dff82a8e1788d6dbe264c2aba48db9916aa0ef1980675af1288eb4211e21f0ba

Sharing

Copy URL Twitter E-mail

General

Target

dff82a8e1788d6dbe264c2aba48db9916aa0ef1980675af1288eb4211e21f0ba
Size

2.2MB
MD5

0be5e36fcef70372606dcbbf9b46cc7e
SHA1

1623b4e1fa45cbab54eb21afc9b3ef90996fa4d9
SHA256

dff82a8e1788d6dbe264c2aba48db9916aa0ef1980675af1288eb4211e21f0ba
SHA512

bd3d8a4384b263cd1c32af517d5c3cfff336aebefe1445eee7fbc76e838e3aacc3e91064cabb77de160d98bb67cb2e27e5f2c3d496ad46c412842d0dbe3810eb
SSDEEP

49152:YNeVU+dJAzkp8FoD4eZL36Knwp/pHTupej93l5:8SNJ8k6eZL36B0pARr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dff82a8e1788d6dbe264c2aba48db9916aa0ef1980675af1288eb4211e21f0ba

Files

dff82a8e1788d6dbe264c2aba48db9916aa0ef1980675af1288eb4211e21f0ba
.exe windows:4 windows x86

5712939bb9552a9183d7d99fee4a350a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetSystemDirectoryW
GetTickCount
SetEndOfFile
SetFilePointer
LocalAlloc
FlushFileBuffers
CreateFileA
LocalFree
TerminateThread
CreateThread
GetCurrentDirectoryW
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringW
GetLocalTime
TerminateProcess
OpenProcess
GetCurrentProcessId
GetCurrentDirectoryA
GetFullPathNameA
SetConsoleMode
ReadConsoleInputA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
LeaveCriticalSection
GetFileSize
GetModuleFileNameW
SystemTimeToFileTime
FlushConsoleInputBuffer
GlobalMemoryStatus
FindFirstFileA
GetVersion
GetSystemTime
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
GetConsoleOutputCP
WriteConsoleA
FindClose
GetLocaleInfoW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
HeapCreate
ExitProcess
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
GetSystemTimeAsFileTime
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
FindResourceW
LoadLibraryW
CopyFileW
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
LoadLibraryExW
GetFileAttributesW
CreateDirectoryW
SetFileAttributesW
GetTempPathW
WaitForMultipleObjects
SetEvent
lstrlenW
WriteFile
InterlockedCompareExchange
GetVersionExW
GlobalAlloc
GetCurrentThreadId
MultiByteToWideChar
Sleep
CloseHandle
GlobalLock
InitializeCriticalSection
GlobalUnlock
GetCommandLineW
InterlockedExchange
CreateMutexW
DeleteCriticalSection
OpenMutexW
FindResourceExW
RaiseException
WideCharToMultiByte
FreeResource
LoadResource
GetWindowsDirectoryW
FreeLibrary
GetPrivateProfileIntW
LockResource
SizeofResource
SetStdHandle
CreateFileW
EnterCriticalSection
GlobalFree
FlushInstructionCache
GetModuleHandleW
SetLastError
GetCurrentProcess
GetProcAddress
GetLastError
GetPrivateProfileStringW
DeleteFileW
WriteConsoleW
lstrlenA

user32

GetClassInfoExW
SetForegroundWindow
IsWindowVisible
GetWindow
IsWindow
UnionRect
GetWindowRect
IsWindowEnabled
GetWindowLongW
RegisterWindowMessageW
GetClientRect
GetDesktopWindow
MapWindowPoints
EnumDisplayDevicesW
GetDC
GetActiveWindow
LoadCursorW
EnableWindow
LoadBitmapW
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
UnregisterClassA
SystemParametersInfoW
LoadImageW
SetWindowPos
ReleaseDC
PostMessageW
DestroyWindow
RegisterClassExW
SetActiveWindow
SetWindowLongW
CopyRect
SendMessageW
DefWindowProcW
CreateWindowExW
GetParent
FindWindowW
IsIconic
ShowWindow
GetForegroundWindow
GetWindowThreadProcessId
MoveWindow
InvalidateRect
AttachThreadInput
InflateRect
OffsetRect
DrawFrameControl
SetRectEmpty
LoadIconW
DestroyIcon
PtInRect
SetRect
SetCursor
DrawTextW
GetDlgCtrlID
DrawIconEx
BringWindowToTop
EqualRect
GetDlgItem
CharNextW
SetTimer
KillTimer
wsprintfW
MonitorFromWindow
UpdateLayeredWindow
CallWindowProcW
GetMonitorInfoW
GetCursorPos
GetFocus
IsChild
IsDialogMessageW
SetFocus
IsRectEmpty
GetNextDlgTabItem
SetWindowRgn
EndPaint
PostThreadMessageW
PeekMessageW
BeginPaint
GetMessageW
ScreenToClient
SetCapture
TranslateMessage
ClientToScreen
DispatchMessageW
IntersectRect
ReleaseCapture
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
WindowFromPoint
DestroyCursor
GetSystemMetrics
EnumDisplaySettingsW

