10b82ba80d970af43610ddaf355c4a21af6e006c1b47960a3080e6964bc30f05

Sharing

Copy URL Twitter E-mail

General

Target

10b82ba80d970af43610ddaf355c4a21af6e006c1b47960a3080e6964bc30f05
Size

1.0MB
MD5

2d26ec322e22d0a004a8f665243acaa8
SHA1

e6aa7e42a52b3826b149a04b15f5446ac4e09661
SHA256

10b82ba80d970af43610ddaf355c4a21af6e006c1b47960a3080e6964bc30f05
SHA512

fe206f818825daff7237a1fe4c07ffcf2d518f2e4fb4e3fdbe1fc05a1895789dddafe7c2cf0e80e659d0f4fd72a6c1872974ba1e0800161080fd8bb5ccbea8e7
SSDEEP

12288:l4pKW6b5wj4R7hLDcoaxYOZrRUPBV8d29XRVoBbxSRemz8bl8CGzXzam79RqlRJS:1X/LDcoJZXRVoBbxMC+5LqlS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10b82ba80d970af43610ddaf355c4a21af6e006c1b47960a3080e6964bc30f05

Files

10b82ba80d970af43610ddaf355c4a21af6e006c1b47960a3080e6964bc30f05
.exe windows:5 windows x86

4962db6d28de41f624104f2def0ca625

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalDeleteAtom
GetVersionExA
lstrcmpW
GlobalFindAtomA
FreeResource
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
ExitProcess
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
GetFullPathNameW
HeapReAlloc
HeapSize
ExitThread
CreateThread
GetACP
IsValidCodePage
HeapCreate
GetFileSizeEx
VirtualFree
FatalAppExitA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetStdHandle
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetStdHandle
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalFlags
GlobalAddAtomA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetStringTypeExA
MoveFileA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetAtomNameA
GlobalGetAtomNameA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleHandleW
CompareStringA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
DeleteFileW
GetCurrentProcess
GetCurrentProcessId
CreateDirectoryW
SetUnhandledExceptionFilter
FindNextFileW
FindFirstFileW
lstrcpyW
SetLastError
CreateFileW
FindResourceW
GetModuleFileNameW
IsDBCSLeadByte
LoadLibraryExA
InitializeCriticalSection
lstrlenW
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
RaiseException
DeleteCriticalSection
GetCurrentThreadId
WideCharToMultiByte
OpenProcess
WaitForSingleObject
Sleep
FindFirstFileA
lstrcmpA
FindNextFileA
FindClose
ExpandEnvironmentStringsA
GetModuleFileNameA
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
FreeLibrary
LoadLibraryA
GetProcAddress
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
lstrlenA
GetLastError
MultiByteToWideChar
SetFilePointer
GetFileSize
InterlockedCompareExchange
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
ReadFile
DeleteFileA
CreateFileA
WriteFile
HeapDestroy
CloseHandle

user32

MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CopyRect
CallWindowProcA
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetForegroundWindow
IsIconic
PostMessageA
SetWindowPos
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowLongA
IsWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
SetRect
SetScrollPos
SetCapture
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
UnregisterClassA
GetFocus
GetDesktopWindow
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
CharUpperA
DestroyIcon
GetWindowTextLengthA
GetWindowTextA
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuBarInfo
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
wsprintfW
CharNextA
LockWindowUpdate
GetDCEx
UnionRect
SetParent
GetSystemMenu
DefWindowProcA
DestroyWindow
IsRectEmpty
MapVirtualKeyA
GetKeyNameTextA
WindowFromPoint
KillTimer
SetFocus
SetTimer
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
InvalidateRect
SetRectEmpty
GetDialogBaseUnits
DestroyMenu
GetMenuItemInfoA
InflateRect
DeleteMenu
ShowOwnedPopups
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
RegisterWindowMessageA
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetScrollPos
GetMessagePos
GetClientRect

gdi32

ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsA
GetCharWidthA
CreateFontA
StretchDIBits
CreateCompatibleBitmap
GetBkColor
SetWorldTransform
ModifyWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
DeleteObject
CreateDCA
GetCurrentPositionEx
GetDeviceCaps
CopyMetaFileA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA

shell32

ExtractIconA
DragFinish
DragQueryFileA
SHGetFileInfoA

ole32

StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
StringFromGUID2
CoTreatAsClass
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject
CreateBindCtx
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemRealloc

oleaut32

SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
VariantChangeType
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SafeArrayGetElement
SysStringLen
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime
SysFreeString
VarUI4FromStr
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
VariantInit
SafeArrayPtrOfIndex
SafeArrayPutElement
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayLock

protectme

AddMe2Protect
AddFileAccessorPID
RemoveProtectedFile
RemoveProtectedKey
StopProtectMe
AddRegistryAccessorPID
AddProtectedFile
AddProtectedKey
AddFileAccessorProcessByName
BeginProtectMe
AddProtectedProcess

netcheckalarm

?IsCurrentAppAlreadyRun@@YAHXZ

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA

comctl32

InitCommonControlsEx

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 809KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4962db6d28de41f624104f2def0ca625

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

protectme

netcheckalarm

shlwapi

comctl32

oleacc

dbghelp

Sections

.text Size: 809KB - Virtual size: 809KB

.rdata Size: 164KB - Virtual size: 164KB

.data Size: 23KB - Virtual size: 39KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 809KB - Virtual size: 809KB

.rdata
Size: 164KB - Virtual size: 164KB

.data
Size: 23KB - Virtual size: 39KB

.rsrc
Size: 31KB - Virtual size: 30KB