a677b52d393141c189b4e42f368ab9a10ec86ecd0ec7d62c32225e2af43fa98a

Sharing

Copy URL Twitter E-mail

General

Target

a677b52d393141c189b4e42f368ab9a10ec86ecd0ec7d62c32225e2af43fa98a
Size

4.2MB
MD5

87469fe6653242eb8c0e0cdf677c8ed5
SHA1

a6b564a35c0284a74870088e5061c9bf03d75c2b
SHA256

a677b52d393141c189b4e42f368ab9a10ec86ecd0ec7d62c32225e2af43fa98a
SHA512

9c94218199547726afe0bb0bbcd9650798cb104af48a2208af75bdb3d8d7db1e51c9bc3434b424249e9ff78ff66d1f88556a534235b26fc64875237fef2fd564
SSDEEP

98304:Kg259yHSdVvmbMXgmIvBbLeAsiljc2OWTxzMYq8JpPw:k53ddUWWTxzMYqE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a677b52d393141c189b4e42f368ab9a10ec86ecd0ec7d62c32225e2af43fa98a

Files

a677b52d393141c189b4e42f368ab9a10ec86ecd0ec7d62c32225e2af43fa98a
.exe windows:6 windows x86

1f2641c31f9544b44aa6b245b67ebca0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetApiBufferFree
NetGetJoinInformation
NetUserGetInfo
NetUserSetInfo

wldap32

ord26
ord27
ord127
ord167
ord41
ord145
ord79
ord133
ord117
ord208
ord216
ord14
ord147
ord301
ord142
ord219
ord46

ws2_32

gethostbyaddr
WSACloseEvent
getnameinfo
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
inet_addr
WSAWaitForMultipleEvents
WSASetLastError
WSAIoctl
gethostname
sendto
htons
recvfrom
WSACleanup
WSAStartup
getsockname
htonl
gethostbyname
ntohs
accept
listen
bind
getsockopt
recv
send
__WSAFDIsSet
select
connect
ioctlsocket
inet_ntoa
freeaddrinfo
getaddrinfo
socket
closesocket
setsockopt
WSAResetEvent
WSAGetLastError
getpeername

crypt32

CertOpenStore
CertCloseStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertOpenSystemStoreW
CertGetIntendedKeyUsage
CertGetEnhancedKeyUsage

kernel32

GlobalLock
MulDiv
SetThreadPriority
SuspendThread
lstrcmpA
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
OutputDebugStringA
GetCurrentThread
GlobalDeleteAtom
lstrcmpW
GetPrivateProfileIntW
WritePrivateProfileStringW
GlobalAddAtomW
EncodePointer
SwitchToFiber
CompareStringW
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
lstrcmpiW
GetThreadLocale
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GlobalGetAtomNameW
SetErrorMode
GlobalFlags
GetCurrentDirectoryW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetWindowsDirectoryW
lstrcpyW
FindResourceExW
GetTempPathW
GetProfileIntW
SearchPathW
GetTempFileNameW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetModuleHandleExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetEnvironmentVariableW
GetModuleHandleA
GetFileType
GetStdHandle
GetEnvironmentVariableA
GetSystemTimeAsFileTime
CompareFileTime
WaitForSingleObjectEx
MoveFileExW
GetSystemDirectoryW
SetLastError
WaitForMultipleObjects
SetEvent
ResetEvent
CreateEventW
FileTimeToSystemTime
SystemTimeToFileTime
GlobalSize
GetUserDefaultLangID
VirtualQuery
WriteFile
DuplicateHandle
ReadFile
PeekNamedPipe
CreateProcessW
GetStartupInfoW
CreatePipe
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32NextW
Process32FirstW
LoadLibraryW
LoadLibraryExW
GlobalFree
GlobalAlloc
GetSystemInfo
GetCurrentProcess
GetModuleHandleW
GetVersionExW
VerifyVersionInfoW
VerSetConditionMask
FormatMessageW
LocalFree
GetFileTime
CreateToolhelp32Snapshot
SleepEx
CreateFileW
GetModuleFileNameW
FindClose
FindFirstFileW
GetLogicalDrives
DeleteFileA
MoveFileA
GetLocalTime
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetPrivateProfileStringW
WinExec
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
CopyFileW
UnmapViewOfFile
GetSystemTime
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
FindNextFileW
ResumeThread
TerminateThread
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetSystemDefaultLangID
CreateMutexW
DeleteCriticalSection
CloseHandle
GetProcAddress
FreeLibrary
GetTickCount
GetDiskFreeSpaceExW
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileW
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrlenA
FindResourceW
SizeofResource
LockResource
LoadResource
Sleep
GetLastError
LoadLibraryA
GlobalUnlock
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
InitializeCriticalSectionEx
OutputDebugStringW
ReleaseSRWLockShared
AcquireSRWLockShared
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlUnwind
GetCommandLineA
GetCommandLineW
GetDriveTypeW
GetFileInformationByHandle
CreateThread
ExitThread
FreeLibraryAndExitThread
SetFilePointerEx
SetConsoleCtrlHandler
ExitProcess
SetStdHandle
HeapQueryInformation
VirtualAlloc
GetConsoleOutputCP
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
DeleteFiber
GlobalFindAtomW

