fa71b0e08b2d8a11a8c829614d79b54ab72626f05a026db96d4abfa165bd7746

Sharing

Copy URL Twitter E-mail

General

Target

fa71b0e08b2d8a11a8c829614d79b54ab72626f05a026db96d4abfa165bd7746
Size

11.0MB
MD5

2e53b3317ef4a375cbf6bdc1763a1d63
SHA1

0629cdb333bb57979863253d0f1bf88cbad3f774
SHA256

fa71b0e08b2d8a11a8c829614d79b54ab72626f05a026db96d4abfa165bd7746
SHA512

e1ff5a2b6a78af63046bc45f36f231ed207e9a6905e309c035404537a732f3f41f6bd707f3e26239730fea7554a0d8d0247e1a53929da40ac00041bba79340be
SSDEEP

196608:cC+aaQyK/f0nR5a+V2A8gIsTU3AXWOWaf2nNlpO61mr2Reb2dvqAe5g:cnaa3K25dV2B+U362nVmr2ReidZ2g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa71b0e08b2d8a11a8c829614d79b54ab72626f05a026db96d4abfa165bd7746

Files

fa71b0e08b2d8a11a8c829614d79b54ab72626f05a026db96d4abfa165bd7746
.exe windows:4 windows x86

d2202f07ccdbb12632f4fa5bcfb91a87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
lstrcpyA
lstrcatA
MulDiv
GetLastError
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
SetLastError
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateThread
GetEnvironmentStrings
SetHandleCount
GetStdHandle
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
LockResource
LoadResource
FindResourceA
GetVersion
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
lstrcpynA
FlushFileBuffers
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
GetSystemTime
RaiseException
GetACP
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetProcAddress
GetCommandLineA
GetStartupInfoA
WaitForSingleObject
GetEnvironmentVariableA
GetFileSize
ReadFile
CopyFileA
FindFirstFileA
RemoveDirectoryA
DeleteFileA
FindNextFileA
GlobalFree
LCMapStringA
SetFileAttributesA
WriteFile
GetTickCount
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocalTime
HeapReAlloc
ExitProcess
GetModuleHandleA
GlobalUnlock
GlobalLock
GlobalAlloc
ResumeThread
SetThreadContext
VirtualProtectEx
WriteProcessMemory
ReadProcessMemory
GetThreadContext
CreateProcessA
GetCurrentProcess
LocalFree
CreateDirectoryW
LocalAlloc
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetCurrentProcessId
Process32Next
Process32First
CreateToolhelp32Snapshot
FreeLibrary
MoveFileExA
GetTempFileNameA
CloseHandle
GetTempPathA
MoveFileA
CreateDirectoryA
DeviceIoControl
CreateFileA
lstrcmpW
RtlZeroMemory
lstrcmpiA
HeapDestroy
HeapCreate
GetAtomNameW
GetModuleFileNameW
WideCharToMultiByte
GetCommandLineW
GetModuleHandleW
MultiByteToWideChar
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenW
lstrlenA
HeapFree
InterlockedDecrement
InterlockedIncrement
LocalSize
HeapAlloc
IsBadReadPtr
GetProcessHeap
RtlMoveMemory
LoadLibraryA
VirtualAllocEx
TerminateProcess
OpenProcess
Sleep
GlobalSize
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

