09980a88f0acd0f1b0d7ce86b97e05ec270849939c0a297add38a52ba3b42e70

Sharing

Copy URL

Twitter E-mail

General

Target

09980a88f0acd0f1b0d7ce86b97e05ec270849939c0a297add38a52ba3b42e70
Size

1.6MB
MD5

b2aaae09a457a65db2422ee32d363aff
SHA1

2847bea947604b9da45c7ab3246bfb2ee068cc70
SHA256

09980a88f0acd0f1b0d7ce86b97e05ec270849939c0a297add38a52ba3b42e70
SHA512

7ab6de1628b637b13433dd524b47210f4addb052616de7be7abdc0667e10c4396b4630eb93c315b7cc30ec86509b4505eff64ec7ed22a364bf2dd34560b5ff34
SSDEEP

49152:qqW/PStgtdnHrs4RJb3/SN+0YXAQXj9TmFhm:gStgtRXRV3i+0YwQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09980a88f0acd0f1b0d7ce86b97e05ec270849939c0a297add38a52ba3b42e70

Files

09980a88f0acd0f1b0d7ce86b97e05ec270849939c0a297add38a52ba3b42e70
.exe windows:5 windows x86

50f6498bb7e4ee61683c8d220e971edc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GlobalUnlock
FileTimeToSystemTime
GlobalLock
GetComputerNameW
GetFileSize
FindResourceExW
GetCurrentDirectoryW
CreateDirectoryW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
GetVersionExW
RemoveDirectoryW
DeleteCriticalSection
GetDiskFreeSpaceW
GlobalFree
EnterCriticalSection
MultiByteToWideChar
LeaveCriticalSection
Sleep
GlobalAlloc
InitializeCriticalSection
SystemTimeToFileTime
CreateMutexW
GetVolumeInformationW
VirtualAlloc
WideCharToMultiByte
VirtualFree
GetCurrentProcessId
GetCurrentThreadId
GetCurrentDirectoryA
VirtualProtect
GetProcAddress
CreateDirectoryA
LoadLibraryW
SetUnhandledExceptionFilter
FreeLibrary
CreateFileA
GetExitCodeProcess
SetFileAttributesW
GetDiskFreeSpaceExW
GetFileAttributesW
GetLogicalDriveStringsW
GetDriveTypeW
GetFileSizeEx
DeviceIoControl
GetTickCount
SetFilePointerEx
DeleteFileA
DeleteFileW
GetWindowsDirectoryW
CloseHandle
DuplicateHandle
lstrlenW
SetLastError
MulDiv
LocalFree
FormatMessageW
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
CompareStringW
lstrlenA
GetUserDefaultLCID
lstrcmpA
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetVersionExA
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GlobalFlags
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetModuleHandleA
InterlockedExchange
GetLocaleInfoW
SetFileTime
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetCPInfo
GetCommandLineA
GetStartupInfoA
HeapReAlloc
RtlUnwind
RaiseException
GetSystemInfo
VirtualQuery
HeapSize
ExitProcess
HeapCreate
HeapDestroy
GetStdHandle
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetProcessHeap
InterlockedCompareExchange
FindNextFileW
DosDateTimeToFileTime
GetModuleFileNameA
CreatePipe
CreateEventW
LockResource
GetLocalTime
FindClose
GetLastError
CreateFileW
GetModuleFileNameW
ReadFile
TerminateProcess
SizeofResource
CopyFileW
WriteFile
WaitForSingleObject
GetCurrentProcess
CreateProcessW
LoadResource
FindResourceW
PeekNamedPipe
FindFirstFileW

user32

ValidateRect
GetCursorPos
TranslateMessage
GetMessageW
DestroyMenu
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
BeginPaint
EndPaint
InvalidateRect
SetCursor
ReleaseCapture
SetRect
SetTimer
KillTimer
IsRectEmpty
SetCapture
RegisterClassExW
UpdateLayeredWindow
GetUpdateRect
wvsprintfW
CharNextW
DrawIconEx
CharPrevW
CreateCaret
HideCaret
ShowCaret
SetCaretPos
InvalidateRgn
CreateAcceleratorTableW
SetPropW
GetPropW
RemovePropW
SetFocus
GetForegroundWindow
DispatchMessageW
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
GetKeyState
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CopyRect
PtInRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindow
LoadCursorW
SendMessageW
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetWindowTextLengthW
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowTextW
RegisterWindowMessageW
LoadIconW
IsWindow
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetDC
InflateRect
OffsetRect
ReleaseDC
SetWindowRgn
IsIconic
SetForegroundWindow
IntersectRect
MonitorFromWindow
MapWindowPoints
GetMonitorInfoW
MoveWindow
CharLowerW
PostMessageW
ClientToScreen
ScreenToClient
PostQuitMessage
GetClassLongW
PeekMessageW
GetClassNameW
IsZoomed
GetClientRect
CharUpperW
GetWindowRect
GetParent
GetWindowLongW
GetWindowTextW
GetDlgItem
SetWindowLongW
EndDialog
SetWindowPos
CallWindowProcW
FindWindowW
ShowWindow
wsprintfW
GetSystemMetrics

gdi32

SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
CreatePen
CreateSolidBrush
CreateCompatibleBitmap
CreateRectRgnIndirect
CombineRgn
SelectClipRgn
MoveToEx
LineTo
GetStockObject
GetTextMetricsW
Rectangle
CreateDIBSection
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
DeleteObject
CreateRoundRectRgn
StretchBlt
SetTextColor
SetBkColor
GetObjectW
CreateFontIndirectW
CreateCompatibleDC
BitBlt
ExtTextOutW
GetTextExtentPoint32W
SaveDC
RestoreDC
SetBkMode
SetStretchBltMode
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
GetClipBox
CreateBitmap
GetDeviceCaps
SetMapMode
GetObjectA
GetCharABCWidthsW
RoundRect
CreatePenIndirect
OffsetViewportOrgEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

GetUserNameW
RegCloseKey
RegOpenKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA

shell32

SHGetSpecialFolderPathW
ord165
ShellExecuteW
SHGetFileInfoW

ole32

CoTaskMemFree
CoInitialize
OleUninitialize
OleInitialize
CoUninitialize
CoCreateInstance
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleLockRunning

oleaut32

LoadRegTypeLi
DispInvoke
DispGetIDsOfNames
SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi
VariantInit
VariantChangeType
VariantCopy
SysStringLen
VariantClear

shlwapi

PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecA
SHCreateStreamOnFileEx
PathIsDirectoryEmptyW
PathFindFileNameW
PathAppendW
PathFindExtensionW
PathRemoveFileSpecW

gdiplus

GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdipDeleteFont
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipDeleteBrush
GdiplusShutdown
GdiplusStartup
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteStringFormat
GdipCloneBrush

dbghelp

MiniDumpWriteDump

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 671KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50f6498bb7e4ee61683c8d220e971edc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

dbghelp

oleacc

winspool.drv

comctl32

Sections

.text Size: 671KB - Virtual size: 671KB

.rdata Size: 139KB - Virtual size: 138KB

.data Size: 15KB - Virtual size: 34KB

.rsrc Size: 706KB - Virtual size: 705KB

.reloc Size: 65KB - Virtual size: 65KB

.text
Size: 671KB - Virtual size: 671KB

.rdata
Size: 139KB - Virtual size: 138KB

.data
Size: 15KB - Virtual size: 34KB

.rsrc
Size: 706KB - Virtual size: 705KB

.reloc
Size: 65KB - Virtual size: 65KB