be69755401084212eec547e4e8eb862e6e86b0a6a5cedccac857be5a548850ce

Sharing

Copy URL Twitter E-mail

General

Target

be69755401084212eec547e4e8eb862e6e86b0a6a5cedccac857be5a548850ce
Size

3.4MB
MD5

d9a73335ef6a2b330c2695e67a9ca89c
SHA1

9ce165b6b81163b2510b90c2b4907abc0928b3c0
SHA256

be69755401084212eec547e4e8eb862e6e86b0a6a5cedccac857be5a548850ce
SHA512

9255a5ce44b155750b65f551755d85f9bf43c03487efd7a09657c81dc0152ce73be4a7806738cd1102dbbf672eb264f11338ef2c31c54faa0ff82e81d69eb22c
SSDEEP

49152:emii402NBt+9dMP9NvZB3ezpBh9/FjZJqpmPvVG7TZHAAfifHVYYL3HoRV7:emii402NBt+9dMP9NfO1BXxZJaAVGBA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be69755401084212eec547e4e8eb862e6e86b0a6a5cedccac857be5a548850ce

Files

be69755401084212eec547e4e8eb862e6e86b0a6a5cedccac857be5a548850ce
.exe windows:6 windows x86

0f50a31f91ffcbfd08fb750330937b4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

select
__WSAFDIsSet
ioctlsocket
freeaddrinfo
getaddrinfo
sendto
recvfrom
bind
accept
gethostname
shutdown
getnameinfo
WSAIoctl
closesocket
WSASetLastError
getpeername
getsockname
socket
ntohs
connect
getsockopt
htons
setsockopt
send
recv
WSAGetLastError
WSACleanup
WSAStartup
listen

wldap32

ord145
ord142
ord41
ord14
ord147
ord79
ord27
ord26
ord127
ord46
ord301
ord133
ord73
ord208
ord167
ord118

crypt32

CertGetCertificateContextProperty
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore

kernel32

CreateFileW
GetLastError
SizeofResource
HeapFree
InitializeCriticalSectionEx
HeapSize
LockResource
HeapReAlloc
RaiseException
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
DecodePointer
HeapDestroy
GetProcessHeap
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
DosDateTimeToFileTime
InterlockedIncrement
InterlockedDecrement
FlushInstructionCache
HeapCreate
GetCurrentProcess
GetCurrentThreadId
FreeResource
SetLastError
GetFullPathNameW
MulDiv
GetVersionExW
GetModuleHandleW
GetVersionExA
LoadLibraryA
GetModuleHandleA
FormatMessageA
SleepEx
GetSystemDirectoryW
VerSetConditionMask
ReadFile
ExpandEnvironmentStringsA
GetStdHandle
WaitForMultipleObjects
PeekNamedPipe
GetFileType
WaitForSingleObjectEx
GetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FormatMessageW
SwitchToFiber
DeleteFiber
CreateFiber
ConvertFiberToThread
ConvertThreadToFiber
GetConsoleMode
ReadConsoleA
ReadConsoleW
SetConsoleMode
GetSystemTime
SystemTimeToFileTime
GlobalAlloc
GlobalLock
GlobalUnlock
ResetEvent
TerminateThread
SetEvent
CreateEventW
WaitForSingleObject
WriteConsoleW
SetEnvironmentVariableA
GetTickCount64
WriteFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
InitializeSListHead
GetStringTypeW
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
LocalFree
GetCommandLineA
RtlUnwind
LoadLibraryExW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OpenFileMappingW
GetLocalTime
OutputDebugStringW
GetModuleFileNameW
CloseHandle
Process32FirstW
Process32NextW
MultiByteToWideChar
CreateToolhelp32Snapshot
GetFileAttributesW
DeleteCriticalSection
Sleep
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CopyFileW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
GetTickCount
WideCharToMultiByte
OutputDebugStringA
CreateThread
ExitThread
FreeLibraryAndExitThread
SetFilePointerEx
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
SetConsoleCtrlHandler
GetACP
GetConsoleCP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
SetEndOfFile
GetTimeZoneInformation
FlushFileBuffers
GetCurrentDirectoryW
FindFirstFileExW
IsValidCodePage
GetOEMCP
VerifyVersionInfoW

