471145668a210a7c3a243816d94eb5ef52ce3ffdd595e3ce9912412b67992be0

Sharing

Copy URL Twitter E-mail

General

Target

471145668a210a7c3a243816d94eb5ef52ce3ffdd595e3ce9912412b67992be0
Size

4.6MB
MD5

41220899ed48fb181e84b880c1b5d615
SHA1

6f8680fb9ba7e709180ef6045061a2cb068e82c8
SHA256

471145668a210a7c3a243816d94eb5ef52ce3ffdd595e3ce9912412b67992be0
SHA512

dc923cc9f0148e903a0c69bab455c17fd3db576ee07860dd4807314445b11c01ae48eaf44871aa01bbe1367c8bcfdb068b21be22d9a300631af19a32338613f0
SSDEEP

98304:awosaSsrU6A6hTQiNl+m+xMYsadr8xr3nSG5xzvoiI75KK8NcaIwJDIJutZm2+8Z:awosaSsrU6AUQFxrK3nSGg5npaLD+uLB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
471145668a210a7c3a243816d94eb5ef52ce3ffdd595e3ce9912412b67992be0

Files

471145668a210a7c3a243816d94eb5ef52ce3ffdd595e3ce9912412b67992be0
.exe windows:5 windows x86

0de672929b721bd58c8324142a774839

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExA
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
GetCommandLineW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
VirtualQuery
GetSystemInfo
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
FreeEnvironmentStringsW
SwitchToThread
AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
CreateFileW
VirtualFree
VirtualAlloc
GetNativeSystemInfo
FormatMessageW
OutputDebugStringW
GetEnvironmentStringsW
SetEnvironmentVariableA
LCMapStringW
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
SearchPathA
GetProfileIntA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
lstrcpyA
SetErrorMode
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
FileTimeToSystemTime
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
SetEvent
lstrcmpA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetThreadLocale
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
GetModuleHandleA
GetTickCount
LocalFree
LocalAlloc
TerminateProcess
ExitProcess
GetCurrentProcessId
OpenProcess
SetEndOfFile
Sleep
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
CreateProcessA
GetACP
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
MapViewOfFile
GetFileInformationByHandle
OutputDebugStringA
SetFilePointer
GetFileSize
WriteFile
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
CopyFileA
GetFileAttributesA
GetTempFileNameA
GetTempPathA
FormatMessageA
QueryPerformanceFrequency
QueryPerformanceCounter
FindNextFileA
FindFirstFileA
FindClose
MoveFileA
MultiByteToWideChar
GetModuleFileNameW
lstrlenA
RaiseException
GetCommandLineA
GetModuleFileNameA
SetThreadLocale
WideCharToMultiByte
GetVersionExA
MapViewOfFileEx
DeleteFileA
CreateDirectoryA
FindResourceW
LoadLibraryA
OpenFileMappingA
CreateFileMappingA
CreateMutexA
UnmapViewOfFile
SizeofResource
LoadResource
WaitForSingleObject
ReleaseMutex
GetLastError
GetProcAddress
LockResource
CreateFileA
CloseHandle
ReadFile
CompareStringW
WriteConsoleW

user32

LoadCursorW
WindowFromPoint
DestroyIcon
DeleteMenu
SetRectEmpty
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
KillTimer
SetTimer
WaitMessage
CharUpperA
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetCapture
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
GetNextDlgGroupItem
CheckDlgButton
MoveWindow
ShowWindow
OffsetRect
CharNextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
EqualRect
GetUpdateRect
IsClipboardFormatAvailable
EnumDisplayMonitors
EnableWindow
SendMessageA
IsIconic
GetSystemMetrics
DrawIcon
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
MessageBeep
TrackMouseEvent
LoadImageW
CreatePopupMenu
GetMenuDefaultItem
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
LoadImageA
UnpackDDElParam
ReuseDDElParam
EndPaint
BeginPaint
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyA
GetKeyNameTextA
SendDlgItemMessageA
GetClientRect
LoadIconW
RegisterWindowMessageA
PostMessageA
PostQuitMessage
UnregisterClassA
PostThreadMessageA
GetAsyncKeyState
ReleaseCapture
GetWindowRect
GetCursorPos
PtInRect
wsprintfA
FindWindowW
FlashWindow
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
CharUpperBuffA
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
SetLayeredWindowAttributes
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar

gdi32

ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectA
GetTextExtentPoint32A
Escape
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExA
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateDCA
CopyMetaFileA
GetTextColor
GetStockObject
GetDeviceCaps
GetBkColor
GetObjectA
SetTextColor
SetBkColor
GetTextMetricsA
GetLayout
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
AssocQueryStringA
PathStripToRootA
UrlUnescapeA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA

uxtheme

DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetWindowTheme
GetThemeSysColor
DrawThemeText

ole32

OleFlushClipboard
OleCreateMenuDescriptor
OleLockRunning
OleDestroyMenuDescriptor
OleTranslateAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CoRegisterMessageFilter
OleIsCurrentClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CreateBindCtx
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CoCreateInstance
IsAccelerator

oleaut32

SysAllocStringByteLen
OleCreateFontIndirect
DispCallFunc
LoadRegTypeLi
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayCreate
SafeArrayDestroy
SysStringLen
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
VarBstrFromDate
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

ord8

urlmon

CreateURLMoniker
CreateAsyncBindCtx
RegisterBindStatusCallback

ws2_32

gethostbyname
socket
sendto
send
select
recvfrom
recv
WSAAsyncSelect
inet_addr
htons
htonl
connect
closesocket
bind
accept
WSAGetLastError
WSAStartup
WSACleanup
WSASetLastError

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

FtpDeleteFileA
FtpPutFileA
InternetSetStatusCallback
InternetSetOptionA
InternetConnectA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetGetLastResponseInfoA

gdiplus

GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 417KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0de672929b721bd58c8324142a774839

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

urlmon

ws2_32

version

oleacc

wininet

gdiplus

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 417KB - Virtual size: 416KB

.data Size: 38KB - Virtual size: 123KB

.rsrc Size: 2.3MB - Virtual size: 2.3MB

.reloc Size: 162KB - Virtual size: 161KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 417KB - Virtual size: 416KB

.data
Size: 38KB - Virtual size: 123KB

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

.reloc
Size: 162KB - Virtual size: 161KB