9359b9e7bd28aae1cfff9ad628d0b402b3880a5740fa1756d075b94fa6b2751e

Sharing

Copy URL

Twitter E-mail

General

Target

9359b9e7bd28aae1cfff9ad628d0b402b3880a5740fa1756d075b94fa6b2751e
Size

2.9MB
MD5

f47ab7e60fa15125d6b530aa63933300
SHA1

e90432fb2d1d2baf4960c9a79d6c919a84e07daf
SHA256

9359b9e7bd28aae1cfff9ad628d0b402b3880a5740fa1756d075b94fa6b2751e
SHA512

f4c4747920cd819e92ea23ec2e78d9fef7ebe541f7e2d7c240687819ddf6c4cb8030c6cdd67425cc522eddc25137ab29b42aeee11d018b835a5d5191d8e33525
SSDEEP

49152:GlMBeoy8PrbFp+pxTyZPPPgswh4Q/T8hDL0nqJ4NfsqBK1EY449YgiTNVV31KuZ7:GlMBFy8vP+pxcnPgswr/T8hDL0nqJ4N9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9359b9e7bd28aae1cfff9ad628d0b402b3880a5740fa1756d075b94fa6b2751e

Files

9359b9e7bd28aae1cfff9ad628d0b402b3880a5740fa1756d075b94fa6b2751e
.exe windows:6 windows x86

39c1a5e30850978c615d2924be7f2f87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
VirtualQuery
VirtualAlloc
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
GetTimeZoneInformation
RtlUnwind
GetCPInfo
ReadConsoleW
GetStdHandle
LCMapStringEx
QueryPerformanceFrequency
GetStringTypeW
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
RaiseException
GetConsoleOutputCP
GetDateFormatW
GetTimeFormatW
GetFileType
ExitProcess
SetFilePointerEx
LCMapStringW
IsValidLocale
EnumSystemLocalesW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
GetUserDefaultLCID
GetProfileIntW
GetTickCount64
SearchPathW
VerifyVersionInfoW
VerSetConditionMask
SetErrorMode
GlobalFlags
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileIntW
GetThreadLocale
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetConsoleMode
GetFullPathNameW
GetFileSize
FlushFileBuffers
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
CompareStringA
lstrcmpA
GetCurrentThread
VirtualProtect
ResumeThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryA
GetModuleHandleA
EncodePointer
FormatMessageW
GlobalSize
SetFilePointer
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
FindResourceExW
LoadLibraryExW
DecodePointer
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
lstrcpyW
CopyFileW
SetThreadExecutionState
GetCurrentDirectoryA
SetThreadUILanguage
GetUserDefaultUILanguage
SetProcessShutdownParameters
lstrcmpW
GetLocalTime
GetSystemTime
MulDiv
GetCurrentDirectoryW
GetProcessId
GetSystemWindowsDirectoryW
SetCurrentDirectoryW
GetComputerNameExW
QueryPerformanceCounter
GetSystemInfo
GetFileAttributesW
CreateDirectoryW
GetWindowsDirectoryW
GetSystemTimeAsFileTime
GetVersionExW
GetModuleHandleW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemDirectoryW
OpenProcess
CreateProcessW
GetExitCodeProcess
SetLastError
TerminateProcess
LocalFree
CreateMutexW
lstrcpynW
DeleteFileW
GetTempFileNameW
GetTempPathW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringA
SetNamedPipeHandleState
FindClose
FindNextFileW
FindFirstFileW
WideCharToMultiByte
WriteFileEx
ReadFileEx
HeapFree
DisconnectNamedPipe
GetExitCodeThread
ExitThread
GetProcessHeap
HeapAlloc
GetOverlappedResult
WaitForMultipleObjectsEx
ConnectNamedPipe
CreateNamedPipeW
ReadFile
WriteFile
ProcessIdToSessionId
ResetEvent
WaitNamedPipeW
CreateFileW
CreateEventW
SetEvent
GetCurrentProcessId
MultiByteToWideChar
GetTickCount
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
GetPrivateProfileStringW
CreateThread
SetThreadPriority
TerminateThread
CloseHandle
WaitForSingleObject
GetCurrentThreadId
FreeLibrary
GetProcAddress
LoadLibraryW
Sleep
GetModuleFileNameW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW

user32

GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
WindowFromPoint
IntersectRect
InflateRect
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
TranslateAcceleratorW
CreatePopupMenu
UnpackDDElParam
PostMessageW
EnableWindow
MapWindowPoints
MessageBoxW
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetMessageW
ScrollWindow
ValidateRect
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetFocus
SetFocus
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
ReuseDDElParam
AppendMenuW
InsertMenuW
GetMenuItemID
GetMenuState
GetMenuStringW
SetWindowContextHelpId
LockWorkStation
GetKeyState
GetClassInfoW
FindWindowW
GetKeyboardLayout
GetGUIThreadInfo
EnableMenuItem
DrawEdge
DrawStateW
GetSysColorBrush
DrawIconEx
ShowOwnedPopups
CopyImage
RealChildWindowFromPoint
IsClipboardFormatAvailable
DestroyIcon
DeleteMenu
WaitMessage
LoadAcceleratorsW
SetCapture
ReleaseCapture
TranslateMessage
CheckMenuItem
GetMenuItemCount
GetAsyncKeyState
MapDialogRect
GetKeyNameTextW
MapVirtualKeyW
SendDlgItemMessageA
PostQuitMessage
DestroyMenu
GetMenuItemInfoW
CharUpperW
IsZoomed
SetScrollPos
MessageBeep
SendMessageW
GetDC
ReleaseDC
SetRectEmpty
GetSysColor
CopyRect
DrawFocusRect
GetClientRect
GetWindowRect
FillRect
DrawFrameControl
OffsetRect
SetRect
TabbedTextOutW
PtInRect
TrackMouseEvent
InvalidateRect
GetCursorPos
ScreenToClient
SetCursor
LoadCursorW
GetMessagePos
GetParent
SetWindowRgn
PrintWindow
IsRectEmpty
BringWindowToTop
KillTimer
SetTimer
LoadIconW
RedrawWindow
LoadImageW
WindowFromDC
BeginPaint
EndPaint
ClientToScreen
AdjustWindowRectEx
MoveWindow
GetWindow
GetDlgCtrlID
GetWindowThreadProcessId
GetDesktopWindow
GetWindowTextW
IsWindowVisible
GetClassNameW
ShowWindow
GetForegroundWindow
GetWindowRgn
AttachThreadInput
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
GetSystemMetrics
SystemParametersInfoW
IsIconic
DrawIcon
UpdateWindow
ModifyMenuW
LoadMenuW
GetSubMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SwitchToThisWindow
InsertMenuItemW
RemoveMenu
SetParent
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
GetSystemMenu
NotifyWinEvent
PostThreadMessageW
UnregisterClassW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongW
CharNextW
InvalidateRgn
GetNextDlgGroupItem
SetCursorPos
UnionRect
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
GetUpdateRect
HideCaret
InvertRect
FrameRect
CharUpperBuffW
UpdateLayeredWindow
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetComboBoxInfo
CreateMenu
DestroyCursor
RegisterWindowMessageW

gdi32

MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
CreateDIBitmap
SetTextAlign
GetTextCharsetInfo
GetDIBits
RealizePalette
SetPixel
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
SetPixelV
GetTextFaceW
SetStretchBltMode
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
SetTextColor
SetBkColor
CreateDCW
GetStockObject
GetObjectW
GetDeviceCaps
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
CreateRectRgn
CombineRgn
StretchBlt
SelectObject
GetTextMetricsA
GetTextExtentPointA
CreateFontW
GetTextMetricsW
EnumFontFamiliesW
SetROP2
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenCurrentUser
RegQueryValueW
LsaClose
LsaStorePrivateData
LsaNtStatusToWinError
LsaOpenPolicy
CreateWellKnownSid
CreateProcessAsUserW
LogonUserW
OpenProcessToken
DuplicateTokenEx
DuplicateToken
CheckTokenMembership
GetTokenInformation
ImpersonateLoggedOnUser
RegSetValueExW
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegFlushKey
RegCreateKeyExW
RegCloseKey

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
ShellExecuteW
SHGetFolderPathW
SHCreateDirectoryExW
SHBrowseForFolderW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
ord12
PathFileExistsW
StrFormatKBSizeW

uxtheme

OpenThemeData
GetThemeColor
GetCurrentThemeName
DrawThemeText
CloseThemeData
DrawThemeBackground
GetThemeSysColor
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetWindowTheme

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoFreeUnusedLibraries
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantInit
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
VariantCopy
VariantChangeType

oledlg

OleUIBusyW

gdiplus

GdipDeletePen
GdipGetFontHeight
GdipSetSolidFillColor
GdipMeasureString
GdipSetStringFormatTrimming
GdipBitmapGetPixel
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectRect
GdipGetStringFormatFlags
GdipCreateBitmapFromHICON
GdipLoadImageFromFile
GdipCreateBitmapFromStream
GdipCreatePen2
GdipGetStringFormatLineAlign
GdipDrawImagePointRect
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipSetInterpolationMode
GdipGetImageHeight
GdipCreateBitmapFromStreamICM
GdipCloneStringFormat
GdipDrawString
GdipCloneBrush
GdipDeleteBrush
GdipGetRegionBounds
GdipMeasureCharacterRanges
GdipSetStringFormatMeasurableCharacterRanges
GdipCreateRegion
GdipCreateSolidFill
GdipDeleteFont
GdipGetImageWidth
GdipCreateFromHDC
GdipCreateFont
GdipSetStringFormatFlags
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipLoadImageFromStream
GdipCloneImage
GdipAlloc
GdipDrawImageRectRectI
GdipFree
GdipDisposeImage
GdipDeleteRegion

dbghelp

MiniDumpWriteDump

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wtsapi32

WTSQueryUserToken

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

netapi32

DsRoleFreeMemory
DsRoleGetPrimaryDomainInformation

winmm

mixerGetDevCapsW
mixerGetNumDevs
waveInGetNumDevs
mixerSetControlDetails
mixerClose
mixerGetControlDetailsW
mixerGetLineControlsW
mixerOpen
waveInGetDevCapsW
PlaySoundW
mixerGetLineInfoW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

crypt32

CryptProtectData

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 430KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39c1a5e30850978c615d2924be7f2f87

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

dbghelp

userenv

wtsapi32

version

netapi32

winmm

oleacc

imm32

crypt32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 430KB - Virtual size: 429KB

.data Size: 27KB - Virtual size: 51KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 164KB - Virtual size: 164KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 430KB - Virtual size: 429KB

.data
Size: 27KB - Virtual size: 51KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 164KB - Virtual size: 164KB