gdi32

CombineRgn
GetViewportOrgEx
ExtSelectClipRgn
SetViewportOrgEx
OffsetRgn
CreateRoundRectRgn
RectInRegion
GetClipRgn
GetTextColor
SetBkMode
MoveToEx
GetTextExtentPoint32W
LineTo
GetCurrentObject
RoundRect
CreateRectRgnIndirect
TextOutW
SetStretchBltMode
CreateFontIndirectW
SelectObject
CreatePen
StretchBlt
DeleteObject
CreateBitmap
GetStockObject
BitBlt
ExtTextOutW
SetBkColor
SetTextColor
CreateDIBSection
SaveDC
SelectClipRgn
Rectangle
CreateRectRgn
CreateCompatibleBitmap
GetDeviceCaps
GetObjectW
CreateCompatibleDC
RestoreDC
DeleteDC
CreateSolidBrush

advapi32

RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
ReportEventA
DeregisterEventSource
RegisterEventSourceA

shell32

SHCreateDirectoryExW
ShellExecuteW

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CoUninitialize
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr

shlwapi

StrToIntA
StrToIntW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathAddBackslashW
PathIsDirectoryW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

gdiplus

GdipCreatePath
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipSetPenDashStyle
GdipSetPenEndCap
GdipScaleWorldTransform
GdipGetFamily
GdipSetPenStartCap
GdipSetPenMode
GdipFillRectangle
GdipDrawLinesI
GdipAddPathStringI
GdipDrawLine
GdipGetFontSize
GdipCreatePen1
GdipDrawImageI
GdipDrawRectangleI
GdipDrawPath
GdipAddPathRectangle
GdipDeletePen
GdipCreateLineBrushFromRectWithAngleI
GdipAddPathArcI
GdipFillPath
GdipSetStringFormatAlign
GdipFillRectangleI
GdipSetStringFormatLineAlign
GdipMeasureString
GdipAddPathPieI
GdipSetStringFormatTrimming
GdipClosePathFigure
GdipSetTextRenderingHint
GdipDrawString
GdipAddPathRectangleI
GdipSetSmoothingMode
GdipCreateFont
GdipSetClipPath
GdipDeleteFont
GdipCloneBrush
GdipCreateFontFromLogfontW
GdipDeleteBrush
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipResetWorldTransform
GdipCreateStringFormat
GdipCreateSolidFill
GdipDeleteStringFormat
GdipDisposeImage
GdipSetStringFormatFlags
GdipDeletePath
GdipDeleteFontFamily
GdipCreateBitmapFromScan0
GdipNewPrivateFontCollection
GdipGetImageGraphicsContext
GdipDrawImageRectRectI
GdipGetImagePixelFormat
GdipDeletePrivateFontCollection
GdipCreateImageAttributes
GdipSetInterpolationMode
GdipDisposeImageAttributes
GdipPrivateAddFontFile
GdipCloneBitmapArea
GdipLoadImageFromFile
GdipGetFontCollectionFamilyCount
GdipFree
GdipDeleteGraphics
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipGetFontCollectionFamilyList
GdipImageRotateFlip
GdipCreateFromHDC
GdipCloneFontFamily
GdipGetImageWidth
GdipAlloc
GdipDrawImageRectRect
GdipGraphicsClear
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipDrawImagePointsRectI
GdipCreateHBITMAPFromBitmap
GdipLoadImageFromStream
GdipCloneImage
GdiplusShutdown
GdiplusStartup

ws2_32

WSAGetLastError
closesocket
send
getsockname
ntohs
bind
recv
getsockopt
getpeername
setsockopt
connect
socket
WSASetLastError
freeaddrinfo
getaddrinfo
__WSAFDIsSet
select
ioctlsocket
gethostname
WSAStartup
WSACleanup
shutdown
htons

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 372KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5712939bb9552a9183d7d99fee4a350a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

ws2_32

version

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 372KB - Virtual size: 369KB

.data Size: 56KB - Virtual size: 70KB

.rsrc Size: 284KB - Virtual size: 282KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 372KB - Virtual size: 369KB

.data
Size: 56KB - Virtual size: 70KB

.rsrc
Size: 284KB - Virtual size: 282KB