b861d12f6886b7e57a7b48c58876b8a7365d45085403cf93127d741aab1c55d5

Sharing

Copy URL Twitter E-mail

General

Target

b861d12f6886b7e57a7b48c58876b8a7365d45085403cf93127d741aab1c55d5
Size

10.3MB
MD5

ddfa689e999a95b646db1c97d4598dcf
SHA1

37887774aaa83bc606c78661e2dd91239523a5cf
SHA256

b861d12f6886b7e57a7b48c58876b8a7365d45085403cf93127d741aab1c55d5
SHA512

ea25b2830814c7113326b447cee5d2530d96239ca7901f46bd4c5b6f819740dcc91eb0bdd0cdfc10cbc8605ca15656bab77a81e700bb983ef0ad2cfa9a98bc8d
SSDEEP

196608:6L8Et/0DWm/YfNj0/UiuhfvDOOtNmUrRacUWuh7l:Mtc6m/pUiuhfTtNmUrR9UWuh7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b861d12f6886b7e57a7b48c58876b8a7365d45085403cf93127d741aab1c55d5

Files

b861d12f6886b7e57a7b48c58876b8a7365d45085403cf93127d741aab1c55d5
.exe windows:5 windows x86

2c8ff7059dee895d83c6e365f9dd6177

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableA
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetOEMCP
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
GetDriveTypeW
GetFullPathNameA
GetFileInformationByHandle
FindFirstFileExA
GetDriveTypeA
ExpandEnvironmentStringsA
LoadLibraryA
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
VerifyVersionInfoA
SleepEx
InterlockedCompareExchange
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
GetEnvironmentStringsW
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapQueryInformation
HeapSize
RaiseException
RtlUnwind
MoveFileA
ExitProcess
ExitThread
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
GetStartupInfoW
HeapSetInformation
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetUserDefaultLCID
GlobalFlags
SetErrorMode
GlobalGetAtomNameW
TlsFree
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
GetPrivateProfileStringW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
lstrcmpW
GetCurrentThreadId
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
ActivateActCtx
DeactivateActCtx
GetThreadLocale
CopyFileW
SetProcessWorkingSetSize
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetFileAttributesW
SystemTimeToFileTime
SetFilePointer
GetTickCount
lstrcpyW
HeapReAlloc
LocalUnlock
LocalSize
LocalReAlloc
LocalLock
HeapAlloc
GetProcessHeap
HeapFree
OutputDebugStringW
lstrcatW
GlobalSize
DuplicateHandle
GetCommandLineW
GetModuleHandleExW
AssignProcessToJobObject
GetCurrentProcess
CreateProcessW
FlushFileBuffers
WriteFile
CreateFileA
GetLocalTime
SetLastError
FileTimeToSystemTime
LocalFree
GetCurrentProcessId
lstrcmpiW
LocalAlloc
GetProcAddress
VerifyVersionInfoW
MultiByteToWideChar
TerminateProcess
lstrcpynW
LoadLibraryW
OpenProcess
VerSetConditionMask
FreeLibrary
lstrlenA
GetTempFileNameW
GetTempPathW
ReadFile
GetFileSize
DeleteFileW
ResumeThread
MulDiv
TerminateThread
Sleep
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
GetModuleFileNameA
WideCharToMultiByte
lstrlenW
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleFileNameW
FormatMessageW
GetLastError
GetFileTime
CreateFileW
InterlockedExchange
SizeofResource
WaitForSingleObject
ResetEvent
CreateThread
CloseHandle
SetEvent
CreateEventW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
UnhandledExceptionFilter

