5fc24fdd1412551d0a9f6bdb38c8d871fd3bf69c292edc0eff8ab02d936695e4

Sharing

Copy URL Twitter E-mail

General

Target

5fc24fdd1412551d0a9f6bdb38c8d871fd3bf69c292edc0eff8ab02d936695e4
Size

6.8MB
MD5

e3b6c391dd3a1bdc5e4e4e735e7ddd86
SHA1

2d2af0d547e25d417e95865363812b614555255f
SHA256

5fc24fdd1412551d0a9f6bdb38c8d871fd3bf69c292edc0eff8ab02d936695e4
SHA512

dd1d7282ee4ae3a69e3c8e524b52df90fa8b0d36615bd256179fcd54de02fd427c7b25fcdebf3232a2ca2817f8f03c8b2a70f1fb27c6c63319a8aee579007084
SSDEEP

196608:3ojPSGeYzCZAlhPEIMwQANpBMZo/xnQQaC:UP7eYznlhPEIMwQANpBMi/xp1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fc24fdd1412551d0a9f6bdb38c8d871fd3bf69c292edc0eff8ab02d936695e4

Files

5fc24fdd1412551d0a9f6bdb38c8d871fd3bf69c292edc0eff8ab02d936695e4
.exe windows:6 windows x86

02139f213f9f7f367f75058364eac577

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
PeekNamedPipe
FindClose
GetFileAttributesW
GlobalFlags
GetCurrentDirectoryW
VirtualQuery
FileTimeToSystemTime
GetLocalTime
GetSystemTimeAsFileTime
lstrcmpiW
LoadLibraryExW
WriteFile
GetTempPathW
OpenFileMappingW
MapViewOfFile
GetCurrentProcess
FindNextFileW
GetCommandLineW
FindFirstFileW
ReadFile
FreeLibrary
LoadLibraryW
GetUserDefaultLCID
GetTickCount
FreeResource
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFullPathNameW
FlushFileBuffers
GetFileSizeEx
SetEndOfFile
SetStdHandle
GetConsoleOutputCP
GetTimeZoneInformation
LCMapStringW
CompareStringW
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
GetDriveTypeW
SetConsoleCtrlHandler
SetFilePointerEx
GetCommandLineA
GetModuleHandleExW
RtlUnwind
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
SystemTimeToFileTime
GetSystemTime
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetEnvironmentVariableW
ConvertFiberToThread
QueryPerformanceCounter
DeleteFiber
GetFileType
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WaitForMultipleObjects
CreateFileMappingW
GetProcAddress
CreateFileW
MultiByteToWideChar
UnmapViewOfFile
ResetEvent
GetSystemInfo
GetStringTypeW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
CreateSemaphoreW
GetCurrentProcessId
SetLastError
ExitProcess
Sleep
TryEnterCriticalSection
InitializeCriticalSection
GetTimeFormatW
GetDateFormatW
GetLocaleInfoW
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetModuleHandleW
IsDebuggerPresent
CreateEventW
CloseHandle
HeapFree
CreateThread
WaitForSingleObject
SetEvent
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
TerminateProcess

user32

SetWindowLongW
SetWindowPos
GetWindowLongW
SetFocus
IsWindow
MessageBoxW
GetDesktopWindow
GetActiveWindow
GetFocus
GetPropW
UnregisterClassW
WinHelpW
SetMenu
IsWindowEnabled
IsChild
GetDlgCtrlID
IsDialogMessageW
DrawIcon
SetWindowRgn
IsWindowVisible
GetSystemMenu
GetLastActivePopup
GetWindowTextLengthW
DrawTextW
SetRect
IsZoomed
GetTopWindow
IsRectEmpty
IntersectRect
GetClassNameW
IsIconic
BeginPaint
InvalidateRect
DestroyWindow
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
SendMessageW
SetWindowTextW
GetKeyState
SetCursor
GetUserObjectInformationW
GetProcessWindowStation
GetWindow
ShowWindow
EnableWindow
AdjustWindowRectEx
PostMessageW
ReleaseDC
GetClientRect
GetSystemMetrics
ClientToScreen
DestroyIcon
RedrawWindow
ScreenToClient
GetParent
LoadCursorW
LoadIconW
RegisterClassExW
RegisterClassW
GetClassInfoW
LoadStringW
CreateWindowExW
EnumDisplaySettingsW
SetClipboardData
EnumWindows
EmptyClipboard
CloseClipboard
GetMonitorInfoW
OpenClipboard
SetActiveWindow
MonitorFromWindow
GetWindowThreadProcessId
TranslateAcceleratorW
DestroyMenu
DestroyAcceleratorTable
DeleteMenu
GetDC
wsprintfW
CharNextW
GetClassInfoExW
GetNextDlgTabItem
EndPaint
GetWindowRect
LoadImageW
GetWindowTextW
CallWindowProcW
FillRect
GetSysColor
GetDlgItem
PostQuitMessage

gdi32

GetStockObject
RealizePalette
StretchBlt
GdiAlphaBlend
CreateCompatibleDC
SetDIBColorTable
CreateDIBSection
SelectObject
GetDIBits
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
SetTextColor
CreateEllipticRgn
CreateRoundRectRgn
GetClipBox
SetBkMode
SetBkColor
CombineRgn
CreateRectRgn
CreateFontIndirectW
SetStretchBltMode
GetObjectW
CreatePalette
SelectPalette
DeleteDC
GetSystemPaletteEntries
GetDeviceCaps

advapi32

CryptDestroyKey
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

shell32

Shell_NotifyIconW
DragAcceptFiles
DragQueryFileW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
DragFinish

ole32

CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
OleRun
CreateStreamOnHGlobal
CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoUninitialize
IIDFromString

oleaut32

VariantTimeToSystemTime
VariantClear
VariantChangeType
SafeArrayAccessData
VarCmp
VarUI4FromStr
SystemTimeToVariantTime
VarUdateFromDate
LHashValOfNameSys
SafeArrayGetDim
VariantInit
SafeArrayGetUBound
LoadTypeLi
SafeArrayGetLBound
VariantCopyInd
RegisterTypeLi
SysAllocString
VariantCopy
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayUnaccessData
SysFreeString

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

gdiplus

GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImagePalette
GdipSetCompositingMode
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipGetImageGraphicsContext

ws2_32

recv
WSACleanup
WSAStartup
closesocket
WSASetLastError
send
WSAGetLastError

winmm

timeEndPeriod
timeGetDevCaps
timeBeginPeriod

dsound

ord11

bcrypt

BCryptGenRandom

crypt32

CertFindCertificateInStore
CertCloseStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02139f213f9f7f367f75058364eac577

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

ws2_32

winmm

dsound

bcrypt

crypt32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 2.6MB - Virtual size: 2.6MB

.data Size: 31KB - Virtual size: 111KB

.rsrc Size: 2.3MB - Virtual size: 2.3MB

.reloc Size: 106KB - Virtual size: 106KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 31KB - Virtual size: 111KB

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

.reloc
Size: 106KB - Virtual size: 106KB