53c90408e452c08bc92625e5ebd4d41aab029da57ef0b124a508e3563a424731

Sharing

Copy URL Twitter E-mail

General

Target

53c90408e452c08bc92625e5ebd4d41aab029da57ef0b124a508e3563a424731
Size

4.5MB
MD5

e08c2f68b1acb210c6308d50fdad6cf3
SHA1

0dfaa343d8c98b729bd1830900a3a727f5f186e9
SHA256

53c90408e452c08bc92625e5ebd4d41aab029da57ef0b124a508e3563a424731
SHA512

8003da0154c759fd6efb769965ebdcdbadc2174830d50b5144d54f25c98e4e2a1b39a2497638cb6c388c6875ba42d178c394c0fd624b1cb746d6727febeeda98
SSDEEP

98304:zSK7HaW2VEQD8JaAAaPjJd8s84oNdoC1mmIjhmg6/jyqlrC:rYVE8vAAujlpoNdoC1mRjQi+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53c90408e452c08bc92625e5ebd4d41aab029da57ef0b124a508e3563a424731

Files

53c90408e452c08bc92625e5ebd4d41aab029da57ef0b124a508e3563a424731
.exe windows:6 windows x86

fd8667728a17061ea6af7795476a72c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCanonicalizeW
PathIsRelativeW
PathIsRootW
PathIsDirectoryW
PathFileExistsW
SHSetValueW
SHDeleteKeyW
PathAppendW
PathRemoveFileSpecW
PathUnquoteSpacesW
SHAutoComplete
PathCompactPathExW
StrFormatByteSizeW
AssocQueryStringW
StrCmpLogicalW
PathRelativePathToW
SHGetValueW
PathIsURLW

uxtheme

CloseThemeData
GetThemeInt
GetThemeBackgroundContentRect
SetWindowTheme
OpenThemeData
GetThemeColor
BeginBufferedPaint
BufferedPaintSetAlpha
EndBufferedPaint
DrawThemeBackground

kernel32

GlobalAddAtomW
DeleteAtom
lstrlenW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
GetFullPathNameW
GetLongPathNameW
GetShortPathNameW
GetModuleFileNameW
CreateFileW
CloseHandle
CreateDirectoryW
GetCurrentDirectoryW
Sleep
SetCurrentDirectoryW
FormatMessageW
GetTickCount64
GetWindowsDirectoryW
GetCurrentProcess
GetFileTime
WriteFile
SetFileTime
GetFileSizeEx
GlobalMemoryStatusEx
ReadFile
WideCharToMultiByte
GetFileSize
FlushFileBuffers
SetFilePointer
SetEndOfFile
SetDllDirectoryW
CreateMutexW
SystemTimeToFileTime
SetErrorMode
GetUserDefaultLCID
GetStringTypeExW
LCMapStringW
ExpandEnvironmentStringsW
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
GetStringTypeExA
LCMapStringA
GetSystemTime
FileTimeToSystemTime
CreateThread
CreateProcessW
GetFileInformationByHandle
CompareFileTime
CopyFileW
GetFileAttributesW
SetFileAttributesW
MoveFileExA
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetTimeFormatW
CreateFileA
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
lstrcpyW
GetCommandLineA
GetOEMCP
GetACP
GlobalFree
HeapReAlloc
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
GetStdHandle
SetEnvironmentVariableW
ExitProcess
GlobalLock
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
CreateFileMappingA
GetModuleHandleA
MapViewOfFileEx
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
GetCPInfo
CompareStringEx
GetSystemTimeAsFileTime
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoEx
RaiseException
IsProcessorFeaturePresent
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitOnceBeginInitialize
InitOnceComplete
GetNativeSystemInfo
WaitForSingleObjectEx
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetStringTypeW
FormatMessageA
GlobalAlloc
FindNextFileW
FindClose
FindFirstFileW
FindFirstFileExW
lstrcpynW
LoadLibraryA
GetModuleHandleW
MulDiv
GetLastError
GetProcAddress
FreeLibrary
LoadLibraryW
SetLastError
VerifyVersionInfoW
VerSetConditionMask
GlobalUnlock
LocalFree
LocalAlloc
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW
IsValidCodePage
LoadLibraryExW

