a79ef01fcd0247b8b5523e151d2c7a1ed924af2eb665fb4ba2a04c0b6bd14a37

Sharing

Copy URL Twitter E-mail

General

Target

a79ef01fcd0247b8b5523e151d2c7a1ed924af2eb665fb4ba2a04c0b6bd14a37
Size

14.3MB
MD5

e01afceefaf18194f8f9669b0b2275e1
SHA1

accc47ca9cac8e79b235f994f1c59b62515a5e55
SHA256

a79ef01fcd0247b8b5523e151d2c7a1ed924af2eb665fb4ba2a04c0b6bd14a37
SHA512

c5daa704fce34d6a84e09f72619ae0a0475aa1a540dc1ccfc224982ec313422bbc6a98df888a2bd02789977cae51b1f31b43c85cb7167d245512a796bc6d09c3
SSDEEP

393216:VtqpaYjX4HIA/RTlMzKd/egkQfh9BXTX+SU8sP9UNHTYU2Hts:lY8VSgZf9XTvsP9wHsUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a79ef01fcd0247b8b5523e151d2c7a1ed924af2eb665fb4ba2a04c0b6bd14a37

Files

a79ef01fcd0247b8b5523e151d2c7a1ed924af2eb665fb4ba2a04c0b6bd14a37
.exe windows:5 windows x86

246108a5194335db4129956b627eb841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapSize
GetACP
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameA
ExitProcess
FindNextFileA
GetProfileStringA
FindFirstFileA
GetModuleHandleA
WaitForSingleObject
CloseHandle
lstrcpynA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
CreateEventA
LockResource
GlobalFree
GlobalUnlock
lstrlenA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
ExitThread
FreeLibrary
LoadLibraryA
FindClose
SetLastError
GetLastError
LocalFree
FormatMessageA
MulDiv
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
GetVolumeInformationA
GetFullPathNameA
GetThreadLocale
EnterCriticalSection
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetCurrentDirectoryA
GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileSize
GetFileTime
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapReAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
TerminateProcess
CreateThread
GetVersion
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
DecodePointer
GetCommandLineA
RaiseException
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
VirtualQuery

user32

InvalidateRect
RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
CopyRect
GetDC
ReleaseDC
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
LoadIconA
MessageBoxExA
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
PostQuitMessage
PostMessageA
MessageBoxA
wsprintfA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
DefDlgProcA
IsWindowUnicode
AppendMenuA
CharNextA
InflateRect
GetSysColorBrush
PtInRect
GetClassNameA
GetDesktopWindow
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadCursorA
CharUpperBuffW

gdi32

BitBlt
GetTextExtentPointA
CreateCompatibleDC
LPtoDP
GetBkColor
GetTextColor
DPtoLP
GetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateBitmap
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
ShellExecuteExA
SHFileOperationA

comctl32

ord17

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc
CLSIDFromProgID
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRegisterMessageFilter
CLSIDFromString

olepro32

ord253

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime

wininet

InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback

ws2_32

WSAStartup
send
closesocket
gethostbyname
socket
htons
connect
recv

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 832KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.m5}
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.(?/
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zI[
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

246108a5194335db4129956b627eb841

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

ws2_32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 832KB - Virtual size: 832KB

.m5} Size: 5.4MB - Virtual size: 5.4MB

.(?/ Size: 4KB - Virtual size: 4KB

.zI[ Size: 7.9MB - Virtual size: 7.9MB

.rsrc Size: 10KB - Virtual size: 10KB

.l1 Size: 20KB - Virtual size: 20KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 832KB - Virtual size: 832KB

.m5}
Size: 5.4MB - Virtual size: 5.4MB

.(?/
Size: 4KB - Virtual size: 4KB

.zI[
Size: 7.9MB - Virtual size: 7.9MB

.rsrc
Size: 10KB - Virtual size: 10KB

.l1
Size: 20KB - Virtual size: 20KB