d4e5bfe25ba533724ed22c38f5767ffcbe66d1f50a14a1e9b590279403d2e320

Sharing

Copy URL Twitter E-mail

General

Target

d4e5bfe25ba533724ed22c38f5767ffcbe66d1f50a14a1e9b590279403d2e320
Size

2.0MB
MD5

e4f8a714b5d4dcf2c46739a6eef6ce46
SHA1

c2c900c16ae4739d990bfcc725a959aca42badc0
SHA256

d4e5bfe25ba533724ed22c38f5767ffcbe66d1f50a14a1e9b590279403d2e320
SHA512

eb6a77dba5e0f48852788c1049bea0fdd14bf5adac9c95bbc78190780983f8c4e2591453b5d16b8c8deed15674d4594c1b514d8e60f39d59bc30e69d7e3f1b53
SSDEEP

49152:pMao+48F4BMIf/V919u8unngERtDYlvpLTPoh5ogcc/kW2jwRY:pMgFcMInV919ugERtDkRPoh5ogcc8e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4e5bfe25ba533724ed22c38f5767ffcbe66d1f50a14a1e9b590279403d2e320

Files

d4e5bfe25ba533724ed22c38f5767ffcbe66d1f50a14a1e9b590279403d2e320
.exe windows:6 windows x86

70ecf675c2be8761babe8a2fea0cccd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
SetFilePointerEx
OutputDebugStringW
IsValidLocale
EnumSystemLocalesW
LCMapStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
CreatePipe
GetConsoleMode
GetFileInformationByHandle
GetConsoleCursorInfo
FillConsoleOutputAttribute
GetConsoleTitleW
SetConsoleTitleW
SetConsoleCursorInfo
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
SetConsoleCursorPosition
ScrollConsoleScreenBufferW
SetConsoleTextAttribute
WriteConsoleInputW
GetEnvironmentVariableW
VerifyVersionInfoW
GetConsoleCP
GetStringTypeW
PeekNamedPipe
GetStdHandle
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
GetTimeZoneInformation
GetFileType
SetStdHandle
HeapQueryInformation
ExitThread
VirtualQuery
VirtualAlloc
GetSystemInfo
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetUserDefaultLCID
FindResourceExW
GetTempFileNameA
GetTempPathA
Sleep
GetProfileIntA
SearchPathA
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
VerifyVersionInfoA
VerSetConditionMask
GetVolumeInformationA
lstrcmpiA
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
lstrcpyA
FileTimeToSystemTime
GetACP
GetThreadLocale
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
ResumeThread
SetThreadPriority
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
LoadLibraryW
GlobalUnlock
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetPrivateProfileIntA
GetModuleHandleW
FindResourceA
GlobalFree
FreeResource
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExA
GetCurrentThread
CreateThread
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
CloseHandle
GetLastError
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetCurrentDirectoryA
SetUnhandledExceptionFilter
GetModuleHandleA
GetCurrentProcess
VirtualProtect
LoadLibraryA
GetProcAddress
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileAttributesExW
WideCharToMultiByte

user32

InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
KillTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
LoadCursorA
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
DestroyIcon
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
GetAsyncKeyState
GetMessageTime
GetMessagePos
GetClassNameA
InvalidateRect
UpdateWindow
DrawStateA
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PtInRect
GetCursorPos
GetFocus
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
LoadMenuW
SetWindowRgn
NotifyWinEvent
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuA
wsprintfW
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetLastActivePopup
GetWindowThreadProcessId
OffsetRect
SetRectEmpty
IsZoomed
GetDesktopWindow
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetLayeredWindowAttributes
GetWindowRgn
SubtractRect
CreateMenu
GetWindowLongA
SetActiveWindow
LoadImageA
UnpackDDElParam
ReuseDDElParam
GetSysColorBrush
TrackMouseEvent
CreateWindowExA
CharUpperA
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
wsprintfA
SetTimer
GetWindowRect
MessageBoxA
PostMessageA
UnregisterClassA
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
RegisterWindowMessageA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
GetUpdateRect
GetComboBoxInfo
MonitorFromPoint
IsCharLowerA
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
DestroyCursor
GetDoubleClickTime
IsClipboardFormatAvailable
InvertRect
HideCaret
GetIconInfo
PostThreadMessageA
FrameRect
CopyIcon
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
ModifyMenuA
LockWindowUpdate
CharUpperBuffA
SetClassLongA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
MapVirtualKeyA
GetKeyNameTextA
RegisterClipboardFormatA
EnumDisplayMonitors
DefWindowProcA
MapVirtualKeyExA

gdi32

GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateCompatibleBitmap
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetObjectType
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
RoundRect
EnumFontFamiliesExA
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceA
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateDIBitmap
DeleteDC
GetTextMetricsA
SelectObject
GetTextExtentPoint32A
CombineRgn

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetFileInfoA
DragQueryFileA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHAppBarMessage
DragFinish

comctl32

InitCommonControlsEx

shlwapi

StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
IsAppThemed
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground

ole32

CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
VariantChangeType
VariantCopy
VarBstrFromDate
VariantClear
VariantInit
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

ws2_32

WSACleanup
recvfrom
__WSAFDIsSet
select
bind
htonl
htons
socket
WSAStartup
closesocket
sendto

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundA

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vs0
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70ecf675c2be8761babe8a2fea0cccd9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

winmm

imm32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 402KB - Virtual size: 401KB

.data Size: 31KB - Virtual size: 208KB

.vs0 Size: 7KB - Virtual size: 7KB

.reloc Size: 126KB - Virtual size: 125KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 402KB - Virtual size: 401KB

.data
Size: 31KB - Virtual size: 208KB

.vs0
Size: 7KB - Virtual size: 7KB

.reloc
Size: 126KB - Virtual size: 125KB

.rsrc
Size: 19KB - Virtual size: 18KB