d6a5265444f03acd8af09f96b7a2d8553ce86a1db45c389bdf5f63164067e622

Sharing

Copy URL Twitter E-mail

General

Target

d6a5265444f03acd8af09f96b7a2d8553ce86a1db45c389bdf5f63164067e622
Size

2.1MB
MD5

4dc7b9b4ba01ea337857762dddb3b266
SHA1

68f804b5a214a5fa40b3318625a04ed411abca44
SHA256

d6a5265444f03acd8af09f96b7a2d8553ce86a1db45c389bdf5f63164067e622
SHA512

16023adc2470c93ef436ab12ba990b445fe487b726b6df5b09df989e3d109b38ebd06a425552b15e1c1ce0aad2cc376d818b4ee251c4872f96722c330fd060b2
SSDEEP

49152:gb/LoTRgRmmNN9liJF0cFSPKpbyXSjCxVxtvDsmYj4EG:gbUTRgRm2NWJF0cFSPKp9O5tvDsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6a5265444f03acd8af09f96b7a2d8553ce86a1db45c389bdf5f63164067e622

Files

d6a5265444f03acd8af09f96b7a2d8553ce86a1db45c389bdf5f63164067e622
.exe windows:6 windows x86

af05d99c40807a4a08eed6238c78f732

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
HeapQueryInformation
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
IsValidCodePage
GetTimeZoneInformation
GetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
RtlUnwind
CreateThread
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
OutputDebugStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
GetCommandLineA
SetCurrentDirectoryA
VirtualQuery
VirtualAlloc
DeleteFileW
GetSystemInfo
SetEnvironmentVariableA
AreFileApisANSI
WaitForSingleObject
GetModuleHandleExW
ExitProcess
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
lstrcpyA
GetWindowsDirectoryA
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
GetACP
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
GetFullPathNameA
FlushFileBuffers
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetVersionExA
GetCurrentThread
lstrcmpA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GetThreadLocale
FileTimeToSystemTime
GetCurrentProcessId
ResumeThread
SuspendThread
SetThreadPriority
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
EncodePointer
FindResourceA
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
SetLastError
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetCommModemStatus
OutputDebugStringA
ClearCommError
lstrcatA
ReadFile
EscapeCommFunction
SetCommTimeouts
SetCommState
BuildCommDCBA
GetCommState
PurgeComm
SetupComm
SetCommMask
TryEnterCriticalSection
FormatMessageA
DecodePointer
HeapSize
GetLastError
RaiseException
InitializeCriticalSectionEx
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetExitCodeProcess
CreateProcessA
GetStartupInfoA
SetFileAttributesA
GetFileAttributesA
CopyFileA
MultiByteToWideChar
WriteFile
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA
lstrlenA
GetCurrentThreadId
GetModuleFileNameA
CloseHandle
DeleteCriticalSection
CreateEventA
InitializeCriticalSection
DeleteFileA
LeaveCriticalSection
EnterCriticalSection
SetEvent
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ReadConsoleW

user32

DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
SetParent
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
LoadImageA
SetRectEmpty
DrawFocusRect
GetMenuDefaultItem
CreatePopupMenu
DestroyIcon
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableA
OffsetRect
CharNextA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CopyImage
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
CharUpperA
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
SetCursor
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
MapVirtualKeyA
GetWindowRgn
IntersectRect
InflateRect
FillRect
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
GetMessageA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
EnableWindow
SendMessageA
MessageBoxA
wsprintfA
SetWindowTextA
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DestroyCursor
CreateMenu
SetCursorPos
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
DispatchMessageA
RegisterWindowMessageA
FrameRect
CharUpperBuffA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongA
LockWindowUpdate
GetKeyNameTextA
LoadIconW
GetSystemMenu
AppendMenuA
GetWindowRect
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
UnregisterClassA
PostMessageA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetParent
ShowWindow
MoveWindow
SetWindowPos
CheckDlgButton
SendDlgItemMessageA
GetDlgCtrlID
SetFocus
GetFocus
GetWindowTextA
GetWindowTextLengthA
SetWindowLongA
GetWindow
IsDialogMessageA
LoadMenuW

gdi32

SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
SetWindowExtEx
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
SetTextAlign
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
EnumFontFamiliesExA
CopyMetaFileA
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoA
SHGetSpecialFolderLocation
ShellExecuteA
DragQueryFileA
SHAppBarMessage
DragFinish
SHGetPathFromIDListA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFileExistsA

uxtheme

GetWindowTheme
GetThemeSysColor
GetThemePartSize
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName

ole32

CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CoCreateGuid
OleRun
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
DoDragDrop
CoCreateInstance
CoRegisterMessageFilter

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysStringLen
SafeArrayDestroy
SysAllocStringByteLen
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SysFreeString
VariantClear

oledlg

ord8

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af05d99c40807a4a08eed6238c78f732

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 340KB - Virtual size: 339KB

.data Size: 30KB - Virtual size: 61KB

.rsrc Size: 90KB - Virtual size: 90KB

.reloc Size: 131KB - Virtual size: 130KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 340KB - Virtual size: 339KB

.data
Size: 30KB - Virtual size: 61KB

.rsrc
Size: 90KB - Virtual size: 90KB

.reloc
Size: 131KB - Virtual size: 130KB