ddb2ed135891c5274a5853dacde49e0b940ec25cebeceeb2b01d49b117092fda

Sharing

Copy URL Twitter E-mail

General

Target

ddb2ed135891c5274a5853dacde49e0b940ec25cebeceeb2b01d49b117092fda
Size

1.9MB
MD5

60c58a4496277abc734453b549ed839d
SHA1

fd9f53711c75c3e8f18c6aed499ed08c00f467d7
SHA256

ddb2ed135891c5274a5853dacde49e0b940ec25cebeceeb2b01d49b117092fda
SHA512

6a74e87d270b8dfd6fe5e3deb9e82a4683b23fce917dc07e9eef8108e84f28ca0b93ac2a18efe5990de83193b528de56935c7f2bc97ab7de92b34aa8578157b5
SSDEEP

49152:+sgfppCMx3iZ4EJPoRbKp/SRBsGWhRdfmqDWA5OEnN2vU0Xs5m9TCMP:ufppz3iaooRbKp/SRBsGWh7Oa5OEnkUk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddb2ed135891c5274a5853dacde49e0b940ec25cebeceeb2b01d49b117092fda

Files

ddb2ed135891c5274a5853dacde49e0b940ec25cebeceeb2b01d49b117092fda
.exe windows:5 windows x86

15c7e9fc75e5286511a4b6290bde4dcf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetStringTypeW
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
LCMapStringW
GetOEMCP
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
TerminateProcess
QueryPerformanceCounter
GetDateFormatA
GetTimeFormatA
InterlockedCompareExchange
GetACP
GetCPInfo
UnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
ExitProcess
GetFileType
SetStdHandle
RaiseException
RtlUnwind
HeapReAlloc
CreateThread
ExitThread
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
SetErrorMode
lstrcpyW
GetCurrentDirectoryW
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileW
lstrcmpiW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
FileTimeToSystemTime
GetThreadLocale
GlobalGetAtomNameW
GlobalFindAtomW
CompareStringW
ReleaseActCtx
CreateActCtxW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
FreeResource
GlobalAddAtomW
GetCurrentProcessId
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
ActivateActCtx
DeactivateActCtx
lstrcmpW
GetModuleHandleW
InterlockedExchange
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
lstrlenA
GetModuleFileNameW
PurgeComm
GetCommTimeouts
SetCommMask
CreateEventW
ResetEvent
GetOverlappedResult
ReadFile
Sleep
SetCommTimeouts
SetCommState
WriteFile
EscapeCommFunction
WaitForSingleObject
GetCommState
ClearCommError
CreateFileA
SetupComm
GetLocalTime
LocalFree
CloseHandle
LockResource
LocalAlloc
GetProcAddress
SetLastError
GetLastError
CreateFileW
GetVersionExW
SizeofResource
LoadLibraryW
GetSystemDirectoryW
GetProcessHeap
HeapFree
InterlockedDecrement
HeapAlloc
LoadResource
FreeLibrary
FindResourceW
GetLocaleInfoA

user32

IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
RegisterClipboardFormatW
UnpackDDElParam
ReuseDDElParam
LoadImageW
InsertMenuItemW
TranslateAcceleratorW
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
CreatePopupMenu
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IntersectRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
KillTimer
InvalidateRect
DeleteMenu
RealChildWindowFromPoint
CharUpperW
LoadCursorW
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
EnableWindow
SendMessageW
GetSystemMetrics
AppendMenuW
LoadIconW
GetClientRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
CopyRect
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
GetKeyNameTextW
DestroyCursor
MapVirtualKeyExW
SubtractRect
DrawTextW
TabbedTextOutW
FillRect
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
GetWindowRgn
DrawIcon
IsIconic
SetTimer
GetSystemMenu
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
GetMenuStringW
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
PostMessageW
SetCursor
ShowOwnedPopups
MessageBoxW
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetWindowThreadProcessId
LoadMenuW
GetWindowRect
SetWindowPos
MapDialogRect
SetWindowContextHelpId
GetWindow
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
SetWindowsHookExW
EndDialog
GetNextDlgTabItem
GetDlgItem
IsWindow
DestroyWindow
TranslateMDISysAccel

gdi32

EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
GetTextMetricsW
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
CreateCompatibleBitmap
CreateRectRgnIndirect
CreateDIBitmap
GetTextExtentPoint32W
CreateFontIndirectW
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateDCW
CopyMetaFileW
OffsetWindowOrgEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
RegEnumKeyW

shell32

SHBrowseForFolderW
ShellExecuteW
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

ole32

OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
CoInitializeEx
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoGetClassObject
CoTaskMemFree
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
SysAllocStringLen
VariantChangeType
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysFreeString
VariantInit
VariantClear

oledlg

OleUIBusyW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15c7e9fc75e5286511a4b6290bde4dcf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 301KB - Virtual size: 300KB

.data Size: 29KB - Virtual size: 1.1MB

.rsrc Size: 84KB - Virtual size: 84KB

.reloc Size: 176KB - Virtual size: 176KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 301KB - Virtual size: 300KB

.data
Size: 29KB - Virtual size: 1.1MB

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 176KB - Virtual size: 176KB