2983e9fa08a9d42e7337c6926e9a29180282304c34e8380df731a67aafcbfd56

Sharing

Copy URL Twitter E-mail

General

Target

2983e9fa08a9d42e7337c6926e9a29180282304c34e8380df731a67aafcbfd56
Size

2.1MB
MD5

f68fdbd283a4c5ec21a84889bd791b00
SHA1

babf79c1a0ffd03c00baa19b3b2f7dd8cfaad9db
SHA256

2983e9fa08a9d42e7337c6926e9a29180282304c34e8380df731a67aafcbfd56
SHA512

4d199637d9a07c5d47f84468c6b908962828f5be5c158134913893f3467793a90dfb624ba0e698cf9e1c25ffb478b97fff61c6ee2b3dde6b3c74236637c82747
SSDEEP

49152:fsVF/d3tMi5E1NDlJi3gUZDwTkpfPMdUvkfvya4Rr8B4O88M61rSBa21ExYOB:fs7d3tMi5E1ti31DekpfP9kfvya4Rr8N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2983e9fa08a9d42e7337c6926e9a29180282304c34e8380df731a67aafcbfd56

Files

2983e9fa08a9d42e7337c6926e9a29180282304c34e8380df731a67aafcbfd56
.exe windows:5 windows x86

3d4d3ef2500f0f25b1bc8819d466cbc9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetVersionExA
lstrcmpW
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
FindResourceA
GetModuleFileNameA
GetCurrentProcessId
GetThreadLocale
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
SetThreadPriority
ResumeThread
WaitForSingleObject
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetACP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
CompareStringA
SearchPathA
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
IsValidCodePage
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
HeapCreate
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
CompareStringW
LCMapStringW
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetLastError
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
LoadLibraryW
ActivateActCtx
Sleep
DeactivateActCtx
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
GetTickCount
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
SetFileTime
WriteFile
CreateDirectoryA
LocalFileTimeToFileTime
lstrcatA
lstrlenA
lstrcpyA
GetCurrentDirectoryA
ReadFile
CloseHandle
SetFilePointer
CreateFileA
GetFileAttributesA
FileTimeToSystemTime
SystemTimeToFileTime
OutputDebugStringA
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalDeleteAtom
WideCharToMultiByte
GetDriveTypeW

user32

GetMessageA
ShowOwnedPopups
GetSysColorBrush
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
RealChildWindowFromPoint
IntersectRect
OffsetRect
DeleteMenu
SetWindowRgn
RedrawWindow
SetTimer
KillTimer
SetCapture
WindowFromPoint
ReleaseCapture
MessageBeep
NotifyWinEvent
GetAsyncKeyState
IsZoomed
IsRectEmpty
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
SetMenuDefaultItem
GetMenuDefaultItem
UnregisterClassA
WaitMessage
CharNextA
CopyAcceleratorTableA
SetRect
InvalidateRgn
GetNextDlgGroupItem
DestroyIcon
SetParent
DestroyAcceleratorTable
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
InvertRect
HideCaret
GetIconInfo
CopyImage
LoadImageA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
FrameRect
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
TranslateMessage
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
GetMessageTime
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
GetClassNameA
LoadBitmapW
InvalidateRect
UpdateWindow
FillRect
DrawStateA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
EnableWindow
MessageBoxA
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SendMessageA
GetClientRect
GetMessagePos
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
MapVirtualKeyA
GetKeyNameTextA
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDesktopWindow
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
UnhookWindowsHookEx
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
LoadMenuW
GetSubMenu
EnableMenuItem
GetWindowRect
GetCursorPos
PtInRect
LoadCursorA
SetCursor
SetClassLongA
wsprintfA
LoadIconW
SetWindowLongA
GetWindowLongA
GetSystemMenu
AppendMenuA
IsIconic
GetSystemMetrics
DrawIcon
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetDoubleClickTime
DestroyWindow

gdi32

SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
CreateFontA
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
SetPixelV
CreateDCA
GetTextFaceA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
GetRgnBox
GetTextColor
GetBkColor
CreateDIBSection
CreateRoundRectRgn
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
GetTextExtentPoint32A
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
SelectClipRgn
CreateRectRgn
ScaleViewportExtEx
SetViewportExtEx
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
CopyMetaFileA

shell32

SHGetSpecialFolderLocation
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHGetFileInfoA

oleaut32

SystemTimeToVariantTime
SysAllocString
VariantTimeToSystemTime
OleCreateFontIndirect
VarBstrFromDate
SafeArrayDestroy
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
VariantCopy

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA
PathStripToRootA

oledlg

ord8

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

wldap32

ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord79
ord33
ord301
ord27
ord41
ord46
ord35

ws2_32

__WSAFDIsSet
WSASetLastError
WSACleanup
ntohl
select
WSAGetLastError
recv
connect
inet_addr
send
WSAIoctl
ntohs
bind
getsockopt
getpeername
htons
setsockopt
socket
inet_ntoa
gethostbyname
WSAStartup
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
closesocket
getsockname

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptCreateHash
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoUninitialize
CoCreateInstance
IsAccelerator

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d4d3ef2500f0f25b1bc8819d466cbc9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

wldap32

ws2_32

crypt32

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 331KB - Virtual size: 331KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 143KB - Virtual size: 142KB

.reloc Size: 180KB - Virtual size: 179KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 331KB - Virtual size: 331KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 143KB - Virtual size: 142KB

.reloc
Size: 180KB - Virtual size: 179KB