355340f6a1fd213aa07c80a2bb4fc797462edab8c41cffeb02c3653bdbcf91ae

Sharing

Copy URL Twitter E-mail

General

Target

355340f6a1fd213aa07c80a2bb4fc797462edab8c41cffeb02c3653bdbcf91ae
Size

1.6MB
MD5

d9fcef489d8a59c16b4717b043a652a8
SHA1

54a2714e6b80fbe6a48ce614ca38530b47ef271a
SHA256

355340f6a1fd213aa07c80a2bb4fc797462edab8c41cffeb02c3653bdbcf91ae
SHA512

f96b64f8f329b83eaf8050c48d14ae15c51ef699c93f9f632bc21dc3a7dd278c957e1abcd49821aeed1d27af3a6817e382caad53e901966179aede1991512457
SSDEEP

24576:mUJkIRpEiAK6kmvaDpk/gcRiX5wp4tR5fpEs+aKODM8s/cyYdlUhc+umJ:mUJ7RqKwRgcRiXWGtfIODMbc5dlUJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
355340f6a1fd213aa07c80a2bb4fc797462edab8c41cffeb02c3653bdbcf91ae

Files

355340f6a1fd213aa07c80a2bb4fc797462edab8c41cffeb02c3653bdbcf91ae
.exe windows:4 windows x86

d1b9d17958465281d5bfcc842f569ea9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
ExitThread
HeapReAlloc
HeapSize
FatalAppExitA
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
Sleep
HeapFree
HeapAlloc
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetTimeZoneInformation
RaiseException
RtlUnwind
GetCurrentDirectoryA
GetPrivateProfileIntA
SetErrorMode
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GlobalSize
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GetProfileStringA
FreeResource
LocalLock
LocalUnlock
LoadLibraryExA
lstrlenA
OpenMutexA
GetLastError
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
MultiByteToWideChar
InterlockedIncrement
FindClose
FindFirstFileA
InterlockedDecrement
CreateFileA
GetFileSize
SetFilePointer
ReadFile
LocalFree
FormatMessageA
WriteFile
SetEndOfFile
FlushFileBuffers
LoadLibraryA
GetProcAddress
LocalAlloc
OutputDebugStringA
GetModuleFileNameA
GetCurrentProcessId
CancelIo
GetCurrencyFormatA
CreateEventA
SetEvent
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
SetPriorityClass
GetThreadPriority
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
GetProcessVersion
SuspendThread
ResumeThread
GlobalAlloc
lstrcmpA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
UnlockFile
LockFile
DuplicateHandle
lstrlenW
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
SetSystemTime
SetLastError
GetSystemTime
GlobalMemoryStatus
GetSystemInfo
GetComputerNameA
WideCharToMultiByte
MoveFileA
CopyFileA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
TerminateThread
CreateThread
ReleaseSemaphore
CreateSemaphoreA
GetCurrentThreadId
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteFileA
GetFileAttributesA
FindNextFileA
GetCurrentProcess
GetPriorityClass
GetCurrentThread
lstrcpyA

user32

SetRect
CopyAcceleratorTableA
CharNextA
DeleteMenu
ReleaseCapture
SetCapture
RemoveMenu
GetMenuStringA
AppendMenuA
InsertMenuA
DestroyMenu
GetDialogBaseUnits
GetDesktopWindow
PtInRect
GetClassNameA
GetSysColorBrush
LoadCursorA
LoadStringA
RegisterClipboardFormatA
WaitMessage
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
SetCursor
ShowOwnedPopups
PostQuitMessage
CharUpperA
GetCursorPos
WindowFromPoint
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetDC
ReleaseDC
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
GetNextDlgGroupItem
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
wsprintfA
EnableWindow
BringWindowToTop
SendMessageA
DestroyIcon
GetClientRect
SetTimer
KillTimer
CheckDlgButton
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
MessageBeep
PostThreadMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
IsChild
InflateRect
GetParent
RedrawWindow
LoadImageA
InvalidateRect
GetTopWindow
SetMenu
ReuseDDElParam
SetWindowTextA
UnpackDDElParam
LoadBitmapA
GetSystemMetrics
DrawIcon
IsIconic
LoadIconA
EnumWindows
GetWindowTextA
CharLowerW
CharToOemA
OemToCharA
IsWindowEnabled
GetDlgItem
GetWindowLongA
DestroyWindow
CreateDialogIndirectParamA
InvertRect
SetParent
UnregisterClassA
GetDCEx
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
CreatePopupMenu
GetWindowThreadProcessId
CreateMenu
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
DrawEdge
DrawIconEx
GetMenuItemInfoA
DrawFrameControl
MessageBoxExA
DialogBoxIndirectParamA
GetSystemMenu
DrawFocusRect
DrawStateA
GetIconInfo
CreateIconIndirect
IsMenu
DestroyCursor
LockWindowUpdate
FrameRect
FillRect
IsRectEmpty
IsWindow
SetActiveWindow
GetActiveWindow
EndDialog
GetNextDlgTabItem

gdi32

SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
SetTextAlign
Escape
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
LPtoDP
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
RestoreDC
SaveDC
StartDocA
DeleteDC
DeleteObject
GetObjectA
BitBlt
GetCurrentObject
CreateCompatibleBitmap
SetPixel
GetPixel
Rectangle
GetTextExtentPoint32W
GetBkMode
CreateDIBSection
Ellipse
GetTextExtentPointA
CreateDIBitmap
StretchDIBits
GetCharWidthA
CreateFontA
CreateCompatibleDC
SelectObject
StretchBlt
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
CreateRectRgnIndirect
PatBlt
ExtTextOutA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegCreateKeyA
LookupPrivilegeValueA

shell32

ShellExecuteExA
SHBrowseForFolderA
SHGetMalloc
ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
SHGetPathFromIDListA

comctl32

ImageList_Destroy
ord14
ImageList_Create
ord17
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_AddMasked
ImageList_DrawIndirect
ord13
ImageList_GetIcon
ImageList_Duplicate

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoUninitialize
CoInitialize
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoDisconnectObject
CreateStreamOnHGlobal

olepro32

ord253
ord251

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VariantCopy
VariantChangeType
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCreate
SysAllocString
CreateErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
SysReAllocStringLen
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
GetErrorInfo
SetErrorInfo
SysFreeString

ws2_32

getpeername
getsockname
accept
WSAAsyncSelect
WSAStartup
WSACleanup
ntohs
__WSAFDIsSet
WSAAccept
WSACreateEvent
WSAEventSelect
listen
recvfrom
recv
select
WSASetLastError
inet_addr
connect
ioctlsocket
setsockopt
closesocket
socket
htons
bind
gethostname
gethostbyname
inet_ntoa
htonl
ntohl
WSAGetLastError
sendto
WSAWaitForMultipleEvents
send
WSAEnumNetworkEvents

winmm

timeKillEvent
PlaySoundA
timeSetEvent

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1b9d17958465281d5bfcc842f569ea9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 104KB - Virtual size: 257KB

_BSS Size: 4KB - Virtual size: 4KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 104KB - Virtual size: 257KB

_BSS
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 40KB - Virtual size: 40KB