4fe064e2e19028736c81a8fb2dfa0019cf64ea9c1cc0fe391fba092a2e65c4de

Sharing

Copy URL Twitter E-mail

General

Target

4fe064e2e19028736c81a8fb2dfa0019cf64ea9c1cc0fe391fba092a2e65c4de
Size

3.0MB
MD5

cb302c2ce508fea89d6d5d2c1eb79489
SHA1

0da43a43fa3d885caf8b1623f19b5a677c640083
SHA256

4fe064e2e19028736c81a8fb2dfa0019cf64ea9c1cc0fe391fba092a2e65c4de
SHA512

a0b88450f92da555d580324774c1cfca01fcaacee1517269947c4b10405e211cf6ab3a0a03adb3ff781d49050b92ce8f39c31457e06fe11e4b26260edbc4820b
SSDEEP

98304:qi6ANRpFxIgtIRx5sIRpJBx570z6+HAt/:d6ANw3Ll+HAt/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fe064e2e19028736c81a8fb2dfa0019cf64ea9c1cc0fe391fba092a2e65c4de

Files

4fe064e2e19028736c81a8fb2dfa0019cf64ea9c1cc0fe391fba092a2e65c4de
.exe windows:5 windows x86

8d9b290e7c2a2b2cf5bf58e8f60a23dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetUserDefaultLCID
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
CreatePipe
GetExitCodeProcess
GetTimeZoneInformation
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetACP
SetStdHandle
VirtualAlloc
GetCommandLineW
GetCommandLineA
HeapQueryInformation
GetConsoleMode
GetConsoleCP
PeekNamedPipe
GetDriveTypeW
CreateProcessA
SetConsoleCtrlHandler
FreeLibraryAndExitThread
ExitThread
CreateThread
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetFileType
VirtualQuery
RtlUnwind
CreateWaitableTimerA
GetSystemInfo
OpenEventA
WaitForMultipleObjectsEx
ReleaseSemaphore
AreFileApisANSI
DeviceIoControl
SetFilePointerEx
CreateDirectoryW
OutputDebugStringW
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount
GetTempPathW
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
GetCurrentDirectoryW
VirtualProtect
GetUserDefaultUILanguage
GetLocaleInfoW
GetFileTime
GetFileAttributesExW
GetFileAttributesW
GetVersionExW
GlobalFindAtomW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
lstrcmpW
GlobalFlags
lstrcmpiW
LoadLibraryExW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFileSize
FlushFileBuffers
GlobalAddAtomW
ResumeThread
SetThreadPriority
GlobalGetAtomNameW
lstrcmpA
CompareStringW
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
LoadLibraryW
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
CopyFileW
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
GetCurrentProcess
Sleep
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureStackBackTrace
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetComputerNameA
GetWindowsDirectoryA
InitializeCriticalSection
OutputDebugStringA
GetTempPathA
GetFullPathNameW
FindFirstFileExW
FindClose
GetStdHandle
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObjectEx
CreateEventA
FindNextFileW
FindFirstFileW
WritePrivateProfileStringA
GetModuleFileNameW
GetModuleFileNameA
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
VerifyVersionInfoW
DeleteFileW
SetFileAttributesW
CreateFileW
RemoveDirectoryW
GetPrivateProfileStringA
LoadLibraryA
SetWaitableTimer
CreateWaitableTimerW
CreateEventW
SleepEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FormatMessageW
FormatMessageA
CloseHandle
ReadFile
GetFileSizeEx
WaitForMultipleObjects
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
QueueUserAPC
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
SetLastError
TerminateThread
LocalFree
GetProcAddress
FreeLibrary
InterlockedCompareExchange
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
VerSetConditionMask
MultiByteToWideChar
WritePrivateProfileStringW
GetPrivateProfileStringW
FindResourceW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
LockResource
GetEnvironmentStringsW
DecodePointer

user32

GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
IntersectRect
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
PostQuitMessage
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetCapture
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
SetWindowRgn
PostMessageW
SetParent
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
NotifyWinEvent
GetMenuStringW
GetMenuState
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowLongW
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyW
SetClassLongW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
SetActiveWindow
InvertRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
UnhookWindowsHookEx
SendMessageW
EnableWindow
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
RegisterClipboardFormatW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
DestroyIcon
CharUpperW
GetDlgCtrlID
GetFocus
SetWindowTextW
GetWindowRect
ClientToScreen
PtInRect
GetDesktopWindow
GetClassNameW
GetWindow
RealChildWindowFromPoint
SetFocus
SetScrollPos
GetScrollPos
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
CheckDlgButton
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
DefWindowProcW

gdi32

CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
DeleteObject
DeleteDC
GetDeviceCaps
CombineRgn
CopyMetaFileW
CreateDCW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

SHAppBarMessage
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
StrCpyW
StrCatW
StrFormatKBSizeW

uxtheme

GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsAppThemed
GetWindowTheme
GetThemeSysColor

ole32

CoDisconnectObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

LoadTypeLi
SysFreeString
SysAllocString
SysAllocStringLen
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
VariantInit
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

ws2_32

select
accept
bind
closesocket
ioctlsocket
htonl
htons
listen
ntohl
setsockopt
shutdown
WSAStartup
WSACleanup
WSASetLastError
WSAGetLastError
WSARecv
WSASend
WSASocketW
WSAStringToAddressW

mswsock

AcceptEx
GetAcceptExSockaddrs
TransmitFile

dbghelp

SymFromAddr
SymInitialize
SymCleanup
SymSetOptions
UnDecorateSymbolName

gdiplus

GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipSetInterpolationMode

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 503KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d9b290e7c2a2b2cf5bf58e8f60a23dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

ws2_32

mswsock

dbghelp

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 503KB - Virtual size: 503KB

.data Size: 39KB - Virtual size: 140KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 163KB - Virtual size: 163KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 503KB - Virtual size: 503KB

.data
Size: 39KB - Virtual size: 140KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 163KB - Virtual size: 163KB