24b085c7a0c96d47b2bf166eb52e5c8818ec579fddb6cf8921232f2835de27de

Sharing

Copy URL Twitter E-mail

General

Target

24b085c7a0c96d47b2bf166eb52e5c8818ec579fddb6cf8921232f2835de27de
Size

11.7MB
MD5

62fb05ee6c8309b83361c4cf432b1f41
SHA1

258f39fc3c673975c363b97d2fbe5a375cfc8eb1
SHA256

24b085c7a0c96d47b2bf166eb52e5c8818ec579fddb6cf8921232f2835de27de
SHA512

2ea0803aeadfc6e414e549a7ba75775e618a1a906014099712dcb1cca6f56c4176e0dab2a03ec0e80dea391cb82e82873863eb7e4a3b15824105d0328c841132
SSDEEP

196608:5eXuAj3E03f70bLcpfYpdLrMJsv6tWKFdu9CjX:5GN0kOLYJsv6tWKFdu9C7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24b085c7a0c96d47b2bf166eb52e5c8818ec579fddb6cf8921232f2835de27de

Files

24b085c7a0c96d47b2bf166eb52e5c8818ec579fddb6cf8921232f2835de27de
.exe windows:6 windows x86

4eda08edc019af488e3dff3655141732

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
MoveFileExW
GetSystemDirectoryW
VirtualQuery
OpenFileMappingW
MultiByteToWideChar
WideCharToMultiByte
ResetEvent
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetCurrencyFormatW
GetUserDefaultUILanguage
FindFirstFileExW
FindNextFileW
ReleaseSemaphore
CreateSemaphoreW
FreeLibrary
GetModuleHandleExW
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
OpenProcess
LoadLibraryA
ExitProcess
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalSize
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualFree
SetHandleInformation
MapViewOfFile
lstrcmpW
GetVolumeInformationW
GetDriveTypeW
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
HeapReAlloc
AreFileApisANSI
ExitThread
LoadLibraryExW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFileAttributesW
SetStdHandle
HeapSize
SetLastError
GetProcessHeap
GetStdHandle
GetModuleFileNameA
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetEnvironmentVariableA
WriteConsoleW
LCMapStringW
EnumSystemLocalesW
GetStringTypeW
FindFirstChangeNotificationW
FindCloseChangeNotification
CreateFileMappingW
WriteFile
SetEndOfFile
SetFilePointerEx
ReadFile
GetFileType
FlushFileBuffers
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
LoadLibraryW
SetErrorMode
DeviceIoControl
GetTempPathW
RemoveDirectoryW
GetLongPathNameW
GetLogicalDrives
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetFileAttributesExW
CreateFileW
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameW
GetStartupInfoW
WaitForSingleObjectEx
GetConsoleWindow
OutputDebugStringW
GetLocalTime
GetSystemTime
FormatMessageW
GetModuleHandleW
WaitForMultipleObjects
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThreadId
GetCurrentThread
CreateThread
Sleep
CreateEventW
WaitForSingleObject
SetEvent
GetLastError
DuplicateHandle
GetProcAddress
LocalFree
GetCurrentProcessId
GetCommandLineW
GetUserDefaultLCID
CompareStringW
FindNextChangeNotification
GetVolumeInformationA
CreateProcessA
CloseHandle
SetFileAttributesA
TerminateProcess
GetCurrentProcess

netapi32

Netbios

user32

GetCursorInfo
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetWindowTextW
GetIconInfo
RealGetWindowClassW
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
EnumWindows
MapVirtualKeyW
DrawIconEx
ToUnicode
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
RegisterClassW
UnregisterClassW
CreateWindowExW
DestroyWindow
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
GetWindowLongW
SetWindowLongW
SetWindowsHookExW
ToAscii
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
LoadIconW
GetSysColor
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
GetKeyboardState
GetKeyState
IsZoomed
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetMenu
GetAsyncKeyState
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
MessageBoxW
SetWindowRgn
SystemParametersInfoW
GetDoubleClickTime
MessageBeep
GetCaretBlinkTime
GetDesktopWindow
SendMessageW
AttachThreadInput
IsChild
ShowWindow
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
GetSystemMenu
GetSystemMetrics
ReleaseCapture
SetCapture
GetCapture
SetFocus

shell32

Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

ReleaseStgMedium
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
OleUninitialize
OleInitialize
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
StringFromGUID2
CoCreateGuid
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoGetMalloc

advapi32

OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegFlushKey
RegSetValueExW

ws2_32

WSASendTo
WSASend
WSARecvFrom
WSARecv
WSANtohs
WSANtohl
WSAIoctl
WSAHtonl
WSAConnect
WSAAccept
setsockopt
select
listen
htons
WSASocketW
closesocket
bind
__WSAFDIsSet
WSAGetLastError
gethostbyname
gethostbyaddr
ntohl
inet_addr
getsockopt
htonl
WSAAsyncSelect
WSACleanup
WSAStartup
gethostname
getpeername
getsockname

gdi32

CreateBitmap
BitBlt
CombineRgn
CreateRectRgn
DeleteObject
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
DeleteDC
SelectObject
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
CreateDIBSection
GdiFlush
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
GetRegionData
SelectClipRgn
GetDIBits

oleaut32

SysStringLen
VariantInit
VariantChangeType
SystemTimeToVariantTime
SysFreeString
SysAllocString
SysAllocStringLen

imm32

ImmGetDefaultIMEWnd
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetContext

winmm

PlaySoundW

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

Sections

.text
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4eda08edc019af488e3dff3655141732

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

netapi32

user32

shell32

ole32

advapi32

ws2_32

gdi32

oleaut32

imm32

winmm

iphlpapi

Sections

.text Size: 6.8MB - Virtual size: 6.8MB

.rdata Size: 4.7MB - Virtual size: 4.7MB

.data Size: 55KB - Virtual size: 99KB

.qtmetad Size: 512B - Virtual size: 272B

_RDATA Size: 512B - Virtual size: 292B

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 223KB - Virtual size: 222KB

.text
Size: 6.8MB - Virtual size: 6.8MB

.rdata
Size: 4.7MB - Virtual size: 4.7MB

.data
Size: 55KB - Virtual size: 99KB

.qtmetad
Size: 512B - Virtual size: 272B

_RDATA
Size: 512B - Virtual size: 292B

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 223KB - Virtual size: 222KB