328e753621cc42560621cbc9353731eeda0fac198463dcb6c736652be927048d

Sharing

Copy URL Twitter E-mail

General

Target

328e753621cc42560621cbc9353731eeda0fac198463dcb6c736652be927048d
Size

5.0MB
MD5

dc41cc73cb6fb54fe1d4657e2bc2913e
SHA1

22bf31bf7d931aed4c0a6f43f5296464ce939154
SHA256

328e753621cc42560621cbc9353731eeda0fac198463dcb6c736652be927048d
SHA512

aa0c7c3d6ea721809465eeb850f887fe8ae0a423669c8c644b66ae26b9ff7dbd0eefee4976a1ffe631fa20fc62fd29b8608aed000b8a07ea332ac27271f0be3b
SSDEEP

98304:zs+kD04KTPOFvjXwM/+o0nT7tG2i6hYJK2Le4gzvK6nQQE7YVwh08Gc9kK0i:o+qblGjhYJKye4gzvZnQQE7YVwh0lUk5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
328e753621cc42560621cbc9353731eeda0fac198463dcb6c736652be927048d

Files

328e753621cc42560621cbc9353731eeda0fac198463dcb6c736652be927048d
.exe windows:6 windows x86

24bc437bfade0f050580581788759071

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
GlobalGetAtomNameW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
VerSetConditionMask
VerifyVersionInfoW
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
SetErrorMode
GetCurrentDirectoryW
FindResourceExW
GetWindowsDirectoryW
GetTempFileNameW
GetTempPathW
SearchPathW
GetProfileIntW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
GetSystemTimeAsFileTime
InitializeSListHead
GlobalHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetDriveTypeW
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
ExitProcess
HeapQueryInformation
GetFileType
SetStdHandle
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetVersionExW
ResumeThread
SuspendThread
SetThreadPriority
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
GlobalFindAtomW
LoadLibraryA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeResource
GetSystemDirectoryW
EncodePointer
SetLastError
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolWork
WaitForThreadpoolWorkCallbacks
SubmitThreadpoolWork
CreateThreadpoolWork
CloseThreadpoolCleanupGroup
CloseThreadpool
QueryThreadpoolStackInformation
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
CreateThreadpoolCleanupGroup
CreateThreadpool
QueryPerformanceCounter
SetThreadAffinityMask
GetCurrentThread
QueryPerformanceFrequency
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
GetTickCount64
GetLocaleInfoA
SetCurrentDirectoryW
IsDebuggerPresent
GetCurrentProcess
GetCurrentProcessId
lstrcmpiA
CreateMutexW
GetSystemDefaultLCID
GlobalAddAtomW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
LocalAlloc
lstrcmpA
lstrcatW
CreateDirectoryW
WritePrivateProfileStringW
ReleaseMutex
OpenMutexW
CreateProcessW
GetStartupInfoW
CreatePipe
DisconnectNamedPipe
CreateThread
ConnectNamedPipe
CreateNamedPipeW
Sleep
lstrcpynW
FileTimeToSystemTime
GetFileTime
lstrcmpW
FormatMessageW
GetACP
CopyFileW
GetModuleHandleW
RemoveDirectoryW
DeleteFileW
GetModuleFileNameW
GetDefaultCommConfigW
WaitNamedPipeW
MultiByteToWideChar
SystemTimeToFileTime
GetLocalTime
WaitForMultipleObjects
OutputDebugStringW
WaitForSingleObject
GetPrivateProfileIntW
SetEvent
GetTickCount
GetPrivateProfileStringW
lstrcpynA
lstrlenW
WriteConsoleW
GetStdHandle
CloseHandle
CreateFileW
CreateEventW
ReadFile
GetOverlappedResult
GetLastError
WriteFile
ResetEvent
lstrlenA
GetCurrentThreadId
lstrcmpiW
lstrcpyA
InitializeCriticalSection
WideCharToMultiByte
OutputDebugStringA
lstrcpyW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
SizeofResource