user32

GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextW
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
DrawFocusRect
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
LoadImageW
TrackMouseEvent
GetMenuDefaultItem
CreatePopupMenu
GetAsyncKeyState
DestroyMenu
InflateRect
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
DestroyIcon
InvalidateRect
DeleteMenu
SystemParametersInfoW
CopyImage
OffsetRect
SetRectEmpty
SendDlgItemMessageA
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
CharUpperW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
TranslateMDISysAccel
SetScrollRange
SetCursorPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
SubtractRect
GetMessageTime
GetMessagePos
RegisterWindowMessageW
IsDialogMessageW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetFocus
CheckDlgButton
MoveWindow
ShowWindow
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetWindowLongW
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
LoadBitmapW
GetParent
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
CopyIcon
FrameRect
UnionRect
PostThreadMessageW
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
CallNextHookEx
SetWindowsHookExW
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
GetScrollPos
CreateMenu
DefMDIChildProcW
GetWindowRgn
DestroyCursor
GetScrollRange
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetUserObjectInformationW
GetProcessWindowStation
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
SetWindowTextW
GetDlgCtrlID
FindWindowA
UnregisterClassW
LoadIconW
GetDesktopWindow
GetClientRect
SetActiveWindow
DrawIcon
GetSystemMetrics
IsWindowEnabled
EnableWindow
KillTimer
SetTimer
GetActiveWindow
IsIconic
PostMessageW
SendMessageW
MessageBoxW
GetForegroundWindow

gdi32

CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
LPtoDP
OffsetRgn
RoundRect
FillRgn
Polygon
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreateRoundRectRgn
CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
CreateCompatibleBitmap
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CombineRgn
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
GetTextMetricsW
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
CreateHatchBrush
CreateCompatibleDC
Rectangle
Polyline
BitBlt
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
FrameRgn
EnumFontFamiliesW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
IsValidSid
GetTokenInformation
OpenProcessToken
RegEnumKeyExW
ChangeServiceConfigW
OpenSCManagerW
CloseServiceHandle
QueryServiceStatusEx
ControlService
OpenServiceW
EnumDependentServicesW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
DragQueryFileW
DragFinish
SHAppBarMessage
SHBrowseForFolderW
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
OpenThemeData
GetThemeColor
DrawThemeBackground
CloseThemeData
DrawThemeParentBackground
DrawThemeText
GetThemeSysColor

ole32

CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
CoDisconnectObject
CLSIDFromProgID
OleFlushClipboard
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoRevokeClassObject
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal

oleaut32

SafeArrayDestroy
SysStringLen
LoadTypeLi
VariantChangeType
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantClear
SysFreeString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString

oledlg

OleUIBusyW

winmm

PlaySoundW

bcrypt

BCryptGenRandom

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdiplusShutdown
GdipAlloc

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

wsock32

shutdown

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 837KB - Virtual size: 836KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f2641c31f9544b44aa6b245b67ebca0

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

wldap32

ws2_32

crypt32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

bcrypt

gdiplus

oleacc

imm32

wsock32

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 837KB - Virtual size: 836KB

.data Size: 42KB - Virtual size: 76KB

.rsrc Size: 37KB - Virtual size: 36KB

.reloc Size: 214KB - Virtual size: 213KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 837KB - Virtual size: 836KB

.data
Size: 42KB - Virtual size: 76KB

.rsrc
Size: 37KB - Virtual size: 36KB

.reloc
Size: 214KB - Virtual size: 213KB