8866f432910b2735ef101f6a6c3f79552e3db855de95b78c06868dc806cada39

Sharing

Copy URL Twitter E-mail

General

Target

8866f432910b2735ef101f6a6c3f79552e3db855de95b78c06868dc806cada39
Size

1.3MB
MD5

c6a2a8060b6efcce1fee6a3bc59f4e83
SHA1

1c0a071b127a7561a4067632a4cefaa94d741089
SHA256

8866f432910b2735ef101f6a6c3f79552e3db855de95b78c06868dc806cada39
SHA512

0cbb27011a229abcd394a0949bf7e3bddd0159d098fe1bb439df55672fe92cccfa6c0b0294f34236033fc4104836c3db5cd680ddf64fc0cd89ee43fc72dc602c
SSDEEP

12288:FY/iI6BVjQHQEzFVh4XDCK2S2h+jRnL7s969pnRgoqvLvjXFruJnYUA:Vje2V7MzrXAJZA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8866f432910b2735ef101f6a6c3f79552e3db855de95b78c06868dc806cada39

Files

8866f432910b2735ef101f6a6c3f79552e3db855de95b78c06868dc806cada39
.exe windows:6 windows x86

5ec5a45d7145ecfaa49357716e9e4b49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatEx
GlobalLock
GlobalUnlock
SetFileInformationByHandle
CompareFileTime
GetModuleFileNameW
GlobalAlloc
lstrcpyW
GetSystemTimeAsFileTime
MulDiv
MultiByteToWideChar
WideCharToMultiByte
LocalAlloc
FreeLibrary
LoadLibraryExW
GetCurrentProcess
CreateMutexW
ReleaseMutex
GetCurrentProcessId
lstrcmpiW
Sleep
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
LCMapStringW
CompareStringW
FreeEnvironmentStringsW
GetSystemTime
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
SystemTimeToFileTime
SetFilePointerEx
ResetEvent
CreateThread
CloseHandle
DeleteFileW
FileTimeToSystemTime
SetEvent
CreateEventW
CreateFileW
WaitForSingleObject
SetEndOfFile
SetFileTime
WriteFile
GetFileSizeEx
ReadFile
LocalFree
FindResourceW
LoadResource
FindResourceExW
RaiseException
MoveFileW
LockResource
FormatMessageW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
SizeofResource
GetModuleHandleW
GetProcAddress
GetLocalTime
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
WriteConsoleW
GetEnvironmentStringsW
HeapFree

user32

DrawEdge
InvalidateRect
GetCursorPos
BeginPaint
EndPaint
GetWindowThreadProcessId
GetMessageW
GetWindow
MonitorFromWindow
GetSystemMetrics
LoadAcceleratorsW
ShowWindow
DispatchMessageW
GetMonitorInfoW
SetMenuItemInfoW
PeekMessageW
MapWindowPoints
SetWindowPlacement
PostQuitMessage
TranslateMessage
FindWindowW
UpdateWindow
ExitWindowsEx
IsDialogMessageW
SetTimer
GetActiveWindow
GetWindowPlacement
InflateRect
KillTimer
DialogBoxParamW
GetParent
GetDesktopWindow
GetDlgItem
SetWindowLongW
SetDlgItemTextW
SetWindowTextW
SetDlgItemInt
GetMenuItemID
AddClipboardFormatListener
RemoveClipboardFormatListener
TranslateAcceleratorW
FlashWindow
GetForegroundWindow
SetMenuDefaultItem
GetMenu
SetActiveWindow
SetForegroundWindow
IsIconic
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
GetWindowDC
SetClipboardData
IsClipboardFormatAvailable
UnregisterClassW
EndDialog
SetWindowPos
GetWindowRect
GetAsyncKeyState
GetWindowLongW
LoadImageW
LoadStringW
SendMessageW
CreateWindowExW
DestroyWindow
GetWindowTextW
EnableWindow
CheckDlgButton
DrawTextW
GetDlgItemInt
LoadIconW
GetMenuItemCount
ShowOwnedPopups
SetFocus
LoadBitmapW
IsDlgButtonChecked
IsWindowEnabled
SendDlgItemMessageW
GetDlgCtrlID
RedrawWindow
IsWindow
ReleaseDC
DefWindowProcW
LoadMenuW
CallWindowProcW
FillRect
RegisterClassExW
TrackPopupMenu
GetSubMenu
ClientToScreen
GetSysColor
DestroyMenu
LoadCursorW
SetCapture
SetCursor
GetClientRect
AppendMenuW
GetClassInfoExW
PtInRect
ReleaseCapture
GetWindowTextLengthW
CreateDialogParamW
PostMessageW
MessageBoxW
ScreenToClient

gdi32

BitBlt
CreateCompatibleBitmap
TextOutW
GetTextExtentPoint32W
LineTo
CreatePen
Polygon
MoveToEx
CreateSolidBrush
EnumFontFamiliesExW
GetDeviceCaps
SetBkColor
CreateFontIndirectW
ExtTextOutW
SelectObject
CreateCompatibleDC
DeleteDC
GetStockObject
SetTextColor
DeleteObject
SetBkMode

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW

shell32

Shell_NotifyIconW
ord165
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetKnownFolderPath
ShellExecuteW

ole32

OleInitialize
OleUninitialize
ReleaseStgMedium
CoTaskMemFree
RegisterDragDrop
CoCreateInstance

shlwapi

StrStrIW
PathIsDirectoryW
UrlGetPartW
PathFileExistsW

msimg32

AlphaBlend

comctl32

ImageList_Create
ord345
ImageList_LoadImageW
ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
InitCommonControlsEx
ImageList_Add

wininet

HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenW
HttpSendRequestW
InternetQueryOptionW
HttpAddRequestHeadersW
InternetReadFile
InternetGetLastResponseInfoW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpQueryInfoW
InternetCloseHandle

uxtheme

EnableThemeDialogTexture
SetWindowTheme

powrprof

SetSuspendState

bcrypt

BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptHashData
BCryptCreateHash
BCryptGetProperty

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1008KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ec5a45d7145ecfaa49357716e9e4b49

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msimg32

comctl32

wininet

uxtheme

powrprof

bcrypt

Sections

.text Size: 268KB - Virtual size: 268KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 10KB - Virtual size: 13KB

.rsrc Size: 1008KB - Virtual size: 1008KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 268KB - Virtual size: 268KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 10KB - Virtual size: 13KB

.rsrc
Size: 1008KB - Virtual size: 1008KB

.reloc
Size: 17KB - Virtual size: 17KB