48aa9776ea677a5ce63bbc9fe8d4a93b733663209584be9a0028eaa8b530e5af

Sharing

Copy URL Twitter E-mail

General

Target

48aa9776ea677a5ce63bbc9fe8d4a93b733663209584be9a0028eaa8b530e5af
Size

11.2MB
MD5

a628320f60dec62944824f821b4a7bfa
SHA1

5309ae991bc4ea3b8670ea1746288603c213a40c
SHA256

48aa9776ea677a5ce63bbc9fe8d4a93b733663209584be9a0028eaa8b530e5af
SHA512

cd8f6d5915f0f336ab0ea8c6bf15ac04bf2c22712400da131f960e4e80eb312f5a9d6d98917569b4e8475ef201eaf51131dcc3713d1f9dfc7e8bffe3dc91b44c
SSDEEP

196608:kkfCLvwBL8YM3vEpl/5zVeeT83uFjj9OnBqCyVpwDDUgkJuWk/jxWvAdfk9QENk:kkfuvfYks38++yt9MjAvAqST

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48aa9776ea677a5ce63bbc9fe8d4a93b733663209584be9a0028eaa8b530e5af

Files

48aa9776ea677a5ce63bbc9fe8d4a93b733663209584be9a0028eaa8b530e5af
.exe windows:5 windows x86

05e84f69b2e8df9a9a61649562b1cab8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wintrust

CryptCATAdminReleaseCatalogContext
CryptCATAdminAcquireContext
WinVerifyTrust
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext

iphlpapi

GetAdaptersInfo

kernel32

GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStringTypeW
LCMapStringW
SetEnvironmentVariableA
CreateSemaphoreW
UnregisterWaitEx
InitializeSListHead
ReleaseSemaphore
CreateTimerQueue
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
FreeLibraryAndExitThread
GetThreadTimes
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
VirtualFree
GetEnvironmentStringsW
EnterCriticalSection
Sleep
FindFirstChangeNotificationW
WaitForSingleObject
FindNextChangeNotification
FindCloseChangeNotification
GetLastError
MultiByteToWideChar
CreateDirectoryW
GetModuleFileNameW
GetTempPathW
DeleteFileW
FindFirstFileW
FileTimeToSystemTime
FindNextFileW
FindClose
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
GetDiskFreeSpaceExW
SetThreadPriority
SetEvent
CreateFileW
CloseHandle
SystemTimeToFileTime
FileTimeToLocalFileTime
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetComputerNameW
GetDriveTypeW
GetVolumeInformationW
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
RaiseException
HeapSize
DecodePointer
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
GetVersionExW
GetTickCount
CreateEventW
WaitForMultipleObjects
GlobalSize
FreeResource
GetSystemInfo
SuspendThread
MoveFileW
GetCurrentThreadId
ResumeThread
FlushFileBuffers
GetFileSize
GetFullPathNameW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
OutputDebugStringA
DuplicateHandle
SetLastError
GetCurrentProcess
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryExW
lstrcmpiW
LoadLibraryA
LoadLibraryW
GetThreadLocale
LocalFree
MulDiv
FormatMessageW
CopyFileW
GetCurrentThread
FreeLibrary
GlobalDeleteAtom
lstrcmpA
lstrcmpW
GetCurrentProcessId
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
EncodePointer
GetSystemDirectoryW
GlobalFindAtomW
GetProfileIntW
LocalAlloc
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetErrorMode
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalGetAtomNameW
GetWindowsDirectoryW
GetTempFileNameW
lstrcpyW
VerSetConditionMask
VerifyVersionInfoW
SearchPathW
VirtualProtect
FindResourceExW
GetCommandLineW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetStdHandle
GetFileType
WriteConsoleW
CreateThread
ExitThread
RtlUnwind
VirtualAlloc
VirtualQuery
HeapQueryInformation
SetStdHandle
GetStartupInfoW
QueryPerformanceCounter
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

IntersectRect
IsRectEmpty
SetRect
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
GetSysColor
MapWindowPoints
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
UnhookWindowsHookEx
ShowOwnedPopups
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
MapDialogRect
RealChildWindowFromPoint
SetWindowPos
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
IsWindowEnabled
WaitMessage
PostQuitMessage
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
CreateMenu
GetMenuStringW
CharUpperW
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetActiveWindow
IsWindowVisible
PeekMessageW
InflateRect
GetWindow
MoveWindow
AdjustWindowRectEx
ClientToScreen
EndPaint
BeginPaint
RegisterClipboardFormatW
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SystemParametersInfoW
DrawFocusRect
SetParent
GetSystemMenu
ReuseDDElParam
GetMenuDefaultItem
GetKeyNameTextW
MapVirtualKeyW
ScreenToClient
GetCursorPos
ReleaseCapture
SetCapture
EnumDisplaySettingsW
IsWindow
GetDlgCtrlID
GetWindowTextW
GetClassNameW
DispatchMessageW
TranslateMessage
GetMessageW
EnumChildWindows
CreateCursor
DestroyCursor
EnumDisplayMonitors
GetDesktopWindow
GetSysColorBrush
WindowFromPoint
CopyImage
DeleteMenu
InvalidateRect
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SendDlgItemMessageA
DestroyIcon
DestroyMenu
GetMenuItemInfoW
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
SubtractRect
InsertMenuItemW
SetRectEmpty
LoadImageW
UnpackDDElParam
SetWindowContextHelpId
GetWindowRgn
GetUpdateRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyState
PtInRect
EqualRect
ShowWindow
BringWindowToTop
SetForegroundWindow
wsprintfW
LoadIconW
GetWindowLongW
GetKeyboardLayout
SetWindowLongW
GetClientRect
SendMessageW
SetTimer
IsIconic
GetSystemMetrics
DrawIcon
KillTimer
GetKeyboardState
ToUnicode
EnableWindow
UnionRect
OffsetRect
SetCursor
LoadCursorW
PostThreadMessageW
PostMessageW
UnregisterClassW
IsZoomed
GetComboBoxInfo
TrackMouseEvent
CopyRect
GetDC
ReleaseDC
GetWindowRect
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
SetLayeredWindowAttributes
LockWindowUpdate
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
GetMenuState
DrawIconEx

gdi32

SetEnhMetaFileBits
PlayEnhMetaFile
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetClipBox
SetWinMetaFileBits
GetTextFaceW
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
RoundRect
CreateRoundRectRgn
OffsetRgn
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetTextMetricsW
GetRgnBox
GetTextColor
GetBkColor
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectW
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
DeleteEnhMetaFile
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
SetTextColor
SetBkColor
CreateDCW
CopyMetaFileW
CreateBitmap
DeleteObject
GetTextExtentPointA
GetTextMetricsA
SelectObject
SetStretchBltMode
GetObjectW
GetDIBits
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateCompatibleDC
EndPage
StartPage
DeleteDC
GetDeviceCaps
StretchDIBits
StartDocW
EndDoc
CreateFontW
EnumFontFamiliesW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumValueW
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW
SHFileOperationW
DragQueryFileW
ShellExecuteA
DragAcceptFiles
SHGetPathFromIDListW
SHAppBarMessage
SHGetSpecialFolderLocation
DragFinish
SHGetFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathIsDirectoryW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText
IsAppThemed

ole32

CreateStreamOnHGlobal
IsAccelerator
StgOpenStorageOnILockBytes
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoGetClassObject
CoDisconnectObject
OleGetClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoInitializeEx
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid

oleaut32

oledlg

OleUIBusyW

ws2_32

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wininet

InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetQueryDataAvailable
HttpOpenRequestW
HttpSendRequestW
InternetOpenW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdiplusStartup
GdiplusShutdown
GdipSetPropertyItem
GdipGetPropertyItem
GdipGetPropertyIdList
GdipGetPropertyCount
GdipLoadImageFromStream
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipSaveImageToFile
GdipGetPropertyItemSize
GdipGetImageEncoders
GdipCreateBitmapFromFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipAlloc
GdipBitmapUnlockBits
GdipGetImageThumbnail
GdipRemovePropertyItem
GdipLoadImageFromFile
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipFree

libraw

?adobe_coeff@LibRaw@@UAEXPBD0H@Z
??0LibRaw@@QAE@I@Z
?open_file@LibRaw@@QAEHPBD_J@Z
?open_datastream@LibRaw@@UAEHPAVLibRaw_abstract_datastream@@@Z
?open_bayer@LibRaw@@UAEHPAEIGGGGGGEEIII@Z
?unpack@LibRaw@@QAEHXZ
?unpack_thumb@LibRaw@@QAEHXZ
?dcraw_process@LibRaw@@QAEHXZ
?dcraw_make_mem_image@LibRaw@@UAEPAUlibraw_processed_image_t@@PAH@Z
?dcraw_make_mem_thumb@LibRaw@@UAEPAUlibraw_processed_image_t@@PAH@Z
?recycle@LibRaw@@QAEXXZ
??1LibRaw@@UAE@XZ
?get_decoder_info@LibRaw@@UAEHPAUlibraw_decoder_info_t@@@Z
?setCancelFlag@LibRaw@@UAEXXZ
?clearCancelFlag@LibRaw@@UAEXXZ
?is_phaseone_compressed@LibRaw@@MAEHXZ
?is_canon_600@LibRaw@@MAEHXZ
?copy_fuji_uncropped@LibRaw@@MAEXQAGPAG@Z
?copy_bayer@LibRaw@@MAEXQAGPAG@Z
?fuji_rotate@LibRaw@@MAEXXZ
?convert_to_rgb_loop@LibRaw@@MAEXQAY03M@Z
?lin_interpolate_loop@LibRaw@@MAEXQAY1BA@CA@HH@Z
?scale_colors_loop@LibRaw@@MAEXQAM@Z
?fuji_decode_loop@LibRaw@@MAEXPBUfuji_compressed_params@@HPA_JPAI@Z

winmm

PlaySoundW
timeGetTime

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aFj
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.M-[
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.@h"
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l1
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

05e84f69b2e8df9a9a61649562b1cab8

Headers

DLL Characteristics

File Characteristics

Imports

wintrust

iphlpapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

oleacc

wininet

imm32

gdiplus

libraw

winmm

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 700KB - Virtual size: 700KB

.data Size: 256KB - Virtual size: 256KB

.aFj Size: 1.7MB - Virtual size: 1.7MB

.M-[ Size: 4KB - Virtual size: 4KB

.@h" Size: 5.3MB - Virtual size: 5.3MB

.reloc Size: 4KB - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 22KB

.l1 Size: 30KB - Virtual size: 30KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 700KB - Virtual size: 700KB

.data
Size: 256KB - Virtual size: 256KB

.aFj
Size: 1.7MB - Virtual size: 1.7MB

.M-[
Size: 4KB - Virtual size: 4KB

.@h"
Size: 5.3MB - Virtual size: 5.3MB

.reloc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 22KB

.l1
Size: 30KB - Virtual size: 30KB