user32

FillRect
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
AppendMenuW
GetMenuItemCount
DestroyMenu
CreatePopupMenu
IsMenu
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
SystemParametersInfoA
DrawTextW
MessageBoxW
GetSystemMetrics
GetSysColor
EnableMenuItem
LoadImageW
CreateIconFromResource
LoadBitmapW
GetDesktopWindow
SetActiveWindow
EnableWindow
GetClassNameW
SetCaretPos
HideCaret
GetCaretBlinkTime
CreateCaret
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
ReleaseCapture
SetCapture
GetCapture
IsIconic
SetLayeredWindowAttributes
AnimateWindow
TrackMouseEvent
GetKeyState
GetFocus
SetFocus
GetWindow
GetWindowLongW
MapWindowPoints
GetWindowRect
GetClientRect
GetDlgItem
CreateWindowExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
GetIconInfo
DestroyIcon
CharNextW
IsRectEmpty
UnionRect
CopyRect
SetCursor
DestroyCursor
LoadCursorW
GetMonitorInfoW
MonitorFromWindow
GetParent
SetWindowLongW
EqualRect
InflateRect
ScreenToClient
GetUserObjectInformationW
GetProcessWindowStation
DrawIconEx
GetForegroundWindow
IsWindowEnabled
SetTimer
MsgWaitForMultipleObjects
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
UnregisterClassW
SetForegroundWindow
wsprintfA
PostMessageW
IsZoomed
InvertRect
DestroyWindow
SendMessageW
SetWindowTextW
GetCursorPos
MoveWindow
OffsetRect
IntersectRect
IsWindowVisible
SetWindowPos
GetActiveWindow
ShowWindow
IsWindow
ClientToScreen
SetRect
PtInRect
KillTimer

gdi32

GetRgnBox
GetTextColor
GetTextExtentPoint32W
IntersectClipRect
OffsetRgn
Pie
PtInRegion
RectInRegion
RestoreDC
RoundRect
GetClipRgn
ExtSelectClipRgn
SetRectRgn
SetROP2
ExcludeClipRect
Ellipse
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreatePen
CreateEllipticRgnIndirect
Arc
SetTextColor
GetWorldTransform
SetWorldTransform
CreateDIBSection
ExtCreatePen
Polyline
CombineRgn
GetViewportOrgEx
GetCurrentObject
SetViewportOrgEx
CreateCompatibleBitmap
StretchBlt
GetObjectW
SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SetGraphicsMode
GetDeviceCaps
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
EnumFontsW
CreateRoundRectRgn
DeleteObject
SaveDC
BitBlt

advapi32

CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegQueryValueExA
RegCreateKeyW
RegSetKeyValueA
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptEnumProvidersW

shell32

ShellExecuteW
Shell_NotifyIconW

ole32

CreateStreamOnHGlobal
CreateBindCtx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning
OleInitialize
OleUninitialize
CoCreateGuid

oleaut32

SysFreeString
SysAllocString

shlwapi

StrToIntExW

gdiplus

GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipGetPropertyItemSize
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipBitmapLockBits
GdiplusStartup
GdipImageSelectActiveFrame
GdiplusShutdown
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameCount
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectI
GdipGraphicsClear

imm32

ImmAssociateContext
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
ImmSetCandidateWindow

msimg32

AlphaBlend
GradientFill

iphlpapi

GetAdaptersInfo

bcrypt

BCryptGenRandom

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f50a31f91ffcbfd08fb750330937b4b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

crypt32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

imm32

msimg32

iphlpapi

bcrypt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 799KB - Virtual size: 798KB

.data Size: 43KB - Virtual size: 125KB

.gfids Size: 1024B - Virtual size: 996B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 214KB - Virtual size: 213KB

.reloc Size: 127KB - Virtual size: 127KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 799KB - Virtual size: 798KB

.data
Size: 43KB - Virtual size: 125KB

.gfids
Size: 1024B - Virtual size: 996B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 214KB - Virtual size: 213KB

.reloc
Size: 127KB - Virtual size: 127KB