8d8f5c41ad1ebd391afbe52f9bfac8add7050871b7db64512ddd8e161dea1c7d

Sharing

Copy URL Twitter E-mail

General

Target

8d8f5c41ad1ebd391afbe52f9bfac8add7050871b7db64512ddd8e161dea1c7d
Size

6.4MB
MD5

92f898518c86459639aa52493ee0ee29
SHA1

c8d4be1f2fa7bd44ec0e748cf69474d273562302
SHA256

8d8f5c41ad1ebd391afbe52f9bfac8add7050871b7db64512ddd8e161dea1c7d
SHA512

0d09d13812949e54368c8af4b43dcf7303813109cb18a74a5c385aa4c12613be458c4a7a1eedc64543bf3a2429d75f22ba364c529dd550331403a76818a434b5
SSDEEP

196608:JpgjSuls9jV/wJ8qQd0r/QGQTHhXCI1pz+:Jsi9jZEpMw6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d8f5c41ad1ebd391afbe52f9bfac8add7050871b7db64512ddd8e161dea1c7d

Files

8d8f5c41ad1ebd391afbe52f9bfac8add7050871b7db64512ddd8e161dea1c7d
.exe windows:5 windows x86

13086df78b1aceb80f218d711750c561

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
GetWindowsDirectoryA
FreeLibrary
WinExec
GlobalMemoryStatusEx
GetSystemInfo
DeleteFileA
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
FindFirstFileA
FindClose
Sleep
CreateFileA
WriteFile
GetModuleFileNameA
lstrcpyA
lstrcatA
WritePrivateProfileStringA
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
lstrlenW
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
FindResourceA
FreeResource
GetCPInfo
lstrlenA
lstrcmpiA
FindResourceW
LoadResource
LockResource
SizeofResource
GetDriveTypeW
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
SetEnvironmentVariableA
GetProcessHeap
CreateFileW
WriteConsoleW
GetTimeZoneInformation
CompareStringW
GetStringTypeW
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
LCMapStringW
IsValidCodePage
TerminateProcess
WideCharToMultiByte
MultiByteToWideChar
GetVersion
GetVersionExA
lstrcmpW
LoadLibraryW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
MulDiv
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
SetThreadPriority
ResumeThread
WaitForSingleObject
lstrcmpA
GetCurrentProcessId
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
GetPrivateProfileStringA
GlobalFlags
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetOEMCP
GetACP
FileTimeToSystemTime
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetNumberFormatA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
InitializeCriticalSectionAndSpinCount
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
HeapFree
HeapAlloc
RtlUnwind
EncodePointer
DecodePointer
ExitProcess
RaiseException
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
VirtualQuery
ExitThread
CreateThread
HeapReAlloc
HeapSize
HeapQueryInformation
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
IsProcessorFeaturePresent
HeapCreate
GetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
LoadIconW
RegisterWindowMessageA
GetCursorPos
CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
ValidateRect
TranslateMessage
GetMessageA
BeginPaint
EndPaint
GetWindowThreadProcessId
GetKeyNameTextA
MapVirtualKeyA
IntersectRect
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
ShowOwnedPopups
RealChildWindowFromPoint
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
IsIconic
LoadAcceleratorsA
ReleaseCapture
GetKeyState
ReuseDDElParam
UnpackDDElParam
IsRectEmpty
GetSystemMenu
SetParent
UnregisterClassA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
CharUpperA
UnionRect
RedrawWindow
GetMenuDefaultItem
SetCapture
GetAsyncKeyState
InvertRect
HideCaret
EnableScrollBar
NotifyWinEvent
CopyImage
GetNextDlgGroupItem
LockWindowUpdate
IsZoomed
DestroyAcceleratorTable
SetClassLongA
GetMessageTime
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
MonitorFromPoint
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
SetMenuDefaultItem
IsClipboardFormatAvailable
GetUpdateRect
RegisterClipboardFormatA
CharUpperBuffA
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
GetWindowRgn
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
CheckMenuItem
SetRectEmpty
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
InsertMenuA
ModifyMenuA
RemoveMenu
GetDC
ReleaseDC
GetDesktopWindow
EnableWindow
GetSysColor
GetSysColorBrush
TabbedTextOutA
DrawTextA
GetMenuStringA
DestroyMenu
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
LoadMenuW
TrackPopupMenu
DrawEdge
FillRect
LoadBitmapW
CopyRect
SetRect
LoadMenuA
wsprintfA
SetWindowLongA
LoadCursorA
CopyIcon
MessageBeep
IsWindow
GetMessagePos
KillTimer
SetTimer
ScreenToClient
PtInRect
EnableMenuItem
DestroyCursor
SetCursor
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
SendMessageA
DrawFocusRect
FrameRect
OffsetRect
InflateRect
GetIconInfo
CreateIconIndirect
DrawStateA
IsMenu
LoadImageA
InvalidateRect
GetClientRect
GetWindowRect
PostMessageA
GetWindowDC
SetWindowRgn
GetMenuItemInfoA
GetSystemMetrics
SystemParametersInfoA
DrawTextExA
GrayStringA
DestroyIcon
DrawIconEx
GetDlgCtrlID

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
GetWindowExtEx
GetTextFaceA
SetROP2
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
GetViewportExtEx
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
SetDIBColorTable
Polygon
Polyline
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
CreateRoundRectRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateCompatibleBitmap
GetObjectA
CreateCompatibleDC
GetDeviceCaps
GetBkMode
Ellipse
Rectangle
PatBlt
BitBlt
GetPixel
SetPixel
GetTextExtentPoint32A
DeleteObject
SelectObject
CreateDIBSection
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32W
GetDIBits
GetBkColor
StretchBlt
CombineRgn
CreateRectRgn
GetStockObject
SetTextColor
SetBkColor
CreateBitmap
RoundRect
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CreatePalette
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetTextMetricsA
DPtoLP
CopyMetaFileA
StretchDIBits
CreateFontA
LPtoDP
GetCharWidthA
GetObjectType
DeleteDC
SetRectRgn
CreateRectRgnIndirect

advapi32

RegSetValueExA
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
CryptImportKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegEnumKeyExA

shell32

SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
DragQueryFileA
ShellExecuteA
DragFinish
ShellExecuteExA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathStripPathA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

winmm

PlaySoundA

wldap32

ord41
ord27
ord301
ord33
ord46
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord79

ws2_32

WSAIoctl
getsockname
WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
ntohs
bind
htons
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
setsockopt
ntohl

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdiplusStartup
GdipGetImageGraphicsContext

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysFreeString
SysStringLen

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13086df78b1aceb80f218d711750c561

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msimg32

comctl32

shlwapi

winmm

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winspool.drv

comdlg32

ole32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 324KB - Virtual size: 323KB

.data Size: 23KB - Virtual size: 53KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 324KB - Virtual size: 323KB

.data
Size: 23KB - Virtual size: 53KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB