f7bf325f38ab1d7b2522384666732ad89638fc88f6da12b3d98b6f02af5161cb

Sharing

Copy URL

Twitter E-mail

General

Target

f7bf325f38ab1d7b2522384666732ad89638fc88f6da12b3d98b6f02af5161cb
Size

2.1MB
MD5

3575c94c5300b0004cfdc617a8749567
SHA1

92ea80e56bc60d5ac3c0527a83e45d0248fa8e51
SHA256

f7bf325f38ab1d7b2522384666732ad89638fc88f6da12b3d98b6f02af5161cb
SHA512

799800828a1f61c554f59bcafdb7a445947cdfb97cf25155367cb0a2aab5f0e6636e96ef5e3c96b5bf9a13c554b3f970c0e134710e376c810b9e52373f0cc5d0
SSDEEP

49152:sCXC/Gl6+giTQd7U0aTiDyMcj2suuA6tXOtMyWcKp:sCXC/GlVgiEU0aTiD5cj2suuA6tXFyb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7bf325f38ab1d7b2522384666732ad89638fc88f6da12b3d98b6f02af5161cb

Files

f7bf325f38ab1d7b2522384666732ad89638fc88f6da12b3d98b6f02af5161cb
.exe windows:6 windows x86

70336f246d1e91e30d119467b1d47a27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
GetTimeZoneInformation
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
GetStdHandle
ExitProcess
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetDriveTypeW
LCMapStringW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameW
GetWindowsDirectoryW
GetProfileIntW
GetTickCount
GetTempPathW
SearchPathW
VerifyVersionInfoW
VerSetConditionMask
GetCurrentDirectoryW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
ResumeThread
SetThreadPriority
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
CompareStringA
lstrcmpA
GetCurrentThread
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetVersionExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
SetLastError
MulDiv
GlobalSize
SetEvent
CreateEventW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
ReadFile
GetFileSize
GlobalReAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetProcAddress
ReleaseMutex
GetModuleFileNameW
CreateMutexW
GetFileAttributesW
DeleteFileW
LocalFree
GetCurrentProcess
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
FindResourceExW
GetModuleHandleW
CopyFileW
OutputDebugStringA
Sleep
lstrcpyW
lstrcmpiW
FindNextFileW
CreateDirectoryW
FindClose
FindFirstFileW
OutputDebugStringW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FormatMessageW
CreateFileW
GetPrivateProfileIntW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
FindResourceW
LoadResource
LockResource
SizeofResource
GetPrivateProfileStringW
CloseHandle
WriteFile
FreeLibraryAndExitThread
WriteConsoleW

user32

CopyImage
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
IntersectRect
InflateRect
LoadCursorW
GetSysColorBrush
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetCursor
ShowOwnedPopups
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
SystemParametersInfoW
OffsetRect
MessageBeep
IsZoomed
PostQuitMessage
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
SendDlgItemMessageA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
NotifyWinEvent
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
ModifyMenuW
PostThreadMessageW
GetKeyboardState
FindWindowW
FindWindowExW
PostMessageW
GetForegroundWindow
GetKeyboardLayout
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
FillRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
SetRectEmpty
GetAsyncKeyState
MapDialogRect
WaitMessage
WindowFromPoint
DeleteMenu
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
InsertMenuItemW
DestroyIcon
UnpackDDElParam
ReuseDDElParam
SetParent
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
IsRectEmpty
TrackMouseEvent
MessageBoxW
GetWindowThreadProcessId
MapVirtualKeyExW
ToUnicodeEx
IsClipboardFormatAvailable
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MapVirtualKeyW
LoadImageW
GetDC
ReleaseDC
SetRect
SetCapture
ClientToScreen
ScreenToClient
ReleaseCapture
InvalidateRect
UpdateWindow
EnableWindow
KillTimer
SetTimer
GetSystemMetrics
GetClientRect
SetWindowRgn
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
CharUpperW
SendMessageW
IsWindow
SetFocus
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
GetFocus
IsWindowEnabled
GetParent
UnhookWindowsHookEx
DrawTextW
DrawTextExW
GrayStringW
GetSystemMenu
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongW
GetKeyNameTextW
UnionRect
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
DrawIcon
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
GetUpdateRect
SubtractRect
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetMenu

gdi32

CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
CreateBitmap
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32W
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
SetPixel
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
EnumFontFamiliesExW
GetBkColor
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetDIBits
RealizePalette
GetStockObject
StretchBlt
DeleteDC
CombineRgn
ExtCreateRegion
BitBlt
CreateFontW
CreateCompatibleBitmap
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleDC
OffsetWindowOrgEx
SelectPalette
GetObjectW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHGetFolderPathW

shlwapi

PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathIsUNCW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
IsAppThemed
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
OpenThemeData
CloseThemeData
GetThemePartSize

ole32

OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleGetClipboard
DoDragDrop
CoDisconnectObject
CoCreateGuid
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
OleLoadPicture
SysFreeString

gdiplus

GdipGetImageHeight
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImagePixelFormat

winmm

PlaySoundW

msi

ord217
ord173

hiddevice

ord4
ord5
ord2
ord7
ord8
ord3

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70336f246d1e91e30d119467b1d47a27

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

winmm

msi

hiddevice

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 348KB - Virtual size: 348KB

.data Size: 21KB - Virtual size: 40KB

.rsrc Size: 108KB - Virtual size: 108KB

.reloc Size: 138KB - Virtual size: 138KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 348KB - Virtual size: 348KB

.data
Size: 21KB - Virtual size: 40KB

.rsrc
Size: 108KB - Virtual size: 108KB

.reloc
Size: 138KB - Virtual size: 138KB