15a8927bde65af573951db1ab861487e31ea3d5292c340be158098d7ec5ca59b

Sharing

Copy URL Twitter E-mail

General

Target

15a8927bde65af573951db1ab861487e31ea3d5292c340be158098d7ec5ca59b
Size

796KB
MD5

6632711387a62ad66a5bd7507bf56ca9
SHA1

af73a9418b34e1185cbde542639f8ef15feeff67
SHA256

15a8927bde65af573951db1ab861487e31ea3d5292c340be158098d7ec5ca59b
SHA512

039ef7652a3ad767bc4432cc4a119d1f86b6b3fa59dd6b6929a9c583c4f2542befd883b54294f16ad9151c29164214e8f4e3dccf2db359a39700d3bd337f7ced
SSDEEP

12288:ySdGIU3C6H4h6kBOuWN3Y0Cr5rYx05lWRuGQ7L5gQONw3:ySkIWT4hCQY65zfEN6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a8927bde65af573951db1ab861487e31ea3d5292c340be158098d7ec5ca59b

Files

15a8927bde65af573951db1ab861487e31ea3d5292c340be158098d7ec5ca59b
.dll windows:4 windows x86

c5e8a7ab770990b0f5dae57c8110b522

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
GetTickCount
SetEvent
GetModuleFileNameA
WaitForMultipleObjects
TerminateProcess
GetSystemDirectoryW
GetWindowsDirectoryW
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
CreateThread
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeResource
CreateEventW
SetHandleCount
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
HeapCreate
GetStdHandle
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
GetCommandLineA
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetThreadLocale
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
InterlockedCompareExchange
ResetEvent
ReleaseMutex
FreeLibrary
FindFirstFileW
GetFileAttributesW
GetCurrentProcessId
CreateMutexW
GetModuleHandleW
Sleep
lstrlenW
MoveFileW
WritePrivateProfileStringW
SetFilePointer
LocalAlloc
FlushFileBuffers
CreateFileA
WriteFile
LocalFree
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
DeleteCriticalSection
GetLocalTime
EnterCriticalSection
SetLastError
CreateFileW
GetFileSize
ReadFile
GetCurrentThreadId
CloseHandle
lstrlenA
GetLastError
GetVersionExW
InterlockedExchange
MultiByteToWideChar
FlushInstructionCache
GetCurrentProcess
WideCharToMultiByte
RaiseException
LeaveCriticalSection
GetFileType
GetPrivateProfileIntW
FindResourceW
GetPrivateProfileStringW
FindClose
LoadResource
CreateDirectoryW
LoadLibraryW
GetProcAddress
GetModuleFileNameW
InitializeCriticalSection
DeleteFileW
LockResource
FindResourceExW
SizeofResource
GetStartupInfoA

user32

SetRect
GetDC
LoadCursorW
SendMessageW
RegisterWindowMessageW
SetActiveWindow
ShowWindow
GetNextDlgTabItem
ClientToScreen
ReleaseDC
RegisterClassExW
GetClassInfoExW
DestroyWindow
CreateWindowExW
InvalidateRect
FindWindowW
MoveWindow
GetActiveWindow
CopyRect
GetDesktopWindow
IsWindowEnabled
GetParent
DefWindowProcW
EnableWindow
GetWindow
GetWindowRect
GetWindowThreadProcessId
GetWindowLongW
GetForegroundWindow
GetClientRect
MapWindowPoints
SetWindowLongW
SystemParametersInfoW
IsWindow
SetWindowPos
AttachThreadInput
PostMessageW
SetForegroundWindow
InflateRect
LoadImageW
LoadBitmapW
PostThreadMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
GetMessageW
CallWindowProcW
ReleaseCapture
GetMonitorInfoW
GetDlgCtrlID
IsChild
MonitorFromWindow
SetRectEmpty
DestroyIcon
GetFocus
SetCapture
IsRectEmpty
DrawIconEx
LoadIconW
SetTimer
EndPaint
IsDialogMessageW
KillTimer
EqualRect
DrawTextW
IntersectRect
GetDlgItem
UpdateLayeredWindow
SetCursor
PtInRect
GetCursorPos
IsWindowVisible
ScreenToClient
SetFocus
UnregisterClassA
BeginPaint
OffsetRect
DrawFrameControl

