04a29ee27da337a91f537783cbe689a20954fc93ee58bf6a061650b44c10ef04

Sharing

Copy URL Twitter E-mail

General

Target

04a29ee27da337a91f537783cbe689a20954fc93ee58bf6a061650b44c10ef04
Size

1.9MB
MD5

eeee022f03d57db24be79efb1b7a119a
SHA1

2a5ef667ff7ab96c08590ff76fe5037b5d6dd036
SHA256

04a29ee27da337a91f537783cbe689a20954fc93ee58bf6a061650b44c10ef04
SHA512

ae0b0b0d4e6a8d3864ac8e15657dd850d90ef09592a4bcb8bcad1aff8eda434fdbc037d9bf96f750e2c670801627f02da098ecbbeb24310e3166b3a4788bc821
SSDEEP

49152:Aq1ESt048vylEi8T82JYY9CLqB4ATHOrnamEi8Fk:Aqx248vI8Th9seiEi8Fk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a29ee27da337a91f537783cbe689a20954fc93ee58bf6a061650b44c10ef04

Files

04a29ee27da337a91f537783cbe689a20954fc93ee58bf6a061650b44c10ef04
.exe windows:4 windows x86

d1f284a50080bfc14dc7bb650bbbbe42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasSetEntryPropertiesW
RasDialW
RasGetErrorStringW
RasConnectionNotificationW
RasGetProjectionInfoW
RasEnumConnectionsW
RasGetConnectionStatistics
RasGetConnectStatusW
RasDeleteEntryW
RasHangUpW

kernel32

GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
LCMapStringA
IsBadReadPtr
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
CreateFileA
GetACP
GetOEMCP
SetEnvironmentVariableA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetFileType
SetStdHandle
HeapReAlloc
HeapAlloc
ExitThread
CreateDirectoryW
HeapFree
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
CopyFileW
GetSystemTimeAsFileTime
FindResourceA
GlobalAddAtomA
GetProfileStringA
TerminateThread
InterlockedExchange
DeviceIoControl
SleepEx
CreateMutexW
CreateSemaphoreW
ReleaseSemaphore
GetCurrentProcessId
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
GetExitCodeThread
GetSystemDirectoryW
GetVersionExW
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesW
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpW
lstrcmpA
lstrcmpiA
GetCurrentThread
lstrcmpiW
GetThreadLocale
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
LoadLibraryW
DeleteFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
CreateFileW
GetCurrentProcess
DuplicateHandle
GetLastError
GetModuleFileNameW
lstrcpynW
FormatMessageW
LocalFree
SetLastError
WideCharToMultiByte
lstrlenW
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenA
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcpyW
GetModuleHandleW
GetProcAddress
GetTempPathW
CreatePipe
GetStartupInfoW
CreateProcessW
ReadFile
MoveFileExW
MultiByteToWideChar
GetLocaleInfoW
ExitProcess
OpenSemaphoreW
CreateThread
LeaveCriticalSection
EnterCriticalSection
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Process32NextW
GetTickCount
Sleep
SetEvent
ResetEvent
WaitForSingleObject
LockResource
GlobalAlloc
ResumeThread
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CloseHandle
CreateEventW
InitializeCriticalSection
LCMapStringW
FindResourceW
SizeofResource
LoadResource
FreeResource
GetPrivateProfileStringW
DeleteCriticalSection
WritePrivateProfileStringW
GetPrivateProfileIntW
InterlockedDecrement
InterlockedIncrement
DeleteFileA
IsBadCodePtr
GetFileAttributesA