GetClassLongA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetWindowPlacement
IsDialogMessageA
SendDlgItemMessageA
GetDlgCtrlID
CreateDialogIndirectParamA
UnhookWindowsHookEx
GrayStringA
TabbedTextOutA
RegisterClipboardFormatA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetKeyState
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
PostMessageA
GetWindow
PtInRect
GetWindowLongA
GetWindowTextA
SystemParametersInfoA
GetClassNameA
UnregisterHotKey
SetWindowLongA
SendMessageA
RegisterHotKey
LoadBitmapA
CreateWindowExA
CallWindowProcA
SetActiveWindow
GetActiveWindow
GetForegroundWindow
SetWindowTextA
TrackPopupMenu
GetMenuStringW
GetMenuItemRect
GetMenuState
GetMenuDefaultItem
MenuItemFromPoint
RemoveMenu
GetMenuItemID
GetSubMenu
SetMenuInfo
FindWindowA
InsertMenuW
AppendMenuW
GetMenuItemInfoW
GetMenuItemCount
DestroyMenu
GetMenuInfo
LoadMenuW
GetSystemMenu
CreatePopupMenu
CreateMenu
DrawIconEx
LoadImageW
CheckMenuItem
SetMenuItemInfoW
CreateIconFromResourceEx
UpdateLayeredWindow
wvsprintfA
SystemParametersInfoW
RegisterWindowMessageW
SetMenuDefaultItem
LoadStringW
CharUpperW
CharLowerW
MessageBoxA
wsprintfA
DispatchMessageA
GetMessageA
PeekMessageA
CopyRect
AdjustWindowRectEx
GetWindowThreadProcessId
MoveWindow
GetCursorPos
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
UnregisterClassA
PostThreadMessageA
CheckMenuRadioItem
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
SetRect
LoadIconW
EnumPropsExW
RemovePropA
RemovePropW
GetPropA
GetPropW
SetPropA
SetPropW
KillTimer
SetTimer
MessageBoxW
SetWindowTextW
SetParent
UpdateWindow
ValidateRect
ScreenToClient
GetIconInfo
CopyIcon
PostMessageW
ShowWindow
CallWindowProcW
CreateMDIWindowW
DialogBoxParamW
CreateDialogParamW
EndDialog
DialogBoxIndirectParamW
DestroyWindow
SetClassLongW
GetClassLongW
CreateDialogIndirectParamW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
PostQuitMessage
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
TranslateMDISysAccel
IsChild
GetMessageW
GetFocus
ClientToScreen
FillRect
GetWindowDC
DefWindowProcW
OffsetRect
ReleaseDC
DrawTextA
GetDC
SetFocus
GetNextDlgTabItem
InvalidateRect
GetWindowRect
SetWindowPos
EnableWindow
IsWindowEnabled
IsWindowVisible
GetSysColor
DestroyAcceleratorTable
DestroyIcon
LoadCursorW
ReleaseCapture
SetCapture
SetCursor
DestroyCursor
SendMessageW
GetWindowLongW
GetParent
GetWindowTextW
GetWindowTextLengthW
GetClassNameW
FindWindowExW
GetAsyncKeyState
SetWindowLongW
GetAncestor
GetDlgItem
TrackMouseEvent
EndPaint
BeginPaint
SetWindowRgn
IsWindow
GetClientRect
SetForegroundWindow

gdi32

GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
Escape
ExtTextOutA
TextOutA
GetObjectA
GetDIBits
CreatePatternBrush
CreateEllipticRgn
CreateFontIndirectW
GetObjectW
StretchBlt
SetStretchBltMode
GetStretchBltMode
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateRoundRectRgn
CreateSolidBrush
GetStockObject
SetBkColor
SetBkMode
SetTextColor
DeleteDC
SelectObject
DeleteObject
RestoreDC
SaveDC
CreateBitmap
TranslateCharsetInfo
GetDeviceCaps
CreateFontA
RectVisible
PtVisible

comctl32

ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_Create
ImageList_BeginDrag
ImageList_Add
InitCommonControlsEx
ImageList_Destroy
ord17

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
LookupAccountSidA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
OpenSCManagerA
GetTokenInformation
CryptDestroyHash
CryptReleaseContext
SetSecurityInfo
InitializeAcl
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
DeleteService
ControlService
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA

shell32

SHGetSpecialFolderPathA
DragQueryFileA
DragAcceptFiles
CommandLineToArgvW
Shell_NotifyIconW
DragFinish
DragQueryFileW

ole32

CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromString
GetHGlobalFromStream

shlwapi

PathFileExistsA
StrToIntExW
wvnsprintfW
PathIsDirectoryW
PathFindFileNameA
StrToIntW
StrTrimW
PathFindFileNameW
PathRemoveFileSpecW

