3cf4342d9fdaedd3437db7b9126937f2e625080d9a60b19baf552fe67e2c81fc

Sharing

Copy URL Twitter E-mail

General

Target

3cf4342d9fdaedd3437db7b9126937f2e625080d9a60b19baf552fe67e2c81fc
Size

3.4MB
MD5

ca801f4c2e40618e08e0fcf633800bcc
SHA1

ea5321a79f1d10e581bd4e2d4f94dd8c3593e21f
SHA256

3cf4342d9fdaedd3437db7b9126937f2e625080d9a60b19baf552fe67e2c81fc
SHA512

62d94c2451dbc48ca1415642169d06facd3d6d52c60ecf7321bf8d2cea1f5d7653a36dcb6a300953d9544a60f0810db85e2196c76cc64b6e6f1da041ed182173
SSDEEP

98304:86PgSkjZbqN+F3Y2MPj7D9kdFLOAkGkzdnEVomFHKnPR:nPK8j7D9oFLOyomFHKnPR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cf4342d9fdaedd3437db7b9126937f2e625080d9a60b19baf552fe67e2c81fc

Files

3cf4342d9fdaedd3437db7b9126937f2e625080d9a60b19baf552fe67e2c81fc
.exe windows:5 windows x86

3aed01f81c451e86f92b3f0eb9c08ed4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
GetExitCodeProcess
SetFilePointerEx
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetACP
ExitProcess
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
WriteConsoleW
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleCP
PeekNamedPipe
GetFileType
GetDriveTypeW
CreateProcessA
GetCommandLineW
GetCommandLineA
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringEx
InitializeCriticalSectionEx
OutputDebugStringW
ReadConsoleW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetWindowsDirectoryW
GetUserDefaultLCID
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount
FindResourceExW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
FlushFileBuffers
FindFirstFileW
GetTempPathW
SetFilePointer
GetFileSize
GetFileAttributesW
VirtualProtect
FileTimeToSystemTime
GlobalGetAtomNameW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcessId
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
VerifyVersionInfoW
VerSetConditionMask
GetPrivateProfileIntW
lstrcpyW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalSize
WideCharToMultiByte
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetProcAddress
GetModuleHandleA
FreeLibrary
GetVersionExW
GetCurrentThread
SetLastError
GetCurrentProcess
Sleep
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureStackBackTrace
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetComputerNameA
GetWindowsDirectoryA
InitializeCriticalSection
OutputDebugStringA
GetTempPathA
GetFullPathNameW
FindNextFileW
FindFirstFileExW
FindClose
GetStdHandle
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
SizeofResource
HeapFree
MultiByteToWideChar
GetFileSizeEx
CloseHandle
CreateFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenW
GetModuleFileNameW
GetModuleHandleW
CreateDirectoryW
CopyFileW
FindResourceW
LoadResource
LockResource
CreateThread

user32

GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SendDlgItemMessageA
IsDialogMessageW
CheckDlgButton
MoveWindow
GetMenuItemInfoW
DestroyMenu
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
SetWindowTextW
DeleteMenu
CopyImage
GetDesktopWindow
WindowFromPoint
ClientToScreen
ReleaseCapture
SetCapture
WaitMessage
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
GetCursorPos
GetActiveWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
SetLayeredWindowAttributes
DrawIconEx
IsRectEmpty
OffsetRect
MapDialogRect
FillRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawStateW
GetSystemMetrics
DrawFrameControl
DrawEdge
IsWindowEnabled
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetParent
GetClassLongW
CopyIcon
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
PostQuitMessage
DefWindowProcW
LoadIconW
LoadCursorW
RegisterClassW
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
IntersectRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
SetParent
MonitorFromPoint
TrackMouseEvent
IsZoomed
CharUpperW
LoadMenuW
GetSystemMenu
MessageBeep
NotifyWinEvent
SetCursorPos
SetRect
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
InflateRect
MessageBoxW
CreateWindowExW
ShowWindow
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
PostMessageW
FrameRect
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
RegisterWindowMessageW
PeekMessageW
GetMessagePos
GetMessageTime
SendMessageW
CallWindowProcW
GetClassInfoW
GetClassInfoExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetKeyState
GetCapture
EnableWindow
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
ToUnicodeEx
GetIconInfo
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
CopyAcceleratorTableW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetKeyNameTextW
SubtractRect
RegisterClipboardFormatW
CharUpperBuffW
UpdateLayeredWindow
GetWindowRgn
DestroyCursor
DrawIcon
InvertRect
HideCaret
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetNextDlgGroupItem
PostThreadMessageW
IsClipboardFormatAvailable
SetWindowLongW

gdi32

GetBkColor
GetTextExtentPoint32W
PatBlt
ExtTextOutW
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesW
GetTextCharsetInfo
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
Ellipse
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteDC
GetTextColor
GetStockObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetMalloc

shlwapi

StrCpyW
StrCatW
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
IsAppThemed
GetThemePartSize
GetWindowTheme
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateInstance
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoUninitialize

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
SysStringLen
VariantCopy
VarBstrFromDate
LoadTypeLi
SysAllocString
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

dbghelp

UnDecorateSymbolName
SymFromAddr
SymInitialize
SymCleanup
SymSetOptions

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aed01f81c451e86f92b3f0eb9c08ed4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

dbghelp

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 352KB - Virtual size: 352KB

.data Size: 23KB - Virtual size: 103KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 138KB - Virtual size: 138KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 352KB - Virtual size: 352KB

.data
Size: 23KB - Virtual size: 103KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 138KB - Virtual size: 138KB