user32

PeekMessageW
DispatchMessageW
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemID
TrackPopupMenu
MapWindowPoints
GetWindowTextLengthW
GetWindowTextW
GetKeyState
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
SetDlgItemTextW
IsDialogMessageW
SendDlgItemMessageA
SetWindowTextW
MoveWindow
EnableWindow
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowPos
RegisterWindowMessageW
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
UpdateWindow
PostMessageW
SetWindowPlacement
ShowWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
SetCapture
GetSystemMenu
RemoveMenu
GetMenuItemInfoW
GetMenuItemCount
AppendMenuW
ReleaseCapture
GetDesktopWindow
IsWindow
LoadBitmapW
SendMessageW
GetWindowRect
GetClientRect
CopyImage
DrawIconEx
GetSysColor
GetCursorPos
CopyRect
InflateRect
FillRect
FrameRect
GetSubMenu
LoadMenuW
InvalidateRect
KillTimer
WindowFromPoint
GetWindow
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
GetMenuCheckMarkDimensions
wvsprintfW
BeginPaint
EndPaint
TabbedTextOutW
DrawTextW
GrayStringW
ValidateRect
TranslateMessage
GetMessageW
DestroyMenu
CharUpperW
LoadStringW
PostQuitMessage
SetCursor
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
CharNextW
PtInRect
LoadCursorW
GetSysColorBrush
PostThreadMessageW
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
CopyIcon
PeekMessageA
DispatchMessageA
GetClassInfoExW
RegisterClassExW
wsprintfA
DrawFocusRect
GetDC
ReleaseDC
SetTimer
SetRect
LoadImageW
GetSystemMetrics
DrawIcon
IsIconic
GetParent
SystemParametersInfoW
GetDlgCtrlID
GetWindowLongW
SetWindowLongW
GetClassNameW
SetWindowRgn
ClientToScreen
GetWindowDC
SetForegroundWindow
LoadIconW
MessageBoxW
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableW
GetActiveWindow

gdi32

SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
CreateRectRgn
ExtSelectClipRgn
GetViewportExtEx
GetWindowExtEx
CreateBitmap
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
PatBlt
CreateRectRgnIndirect
GetTextColor
GetBkColor
CreateFontIndirectW
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
LPtoDP
SetBkColor
SetTextColor
GetClipBox
GetObjectW
StretchBlt
CreateRoundRectRgn
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetBkMode
SelectPalette
GetStockObject
RestoreDC
SaveDC
CreatePatternBrush
CreateFontW
CreateDIBitmap
CreateDIBSection
GetDIBits
RealizePalette
SetDIBitsToDevice
PlayEnhMetaFile
CreatePalette
GetEnhMetaFilePaletteEntries
DeleteEnhMetaFile
SetWinMetaFileBits
GetEnhMetaFileHeader
SetEnhMetaFileBits
ExtTextOutA
GetTextExtentPointA
GetTextExtentPoint32W
BitBlt

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

LookupPrivilegeValueW
OpenProcessToken
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyW
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegCloseKey
AdjustTokenPrivileges

shell32

ShellExecuteExW
Shell_NotifyIconW
ExtractIconW
ShellExecuteW
SHGetSpecialFolderPathW

comctl32

ImageList_DrawIndirect
ImageList_Create
ImageList_Destroy
ord17
ImageList_GetIcon
ImageList_GetIconSize
ImageList_AddMasked

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

olepro32

ord253
ord251

oleaut32

GetErrorInfo
SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantTimeToSystemTime
SysAllocStringLen
VarDateFromStr
VariantCopy
VariantChangeType
VariantClear
VariantInit
SysStringByteLen

winmm

sndPlaySoundW

wsock32

closesocket
WSAGetLastError
socket
setsockopt
bind
htons
ioctlsocket

iphlpapi

CreateIpForwardEntry
SetIpForwardEntry
GetIpForwardTable
DeleteIpForwardEntry
GetBestRoute
GetAdaptersInfo

ws2_32

ioctlsocket
connect
accept
listen
WSASetLastError
gethostbyname
__WSAFDIsSet
getsockopt
WSAStartup
shutdown
htonl
send
recv
select
ntohs

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d1f284a50080bfc14dc7bb650bbbbe42

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

winmm

wsock32

iphlpapi

ws2_32

version

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 272KB - Virtual size: 269KB

.data Size: 92KB - Virtual size: 150KB

.rsrc Size: 252KB - Virtual size: 252KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 272KB - Virtual size: 269KB

.data
Size: 92KB - Virtual size: 150KB

.rsrc
Size: 252KB - Virtual size: 252KB