user32

RegisterClipboardFormatW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
MapVirtualKeyW
GetKeyNameTextW
TranslateMessage
GetMessageW
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
WaitMessage
CharUpperW
InvalidateRect
DrawStateW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetWindowThreadProcessId
OffsetRect
SetRectEmpty
SendDlgItemMessageA
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
ShowOwnedPopups
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
TranslateAcceleratorW
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
InsertMenuItemW
UnpackDDElParam
SendMessageW
EnableWindow
GetFocus
GetClientRect
DrawTextW
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
SetCursor
GetSysColorBrush
LoadCursorW
CopyImage
RealChildWindowFromPoint
GetAsyncKeyState
TrackMouseEvent
DestroyIcon
SetLayeredWindowAttributes
EnumDisplayMonitors
IntersectRect
IsZoomed
SetCapture
ReleaseCapture
DeleteMenu
RegisterWindowMessageW
GetParent
SetWindowRgn
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
SetRect
BringWindowToTop
GetClassLongW
LoadAcceleratorsW
RedrawWindow
FillRect
TabbedTextOutW
DrawTextExW
GrayStringW
MessageBoxW
ModifyMenuW
GetSubMenu
GetMenuItemCount
PostMessageW
GetClassInfoW
RegisterClassW
FindWindowW
GetWindowPlacement
SetWindowPlacement
SetWindowPos
SetForegroundWindow
LoadIconW
GetSystemMenu
AppendMenuW
GetWindowRect
LoadMenuW
SetTimer
IsIconic
GetSystemMetrics
DrawIcon
LoadBitmapW
GetCursorPos
IsWindowVisible
EnableMenuItem
KillTimer
SetCursorPos
FindWindowExW
LoadImageW
AnimateWindow
UnregisterClassW
GetMenuStringW
GetMenuState
GetMenuItemID
ReuseDDElParam
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageW
InsertMenuW
RemoveMenu
DrawFocusRect
DrawIconEx
GetIconInfo
HideCaret
InvertRect
SetClassLongW
SetParent
GetWindowRgn
DestroyCursor
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
GetDoubleClickTime
MapVirtualKeyExW
IsCharLowerW
GetComboBoxInfo
CharUpperBuffW
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
FrameRect
CopyIcon
DrawFrameControl
DrawEdge
EmptyClipboard
SetClipboardData
CloseClipboard
SetScrollPos
OpenClipboard

gdi32

GetObjectW
CreateBitmap
GetStockObject
CreateHatchBrush
CreatePen
CreateRectRgn
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
SetTextColor
GetTextExtentPoint32W
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
LPtoDP
OffsetRgn
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
Rectangle
CreatePatternBrush
SetBitmapDimensionEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteDC
DeleteObject
CreateSolidBrush
SelectObject
BitBlt
CreateCompatibleBitmap
CreateFontIndirectW
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

SystemFunction036
RegEnumValueW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shell32

Shell_NotifyIconW
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

StrChrIA
StrCpyW
ord153
StrRChrW
StrToIntW
PathFindExtensionW
StrCmpIW
StrTrimA
StrToIntA
PathIsUNCW
PathStripToRootW
PathFindFileNameW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemePartSize
IsThemeBackgroundPartiallyTransparent

ole32

DoDragDrop
CoInitializeEx
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

oleaut32

SysAllocString
LoadTypeLi
SysStringLen
SafeArrayDestroy
VariantChangeType
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
VarDateFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCloneImage
GdipBitmapUnlockBits

ws2_32

WSAAsyncSelect
WSASetLastError
WSACleanup
WSAStartup
socket
sendto
send
select
recvfrom
recv
ntohs
inet_ntoa
inet_addr
htons
htonl
getsockname
getpeername
connect
closesocket
bind
accept
WSAGetLastError
listen

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

dbghelp

MakeSureDirectoryPathExists

netapi32

Netbios

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24bc437bfade0f050580581788759071

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

version

dbghelp

netapi32

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 470KB - Virtual size: 470KB

.data Size: 26KB - Virtual size: 57KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 145KB - Virtual size: 144KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 470KB - Virtual size: 470KB

.data
Size: 26KB - Virtual size: 57KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 145KB - Virtual size: 144KB