2e421b7c0e56225ff183ae007e4287544eacc9ab8820e00418567170329c3adf

Sharing

Copy URL Twitter E-mail

General

Target

2e421b7c0e56225ff183ae007e4287544eacc9ab8820e00418567170329c3adf
Size

4.3MB
MD5

b9b196aa6c8386da777290748095053c
SHA1

b46659cbc98bc49c5a90d3264e2e990b28c52f5f
SHA256

2e421b7c0e56225ff183ae007e4287544eacc9ab8820e00418567170329c3adf
SHA512

f87796ce8deb63924b429301edbb4b0721f42828e429b9eab79ddff229e5ebe5c71cd4e15797fdbec3f5218160b9a3f7ccf9997f0a595792972bcea0646708e6
SSDEEP

98304:JSa04EAYyzXquR2FLOAkGkzdnEVomFHKnP:XvqVFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e421b7c0e56225ff183ae007e4287544eacc9ab8820e00418567170329c3adf

Files

2e421b7c0e56225ff183ae007e4287544eacc9ab8820e00418567170329c3adf
.exe windows:6 windows x64

563cb71fb180a2714209a75d36091157

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FindFirstFileExA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetDriveTypeW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetCurrentDirectoryW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
WriteConsoleW
CreateFileW
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceW
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSectionEx
MultiByteToWideChar
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
CloseHandle
GlobalUnlock
GlobalFree
WritePrivateProfileStringA
GetPrivateProfileSectionA
GetProcAddress
GetModuleHandleA
HeapFree
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
GetProcessHeap
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
EncodePointer
SetLastError
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CompareStringA
GetCurrentProcessId
GetModuleFileNameA
GlobalSize
LocalFree
MulDiv
FormatMessageA
CopyFileA
GetCurrentThread
WideCharToMultiByte
lstrcmpA
GetPrivateProfileIntA
GetPrivateProfileStringA
VerSetConditionMask
lstrcpyA
VerifyVersionInfoA
SetEvent
WaitForSingleObject
SetThreadPriority
ResumeThread
DeleteFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
GetThreadLocale
FileTimeToLocalFileTime
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
GetCurrentDirectoryA
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetTempPathA
GetTempFileNameA
SetErrorMode
FindResourceExW
GetWindowsDirectoryA
SearchPathA
GetTickCount
GetProfileIntA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

TrackMouseEvent
GetAsyncKeyState
RealChildWindowFromPoint
GetMenuItemInfoA
DestroyMenu
CharUpperA
ShowOwnedPopups
TranslateMessage
GetMessageA
MapVirtualKeyA
GetKeyNameTextA
EnumDisplayMonitors
SystemParametersInfoA
LoadCursorW
LoadCursorA
SetLayeredWindowAttributes
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
WaitMessage
PostQuitMessage
IntersectRect
GetIconInfo
DrawIconEx
CopyImage
DestroyIcon
IsRectEmpty
InflateRect
DrawFocusRect
WindowFromPoint
SetCursor
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetNextDlgGroupItem
OffsetRect
SetRectEmpty
GetCursorPos
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsZoomed
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
BringWindowToTop
GetTopWindow
GetParent
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
LockWindowUpdate
GetDoubleClickTime
CopyIcon
GetWindowRect
GetClientRect
LoadImageA
LoadIconW
GetWindow
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
LoadMenuW
DeleteMenu
MessageBeep
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
LoadImageW
OpenClipboard
CloseClipboard
GetMenuItemID
GetSubMenu
SetClipboardData
EmptyClipboard
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetParent
SetCursorPos
GetDlgCtrlID
SetRect
GetSystemMenu
AppendMenuA
IsIconic
GetSystemMetrics
DrawIcon
UnregisterClassA
DrawStateA
ReleaseDC
UpdateWindow
InvalidateRect
FillRect
GetClassNameA
LoadBitmapW
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
SetFocus
GetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
ModifyMenuA
DestroyAcceleratorTable
SetClassLongPtrA
GetUpdateRect
GetKeyboardLayout
EnableWindow
SendMessageA
GetWindowTextA
GetDC
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
IsClipboardFormatAvailable
SubtractRect
InvertRect
HideCaret
PostThreadMessageA
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperBuffA
RegisterClipboardFormatA
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetLastActivePopup
GetKeyboardState

gdi32

GetTextFaceA
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExA
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
GetRgnBox
Rectangle
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetTextMetricsA
Polyline
Polygon
CreatePolygonRgn
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectA
CombineRgn
GetTextExtentPoint32A
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
CopyMetaFileA
CreateBitmap
SetTextColor
SetBkColor
GetDIBits
RealizePalette
SelectPalette
GetStockObject
CreateDCA
CreateDIBSection
GetObjectA
SetDIBColorTable
SelectObject
DeleteDC
DeleteObject
StretchBlt
SetPixel
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

SystemFunction036
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHGetFileInfoA
DragFinish
SHGetMalloc
ShellExecuteA
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
DrawThemeText
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground

ole32

CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysFreeString
VariantClear
SysAllocStringLen
VariantInit

oledlg

ord8

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown

ws2_32

WSAAsyncSelect
WSASetLastError
WSACleanup
gethostbyname
sendto
send
recvfrom
recv
inet_addr
htonl
bind
accept
closesocket
shutdown
getsockopt
__WSAFDIsSet
select
WSAGetLastError
connect
inet_pton
htons
ioctlsocket
socket
WSAStartup

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 1523.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

563cb71fb180a2714209a75d36091157

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 665KB - Virtual size: 664KB

.data Size: 30KB - Virtual size: 1523.3MB

.pdata Size: 93KB - Virtual size: 92KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 62KB - Virtual size: 61KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 665KB - Virtual size: 664KB

.data
Size: 30KB - Virtual size: 1523.3MB

.pdata
Size: 93KB - Virtual size: 92KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 62KB - Virtual size: 61KB