c35dfb5f3ce5f913c6d1064f5cd40948afc59d4942f5d4c09cf52c4a01b8b7bc

Sharing

Copy URL Twitter E-mail

General

Target

c35dfb5f3ce5f913c6d1064f5cd40948afc59d4942f5d4c09cf52c4a01b8b7bc
Size

1.7MB
MD5

1d527c18108303dfee12d32eb68dd9bc
SHA1

e8da64063978a9a3e020739607edd5c5801d4fd2
SHA256

c35dfb5f3ce5f913c6d1064f5cd40948afc59d4942f5d4c09cf52c4a01b8b7bc
SHA512

53347d7024d10556b4426faa0f47450c125902cc2f6dd892142cdc3f0084f4a4952928c3b8f8414bb2ed46f39cc5e9df38c50be5339216f315ff453846567bc4
SSDEEP

49152:mbgj56+0kj8PpayDwVu6TA65tni6gZUDjf0gZA:iIGkgPpa6wVu6TA09i1Sfx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c35dfb5f3ce5f913c6d1064f5cd40948afc59d4942f5d4c09cf52c4a01b8b7bc

Files

c35dfb5f3ce5f913c6d1064f5cd40948afc59d4942f5d4c09cf52c4a01b8b7bc
.exe windows:5 windows x86

7152a6f18592af6f5edaeba648070843

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
CompareStringW
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetACP
QueryPerformanceCounter
VirtualFree
FindResourceA
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
WriteConsoleA
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
CreateThread
ExitThread
RaiseException
ExitProcess
HeapReAlloc
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
FindResourceExA
VirtualProtect
GetProfileIntA
SearchPathA
GetTempPathA
GetTempFileNameA
GetTickCount
GetFileTime
GetFileSizeEx
GetConsoleOutputCP
WriteConsoleW
UnhandledExceptionFilter
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
GetFileAttributesA
lstrcpyA
GetModuleHandleW
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentDirectoryA
FileTimeToSystemTime
GetThreadLocale
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GlobalUnlock
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
FreeResource
GlobalFree
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalAddAtomA
GetCurrentProcessId
GetLastError
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
lstrlenA
Sleep
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
SetEnvironmentVariableA

user32

DrawFrameControl
DrawEdge
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
TranslateAcceleratorA
GetMenuItemInfoA
UnregisterClassA
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageA
CopyImage
OpenClipboard
DrawStateA
RegisterClipboardFormatA
EnumChildWindows
LockWindowUpdate
BringWindowToTop
KillTimer
SetTimer
InflateRect
IsMenu
GetSystemMenu
SetClassLongA
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableA
LoadAcceleratorsA
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
DestroyMenu
PostThreadMessageA
LoadMenuA
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
CharUpperA
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
LoadCursorA
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongA
GetClassNameA
DrawFocusRect
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowLongA
IntersectRect
GetWindowPlacement
GetWindowRect
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawIconEx
DrawTextA
TabbedTextOutA
FillRect
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
WinHelpA
SystemParametersInfoA
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
GetMenuStringA
AppendMenuA
SetCursorPos
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
IsClipboardFormatAvailable
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffA
CopyIcon
SubtractRect
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
SetPropA
GetIconInfo
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
PostMessageA
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
IsIconic
LoadIconA
DrawIcon
GetClientRect
SendMessageA
GetSystemMetrics
EnableWindow
SetRectEmpty

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
OffsetRgn
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
GetDCOrgEx
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
SelectObject
Escape
ExtTextOutA
CreateSolidBrush
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
SetViewportOrgEx
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
CreatePalette
CreateBitmap
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileA
GetDeviceCaps
OffsetViewportOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

shell32

SHGetFileInfoA
SHAppBarMessage
SHGetPathFromIDListA
SHBrowseForFolderA
DragFinish
DragQueryFileA
ShellExecuteA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleInitialize
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoUninitialize

oleaut32

SysStringLen
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
SafeArrayDestroy

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

swnetserverapi

SWNet_GetLocalHostIPName
SWNet_CloseDevice
SWNet_CloseAllSocket
SWNet_RelayOn
SWNet_ReadDeviceOneParam
SWNet_SetDeviceOneParam
SWNet_SetCallback
SWNet_Listening
SWNet_StopRead
SWNet_RelayOff
SWNet_StartRead
SWNet_WriteCardG2

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7152a6f18592af6f5edaeba648070843

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

swnetserverapi

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 24KB - Virtual size: 51KB

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 139KB - Virtual size: 138KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 24KB - Virtual size: 51KB

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 139KB - Virtual size: 138KB