db25457b1b3d6f0c9597e7ac9005b2f005f667e53f1029817ac882a7a5f310e9

Sharing

Copy URL

Twitter E-mail

General

Target

db25457b1b3d6f0c9597e7ac9005b2f005f667e53f1029817ac882a7a5f310e9
Size

7.9MB
MD5

70d6fb2799bcb9c7c6e193e9c0da6dde
SHA1

635806058683085b1e8ddf29fb2182e1fd6b1400
SHA256

db25457b1b3d6f0c9597e7ac9005b2f005f667e53f1029817ac882a7a5f310e9
SHA512

2a365a73657453bc114222666f1c00c41a484ddef8fe38adebfec19349964829bef2f727110124129dba0c4794b86710de05a597bcdb41b684e3f2a3e5ad5160
SSDEEP

196608:+bvDz7rVTRq4K7v7iIrU0Z2Y9NcHtNTqc8vQHHCGxP34O7NADtV6v+:g3rMiIrnNOtNTqyCGx37

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db25457b1b3d6f0c9597e7ac9005b2f005f667e53f1029817ac882a7a5f310e9

Files

db25457b1b3d6f0c9597e7ac9005b2f005f667e53f1029817ac882a7a5f310e9
.exe windows:6 windows x86

83756802e106b27541eb72ddfb28690d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qsflicense

GetLastErrorInfo
Ubind
GetRegCodeTime
LoginRegCodeAuto
InitDll

kernel32

GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileAttributesExW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetFileType
SetStdHandle
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
RtlUnwind
GetStringTypeW
LCMapStringEx
RaiseException
OutputDebugStringW
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleFileNameA
DecodePointer
GetLastError
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
Sleep
GetLocalTime
MapViewOfFile
LoadResource
LockResource
SizeofResource
FindResourceW
CreateFileMappingA
OpenFileMappingA
FileTimeToSystemTime
SystemTimeToFileTime
WideCharToMultiByte
GetModuleHandleA
FindResourceA
CloseHandle
CreateRemoteThread
OpenProcess
VirtualAllocEx
WriteProcessMemory
LoadLibraryA
lstrcmpiA
lstrcpyA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetLastError
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
FindResourceExW
SearchPathA
GetProfileIntA
GetUserDefaultLCID
GetTempFileNameA
GetTickCount64
GetWindowsDirectoryA
GlobalFree
LocalFree
MulDiv
GetCPInfo
GetOEMCP
VirtualProtect
GetTempPathA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetACP
GlobalFlags
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
VerifyVersionInfoA
VerSetConditionMask
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
WaitForSingleObject
SetEvent
GetThreadLocale
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcess
DuplicateHandle
OutputDebugStringA
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
MultiByteToWideChar
CopyFileA
FormatMessageA
WriteConsoleW

user32

GetKeyNameTextA
IsCharLowerA
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
GetUpdateRect
UpdateLayeredWindow
ModifyMenuA
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
UnionRect
MonitorFromPoint
LoadImageW
LoadImageA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongA
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
SetParent
SetCursorPos
NotifyWinEvent
LoadMenuW
IsZoomed
TrackMouseEvent
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
GetAsyncKeyState
GetKeyboardLayout
MessageBeep
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
DestroyIcon
KillTimer
SetTimer
DeleteMenu
CopyImage
RealChildWindowFromPoint
IntersectRect
InvalidateRect
IsDialogMessageA
SetWindowTextA
MapVirtualKeyExA
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
CharUpperBuffA
UnregisterClassA
MessageBoxA
RegisterHotKey
UnregisterHotKey
CallWindowProcA
GetMessageTime
GetMessagePos
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
GetMenuItemInfoA
DestroyMenu
UnhookWindowsHookEx
PtInRect
DrawIconEx
IsRectEmpty
OffsetRect
FrameRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
SubtractRect
PostThreadMessageA
CreateMenu
GetComboBoxInfo
InflateRect
DrawFocusRect
HideCaret
InvertRect
DestroyCursor
GetWindowRgn
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics
GetSystemMenu
AppendMenuA
DrawIcon
GetClientRect
FindWindowA
GetWindowThreadProcessId
LoadIconW
TranslateMessage
DispatchMessageA
PeekMessageA
FindWindowExA
GetTopWindow
GetWindow
GetMenuStringA
GetMenuState
GetSubMenu
RedrawWindow
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
CharUpperA
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
GetLastActivePopup
SetWindowPos
SetWindowContextHelpId
MapDialogRect
DefWindowProcA
GetClassInfoA
SetLayeredWindowAttributes
MapWindowPoints
GetSysColorBrush
SetRectEmpty
CopyRect
LoadCursorA
LoadCursorW
SystemParametersInfoA
GetMonitorInfoA
EnumDisplayMonitors
RegisterWindowMessageA
DrawEdge
DrawFrameControl
DrawStateA
SetWindowRgn
GetWindowRect

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectA
CreateRectRgnIndirect
GetTextCharsetInfo
GetTextMetricsA
CombineRgn
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32A
PatBlt
CreatePolygonRgn
Polygon
Polyline
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
CreateRoundRectRgn
CreateDIBSection
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
DeleteDC
CopyMetaFileA
CreateDCA
GetDeviceCaps
BitBlt
CreateBitmap
CreateCompatibleDC
CreateHatchBrush
EnumFontFamiliesA
CreatePen

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
DragFinish
DragQueryFileA
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

StrStrA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
StrFormatKBSizeA
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeText
GetWindowTheme

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantClear
VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysFreeString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SysStringLen
SysAllocStringLen
SysAllocStringByteLen

oledlg

ord8

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImageHeight
GdipDrawImageI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipCreateBitmapFromScan0

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmps0
Size: 561KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83756802e106b27541eb72ddfb28690d

Headers

DLL Characteristics

File Characteristics

Imports

qsflicense

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wininet

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 344KB - Virtual size: 343KB

.data Size: 47KB - Virtual size: 64KB

.vmps0 Size: 561KB - Virtual size: 561KB

.rsrc Size: 5.4MB - Virtual size: 5.4MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 344KB - Virtual size: 343KB

.data
Size: 47KB - Virtual size: 64KB

.vmps0
Size: 561KB - Virtual size: 561KB

.rsrc
Size: 5.4MB - Virtual size: 5.4MB