gdiplus

GdipAddPathArcI
GdipAddPathLineI
GdipAddPathRectangle
GdipAddPathClosedCurve2
GdipAddPathClosedCurve
GdipAddPathCurve2
GdipAddPathCurve
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipReversePath
GdipClearPathMarkers
GdipSetPathMarker
GdipClosePathFigures
GdipClosePathFigure
GdipStartPathFigure
GdipGetPathData
GdipGetPointCount
GdipSetPathFillMode
GdipGetPathFillMode
GdipResetPath
GdipClonePath
GdipCreatePath2
GdipCreatePath
GdipGetFontHeightGivenDPI
GdipGetFontHeight
GdipGetFontUnit
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipGetLogFontA
GdipGetLogFontW
GdipCloneFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipDeletePrivateFontCollection
GdipCreateFontFromLogfontW
GdipCreateFont
GdipGetImageGraphicsContext
GdipCreateFromHWND
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateHICONFromBitmap
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageThumbnail
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageBounds
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipAddPathEllipse
GdipGetImageRawFormat
GdipGetMatrixElements
GdipLoadImageFromStream
GdipLoadImageFromFile
GdipGetPathWorldBounds
GdipBeginContainer2
GdipBeginContainer
GdipRestoreGraphics
GdipSaveGraphics
GdipIsVisibleRect
GdipIsVisiblePoint
GdipIsVisibleClipEmpty
GdipIsClipEmpty
GdipGetVisibleClipBounds
GdipGetClipBounds
GdipGetClip
GdipTranslateClip
GdipResetClip
GdipSetClipHrgn
GdipSetClipRegion
GdipSetClipRect
GdipSetClipPath
GdipSetClipGraphics
GdipDrawImagePointsRect
GdipDrawImagePointRect
GdipDrawImagePoints
GdipDrawImageRect
GdipDrawImageRectRect
GdipDrawImage
GdipDrawDriverString
GdipMeasureCharacterRanges
GdipCreateRegion
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2
GdipFillClosedCurve
GdipFillPath
GdipFillPie
GdipFillEllipse
GdipFillPolygon
GdipGraphicsClear
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2
GdipDrawCurve
GdipDrawPath
GdipDrawPolygon
GdipDrawPie
GdipDrawEllipse
GdipDrawRectangle
GdipDrawBezier
GdipDrawArc
GdipDrawLine
GdipGetNearestColor
GdipTransformPointsI
GdipTransformPoints
GdipGetDpiY
GdipAddPathPie
GdipAddPathPolygon
GdipAddPathPath
GdipAddPathString
GdipGetImagePixelFormat
GdipTransformPath
GdipFlattenPath
GdipWidenPath
GdipWindingModeOutline
GdipWarpPath
GdipIsVisiblePathPoint
GdipIsOutlineVisiblePathPoint
GdipCreateRegionRect
GdipGetDpiX
GdipGetPageScale
GdipSetPageScale
GdipGetPageUnit
GdipSetPageUnit
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDeleteMatrix
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRgnData
GdipCloneRegion
GdipSetInfinite
GdipSetEmpty
GdipCombineRegionRect
GdipCombineRegionRegion
GdipCombineRegionPath
GdipTranslateRegion
GdipTransformRegion
GdipGetRegionBounds
GdipGetRegionDataSize
GdipGetRegionData
GdipGetRegionHRgn
GdipIsEmptyRegion
GdipIsInfiniteRegion
GdipIsEqualRegion
GdipIsVisibleRegionPoint
GdipIsVisibleRegionRect
GdipGetRegionScansCount
GdipGetRegionScans
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCloneMatrix
GdipEndContainer
GdipSetMatrixElements
GdipMultiplyMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipInvertMatrix
GdipScaleMatrix
GdipShearMatrix
GdipTransformMatrixPoints
GdipVectorTransformMatrixPoints
GdipIsMatrixInvertible
GdipIsMatrixIdentity
GdipIsMatrixEqual
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCloneBitmapArea
GdipBitmapSetResolution
GdipCreateSolidFill
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilyMonospace
GdipGetFamilyName
GdipIsStyleAvailable
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipDeleteBrush
GdipFillRectangle
GdipCreateTexture
GdipCloneImage
GdipGetWorldTransform
GdipSetWorldTransform
GdipGetPixelOffsetMode
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipReleaseDC
GdipGetDC
GdipFlush
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesColorMatrix
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesWrapMode
GdipSetImageAttributesRemapTable
GdipSetImageAttributesOutputChannelColorProfile
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesColorKeys
GdipSetImageAttributesGamma
GdipSetImageAttributesNoOp
GdipSetImageAttributesThreshold
GdipResetImageAttributes
GdipSetImageAttributesToIdentity
GdipCloneImageAttributes
GdipCreateImageAttributes
GdipDeleteRegion
GdipDeletePath
GdipDeleteFont
GdiplusStartup
GdipDisposeImage
GdipGetGenericFontFamilySerif

atl

ord42

crypt32

CryptStringToBinaryW

msimg32

AlphaBlend

oledlg

ord8

rasapi32

RasGetConnectStatusA
RasHangUpA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

wsock32

WSAStartup
WSACleanup
closesocket
recv
send
select

wininet

InternetCloseHandle
InternetSetOptionA
InternetConnectA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetOpenA

Sections

.text
Size: 828KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10.2MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2202f07ccdbb12632f4fa5bcfb91a87

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

advapi32

shell32

ole32

shlwapi

gdiplus

atl

crypt32

msimg32

oledlg

rasapi32

winspool.drv

wsock32

wininet

Sections

.text Size: 828KB - Virtual size: 825KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 10.2MB - Virtual size: 10.4MB

.rsrc Size: 4KB - Virtual size: 744B

.text
Size: 828KB - Virtual size: 825KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 10.2MB - Virtual size: 10.4MB

.rsrc
Size: 4KB - Virtual size: 744B