user32

ReleaseCapture
GetClassNameW
InvalidateRgn
BeginPaint
GetClientRect
GetWindowLongW
SendMessageW
GetWindowTextLengthW
GetWindowTextW
EndPaint
DrawTextW
InflateRect
GetWindowRect
GetCursorPos
GetSysColor
PostMessageW
CheckDlgButton
PtInRect
GetFocus
GetSystemMetrics
IntersectRect
MapWindowPoints
GetParent
GetDC
ReleaseDC
ScreenToClient
SystemParametersInfoW
DialogBoxParamW
CreateDialogParamW
EnableWindow
ShowWindow
BringWindowToTop
SetForegroundWindow
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
DestroyWindow
EndDialog
SetFocus
GetKeyState
CreatePopupMenu
CheckMenuItem
CheckRadioButton
SendDlgItemMessageW
AppendMenuW
InsertMenuW
DestroyMenu
CreateDialogIndirectParamW
GetWindowPlacement
GetDesktopWindow
CopyRect
GetDCEx
LoadStringA
SetTimer
KillTimer
IsDlgButtonChecked
EnumWindows
RegisterWindowMessageW
TrackPopupMenu
GetSubMenu
LoadMenuW
ClientToScreen
LoadStringW
SetDlgItemTextW
DrawIconEx
GetSysColorBrush
SetClipboardData
EmptyClipboard
OpenClipboard
CloseClipboard
EnumDisplayMonitors
GetMonitorInfoW
SetWindowTextW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
GetSystemMenu
EnumThreadWindows
EnumChildWindows
CloseWindow
LoadCursorW
SetCursor
SetCapture
RedrawWindow
DrawFocusRect
RemovePropW
GetPropW
SetPropW
RegisterClipboardFormatW
IsZoomed
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InvalidateRect
SetWindowRgn
CallWindowProcW
SetWindowPlacement
MoveWindow
GetWindowDC
SetLayeredWindowAttributes
MessageBoxW
SetCursorPos
GetDlgItemTextW
DefDlgProcW
CreateWindowExW
SetWindowLongW
GetDlgItem
LoadImageW
SetWindowPos
OffsetRect

gdi32

CreateFontIndirectW
GetObjectW
CreateSolidBrush
PatBlt
SelectObject
GetDeviceCaps
CreateRectRgnIndirect
SetRectRgn
CombineRgn
DeleteObject
SetTextColor
SetBkColor
EnumFontsW
SetBkMode
ExtTextOutW
CreateRectRgn

comdlg32

GetOpenFileNameW

advapi32

CryptAcquireContextW
CryptReleaseContext
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

SHGetDesktopFolder
ord701
DragQueryFileW
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
SHGetKnownFolderPath
SHCreateItemFromParsingName

ole32

CoCreateInstance
ReleaseStgMedium
OleDuplicateData
DoDragDrop
CoUninitialize
CoInitializeEx
OleUninitialize
CoGetApartmentType
CoGetObjectContext
RegisterDragDrop
CoTaskMemFree
CoTaskMemAlloc
OleInitialize

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipAddPathArcI
GdipClosePathFigure
GdipStartPathFigure
GdipResetPath
GdipDeletePath
GdipCreatePath
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipDrawRectangleI
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipDrawPath

comctl32

ord412
ord410
ord413
InitCommonControlsEx
ord381
ImageList_GetImageCount
ImageList_GetImageInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd8667728a17061ea6af7795476a72c4

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

gdiplus

comctl32

version

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 141KB - Virtual size: 140KB

.data Size: 18KB - Virtual size: 23KB

.rsrc Size: 174KB - Virtual size: 174KB

.reloc Size: 36KB - Virtual size: 36KB

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 141KB - Virtual size: 140KB

.data
Size: 18KB - Virtual size: 23KB

.rsrc
Size: 174KB - Virtual size: 174KB

.reloc
Size: 36KB - Virtual size: 36KB