gdi32

ExtSelectClipRgn
MoveToEx
GetViewportOrgEx
CreateRectRgnIndirect
RectInRegion
TextOutW
GetTextExtentPoint32W
SetViewportOrgEx
SetBkMode
GetCurrentObject
CombineRgn
GetClipRgn
CreateRoundRectRgn
RoundRect
LineTo
GetTextColor
SaveDC
RestoreDC
OffsetRgn
CreateCompatibleBitmap
GetObjectW
StretchBlt
DeleteDC
SetStretchBltMode
BitBlt
SetTextColor
Rectangle
CreateBitmap
CreateRectRgn
SelectObject
ExtTextOutW
GetStockObject
CreateCompatibleDC
CreatePen
SelectClipRgn
CreateDIBSection
GetDeviceCaps
DeleteObject
SetBkColor
CreateFontIndirectW

advapi32

RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance

shlwapi

StrToIntW
PathIsDirectoryW
PathFindFileNameW
StrToIntA
PathFindExtensionW
PathCombineW
PathRemoveFileSpecW
PathAppendW
PathAddBackslashW
PathFileExistsW

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipSetCompositingQuality
GdipDrawLine
GdipCloneFontFamily
GdipSetPenDashStyle
GdipSetStringFormatFlags
GdipCreateStringFormat
GdipDrawLinesI
GdipSetStringFormatTrimming
GdipGetFamily
GdipCreatePath
GdipSetPixelOffsetMode
GdipDeleteBrush
GdipCreateLineBrushFromRectWithAngleI
GdipSetStringFormatLineAlign
GdipFillPath
GdipSetClipPath
GdipDrawImageI
GdipMeasureString
GdipDeletePath
GdipCreateFontFromLogfontW
GdipPrivateAddFontFile
GdipAddPathRectangleI
GdipSetSmoothingMode
GdipDeleteFont
GdipDeletePrivateFontCollection
GdipCreateSolidFill
GdipAddPathArcI
GdipFillRectangle
GdipResetWorldTransform
GdipDrawPath
GdipRotateWorldTransform
GdipCloneBrush
GdipTranslateWorldTransform
GdipSetPenMode
GdipDrawRectangleI
GdipGetFontSize
GdipSetPenEndCap
GdipFillRectangleI
GdipNewPrivateFontCollection
GdipAddPathPieI
GdipAddPathStringI
GdipDrawString
GdipCreateFont
GdipSetTextRenderingHint
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipGetFontCollectionFamilyCount
GdipDeletePen
GdipGetFontCollectionFamilyList
GdipCreatePen1
GdipSetPenStartCap
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdiplusShutdown
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGraphicsClear
GdipGetImagePixelFormat
GdipGetImageWidth
GdipSetInterpolationMode
GdipDisposeImage
GdipCloneBitmapArea
GdipImageRotateFlip
GdipCreateImageAttributes
GdipLoadImageFromFile
GdipDrawImageRectRectI
GdiplusStartup
GdipGetImageHeight
GdipAlloc
GdipDrawImageRectI
GdipSetImageAttributesColorMatrix
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipDrawImageRectRect
GdipDisposeImageAttributes
GdipLoadImageFromStream
GdipCloneImage
GdipDeleteFontFamily
GdipFree
GdipClosePathFigure

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Exports

Exports

DllGetClassObject

Sections

.text
Size: 580KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5e8a7ab770990b0f5dae57c8110b522

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

msimg32

gdiplus

version

Exports

Exports

Sections

.text Size: 580KB - Virtual size: 577KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 40KB - Virtual size: 37KB

.reloc Size: 52KB - Virtual size: 50KB

.text
Size: 580KB - Virtual size: 577KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 40KB - Virtual size: 37KB

.reloc
Size: 52KB - Virtual size: 50KB