cfd323a3f664e37ee783a09dd52730cc1624f8a3377f83ff5fa2cd5bccca58a8

Sharing

Copy URL

Twitter E-mail

General

Target

cfd323a3f664e37ee783a09dd52730cc1624f8a3377f83ff5fa2cd5bccca58a8
Size

740KB
MD5

f25bcec0e8580d66fc28108494956c7b
SHA1

635eb7be5830d31074d855c8de4ac7bab0b9eb1c
SHA256

cfd323a3f664e37ee783a09dd52730cc1624f8a3377f83ff5fa2cd5bccca58a8
SHA512

6d2e754976cefa8e28c89a7a095d002e431b5847b18297892f47894f99be9d3c641058fcc4702a62fa04cbd15c663fa5d3aaf8ec5ad7c26a08aeb70804c65099
SSDEEP

12288:UqmW+HdBDaMPUusjg2zqEVoX5JY3uZrvp:gBD2usjg2qEVsrvp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfd323a3f664e37ee783a09dd52730cc1624f8a3377f83ff5fa2cd5bccca58a8

Files

cfd323a3f664e37ee783a09dd52730cc1624f8a3377f83ff5fa2cd5bccca58a8
.exe windows:4 windows x86

a0577b90df3d85841101c8212ea98678

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
CreateThread
ExitThread
GetStartupInfoA
HeapFree
TerminateProcess
HeapSize
GetACP
GetTimeZoneInformation
GetSystemTime
GetLocalTime
FatalAppExitA
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
RtlUnwind
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
LCMapStringA
LCMapStringW
IsBadWritePtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
CopyFileA
GlobalSize
SetFileAttributesA
GetProfileStringA
InterlockedExchange
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
GetShortPathNameA
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetThreadLocale
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GetLastError
GlobalFlags
lstrcpynA
MulDiv
CreateEventA
SuspendThread
SetThreadPriority
SetEvent
GetModuleFileNameA
GlobalAlloc
lstrcmpA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetCurrentThread
TerminateThread
ResumeThread
CreateMutexA
SetLastError
ReleaseMutex
WaitForSingleObject
GetCommandLineA
ExitProcess
Sleep
IsBadReadPtr
VirtualAlloc
FreeLibrary
VirtualFree
HeapReAlloc
HeapAlloc
LoadLibraryA
GetProcAddress
GetProcessHeap
CreateFileA
WriteFile
GetFileType
CloseHandle

user32

ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
CharUpperA
RegisterClipboardFormatA
RemoveMenu
PostThreadMessageA
DestroyIcon
CharToOemA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetDC
ReleaseDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
SetMenu
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
CopyAcceleratorTableA
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetNextDlgGroupItem
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
LoadIconA
GetFocus
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
ClientToScreen
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GetTopWindow
MessageBeep
IsWindowEnabled
GetParent
PostMessageA
IsWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
MessageBoxA
EnableWindow
DrawFocusRect
DefDlgProcA
IsWindowUnicode
AppendMenuA
GetSystemMenu
CharNextA
GetMenuStringA
DeleteMenu
InsertMenuA
WindowFromPoint
GetWindowThreadProcessId
WaitMessage
ReleaseCapture
SetCapture
InflateRect
GetSysColorBrush
LoadCursorA
GetDialogBaseUnits
GetDesktopWindow
PtInRect
GetClassNameA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
OemToCharA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
GetPropA
SetRect
ShowOwnedPopups
PostQuitMessage
DestroyMenu
LoadStringA
GetMenuItemCount
wvsprintfA

gdi32

ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
SetViewportExtEx
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextColor
GetBkColor
LPtoDP
CopyMetaFileA
CreateDCA
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetObjectType
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
GetDCOrgEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegCloseKey
RegQueryValueA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
ExtractIconA

comctl32

ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write

oledlg

ord8

ole32

CoTaskMemAlloc
CoCreateInstance
OleRun
CoDisconnectObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleDuplicateData
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
CoTaskMemFree
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
ReadFmtUserTypeStg
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
LoadTypeLi
VariantCopy

ws2_32

send
sendto
__WSAFDIsSet
select
recv
recvfrom
connect
socket
setsockopt
bind
listen
getpeername
getsockname
shutdown
closesocket
accept
gethostname
inet_addr
gethostbyname
ntohl
getservbyname
htonl
htons
WSAStartup
WSACleanup
ntohs

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0577b90df3d85841101c8212ea98678

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 76KB - Virtual size: 91KB

.rsrc Size: 292KB - Virtual size: 289KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 76KB - Virtual size: 91KB

.rsrc
Size: 292KB - Virtual size: 289KB