValidCodePage
HeapCreate
SetHandleCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
FreeLibrary
GlobalFree
FreeResource
FindResourceExW
GetCurrentProcessId
Sleep
DeleteFileA
MoveFileA
FindResourceA
ActivateActCtx
DeactivateActCtx
SetLastError
GetModuleHandleA
GetTickCount
MulDiv
LoadLibraryA
GetProcAddress
GetModuleFileNameA
CreateDirectoryA
InterlockedDecrement
WideCharToMultiByte
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
FindResourceW
LoadResource
LockResource
SizeofResource
CreateMutexA
GetLastError
GlobalUnlock
CloseHandle
GetProcessHeap

user32

SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
IsZoomed
SetWindowRgn
RedrawWindow
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
RealChildWindowFromPoint
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SystemParametersInfoA
GetSysColorBrush
GetMenuItemInfoA
InflateRect
CopyRect
UnhookWindowsHookEx
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
PostMessageA
DeleteMenu
MapVirtualKeyA
GetKeyNameTextA
IntersectRect
CheckDlgButton
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
DeferWindowPos
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
LoadCursorA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
KillTimer
DestroyMenu
SetTimer
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
LoadIconA
MessageBoxA
PostQuitMessage
GetSysColor
InvalidateRect
ClientToScreen
LoadMenuA
GetWindowRect
ScreenToClient
IsCharLowerA
EqualRect
DrawIcon
GetSubMenu
CheckMenuItem
OffsetRect
PtInRect
wsprintfA
GetSystemMetrics
EnableWindow
LoadIconW
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA

gdi32

MoveToEx
LineTo
SetTextAlign
ExcludeClipRect
GetClipBox
SetMapMode
IntersectClipRect
SetPixelV
GetTextFaceA
CreateFontA
GetDeviceCaps
Ellipse
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
SetTextColor
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
CreateDCA
CreateBitmap
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CopyMetaFileA

advapi32

RegCreateKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA

shell32

SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
DragQueryFileA
ShellExecuteA
SHGetFolderPathA
DragFinish
SHGetFileInfoA

ole32

OleLockRunning
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
IsAccelerator
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoCreateInstance
CoInitializeSecurity
CoInitializeEx

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear
VarBstrFromDate
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathAppendA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

oledlg

ord8

winmm

PlaySoundA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateFromHDC
GdipBitmapLockBits

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

438cacf98e690605a446ce24ad94a516

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

winmm

wininet

oleacc

gdiplus

imm32

winspool.drv

comdlg32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 281KB - Virtual size: 281KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 281KB - Virtual size: 281KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 34KB - Virtual size: 33KB