user32

IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClassInfoExW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
GetMenu
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetWindowDC
GrayStringW
DrawTextExW
GetLastActivePopup
MessageBoxW
SetActiveWindow
CreateDialogIndirectParamW
GetDlgItem
GetNextDlgTabItem
EndDialog
LoadBitmapW
UpdateWindow
DrawStateW
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
GetMenuState
AppendMenuW
GetMenuItemID
InsertMenuW
RemoveMenu
GetIconInfo
DestroyCursor
TabbedTextOutW
GetMenuStringW
GetMenuItemCount
IsMenu
DestroyMenu
EndMenu
TrackPopupMenu
GetSubMenu
GetFocus
RedrawWindow
GetKeyState
SetClipboardData
EmptyClipboard
CloseClipboard
WinHelpW
OpenClipboard
CharLowerBuffW
CharUpperBuffW
PtInRect
SetWindowRgn
SystemParametersInfoW
DrawTextW
GetPropW
MapWindowPoints
NotifyWinEvent
TranslateMessage
GetMessageW
GetMonitorInfoW
MonitorFromPoint
SubtractRect
UnionRect
OffsetRect
InflateRect
EqualRect
IsRectEmpty
SetRectEmpty
GetCursorPos
GetDesktopWindow
GetParent
GetCaretBlinkTime
ShowCaret
SetCaretPos
HideCaret
DestroyCaret
GetAsyncKeyState
EnableScrollBar
CreatePopupMenu
GetMenuItemInfoW
CreateCaret
ReleaseCapture
SetMenuDefaultItem
GetMenuDefaultItem
CopyAcceleratorTableW
InvalidateRgn
TranslateAcceleratorW
SetCapture
IntersectRect
CallWindowProcW
ScreenToClient
SetCursor
SetFocus
GetClassNameW
GetCapture
IsWindowEnabled
GetActiveWindow
RemovePropW
GetClassLongW
SetClassLongW
SetPropW
DestroyWindow
UpdateLayeredWindow
GetWindowRect
LoadImageW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
ValidateRect
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
UnregisterClassW
IsZoomed
GetWindowRgn
IsWindowVisible
GetWindowThreadProcessId
GetWindow
SetWindowPos
KillTimer
IsWindow
ClientToScreen
PostQuitMessage
SetTimer
IsDialogMessageW
SetWindowTextW
LoadMenuW
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
GetSysColorBrush
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
DeleteMenu
GetSystemMenu
WindowFromPoint
GetClipboardData
MessageBeep
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
CreateMenu
TranslateMDISysAccel
DrawMenuBar
PostMessageW
EnableWindow
DefWindowProcW
LoadCursorW
RegisterClassExW
LoadIconW
wsprintfW
SendMessageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
InvalidateRect
SetRect
GetDC
ReleaseDC
FillRect
GetSysColor
CopyRect
SetWindowLongW
GetWindowLongW
GetClassInfoW
RegisterClassW
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CopyIcon
FrameRect
RegisterClipboardFormatW
CopyImage
InvertRect
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
CreateWindowExW
MoveWindow
ShowWindow
BeginPaint
EndPaint
DrawEdge
DrawIconEx
DestroyAcceleratorTable
SetParent
GetNextDlgGroupItem
WaitMessage
CharNextW
UnpackDDElParam
ReuseDDElParam
DispatchMessageW
DestroyIcon

gdi32

RestoreDC
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SelectPalette
GetObjectType
CreatePen
SaveDC
CreateHatchBrush
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateFontIndirectW
GetMapMode
CreateDIBitmap
CreateDCW
GetTextCharsetInfo
GetRgnBox
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
PatBlt
CreateRectRgnIndirect
TextOutW
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetCurrentObject
GetViewportOrgEx
SetBkColor
SetTextColor
SetBkMode
GetClipBox
EnumFontsW
GetObjectW
SelectClipRgn
CreateDIBSection
PtInRegion
CreateRectRgn
GetStockObject
CopyMetaFileW
ExtCreateRegion
GetRegionData
CreateRoundRectRgn
CreateFontW
CombineRgn
SetRectRgn
GetTextColor
GetBkColor
GetBkMode
CreatePatternBrush
EnumFontFamiliesW
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
SelectObject
SetViewportOrgEx
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt
GradientFill

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

CryptCreateHash
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptEncrypt
CryptDestroyKey
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
CreateProcessAsUserW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
CryptHashData

shell32

ShellExecuteW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHAppBarMessage
SHCreateDirectoryExW

comctl32

ImageList_GetIconSize
_TrackMouseEvent
ord17
InitCommonControlsEx

shlwapi

PathCanonicalizeW
StrCpyW
PathRemoveFileSpecW
PathFileExistsW
PathRemoveFileSpecA
PathAppendA
PathAppendW
PathFindFileNameW
StrToIntExA
PathStripToRootW
PathIsUNCW
PathFindExtensionW

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoInitialize
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoUninitialize
CLSIDFromString
CoCreateGuid
OleDraw
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromGUID2
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance

oleaut32

OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantClear
SysFreeString
VarBstrFromDate
LoadTypeLi
DispGetIDsOfNames
VariantInit
VariantChangeType
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy

oledlg

OleUIBusyW

gdiplus

GdipSetSmoothingMode
GdipFillPieI
GdipDeleteGraphics
GdipLoadImageFromStream
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipDisposeImage
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipFillRectangle
GdipCreatePen1
GdipDeletePen
GdipSetPenDashStyle
GdipDrawRectangle
GdipDrawLinesI
GdipSetInterpolationMode
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipCloneBrush
GdipFree
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW
mciSendCommandW

ws2_32

gethostname
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
getpeername
getsockopt
bind
ntohs
getsockname
WSAIoctl
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSACleanup
closesocket
recv
send
setsockopt
connect
htons
socket
gethostbyname
WSAStartup
ioctlsocket

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

wldap32

ord35
ord32
ord200
ord33
ord26
ord50
ord60
ord143
ord211
ord22
ord301
ord27
ord41
ord46
ord30
ord79

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7.8MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c8ff7059dee895d83c6e365f9dd6177

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

imm32

winmm

ws2_32

userenv

oleacc

wldap32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 400KB - Virtual size: 399KB

.data Size: 7.8MB - Virtual size: 7.9MB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 232KB - Virtual size: 232KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 400KB - Virtual size: 399KB

.data
Size: 7.8MB - Virtual size: 7.9MB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 232KB - Virtual size: 232KB