4aea66bedaad5c8b1056774bae168a2d232eabd64e3cf4fba1123bce7b02f330

Sharing

Copy URL Twitter E-mail

General

Target

4aea66bedaad5c8b1056774bae168a2d232eabd64e3cf4fba1123bce7b02f330
Size

3.4MB
MD5

e9a5200b6b80a3b23b141658aea1eec1
SHA1

fed9253ff2ee87a505658811cb1bfd28788fabe1
SHA256

4aea66bedaad5c8b1056774bae168a2d232eabd64e3cf4fba1123bce7b02f330
SHA512

3fd585cf7da08cd3298b9447b26ae25c129c2fcaaccdf0c4b405bf5b58912152e76dc2615931f6f42060297f4189c853ad62af1790a805d70021ff425d2aec73
SSDEEP

98304:/i+Y/EMrJPS7rfhM2fn0jBg+TLFLOAkGkzdnEVomFHKnP:ah/E6tjBg+TLFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aea66bedaad5c8b1056774bae168a2d232eabd64e3cf4fba1123bce7b02f330

Files

4aea66bedaad5c8b1056774bae168a2d232eabd64e3cf4fba1123bce7b02f330
.exe windows:5 windows x86

915a1c620e79e6322eddd731d515c8b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetStdHandle
ExitProcess
QueryPerformanceFrequency
HeapQueryInformation
GetFileType
SetStdHandle
GetModuleHandleExW
GetConsoleMode
GetStringTypeW
CreateThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
FindNextFileW
FindFirstFileExW
RtlUnwind
OutputDebugStringW
ReadConsoleW
SetFilePointerEx
FreeLibraryAndExitThread
GetConsoleCP
GetDriveTypeW
FindFirstFileExA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
Sleep
GetTickCount
FindResourceExW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetTempFileNameA
GetTempPathA
GetACP
GetFileAttributesA
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CreateFileA
ResumeThread
SetThreadPriority
WaitForSingleObject
SetEvent
CloseHandle
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
GetModuleFileNameA
GetCurrentProcessId
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
CompareStringA
MultiByteToWideChar
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
GetLogicalDriveStringsA
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
DeleteFileA
CopyFileA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ExitThread
GetCurrentDirectoryW

user32

CopyAcceleratorTableA
CharNextA
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IntersectRect
GetAsyncKeyState
RealChildWindowFromPoint
CopyImage
GetMenuItemInfoA
DestroyMenu
CharUpperA
InvalidateRect
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
GetCursorPos
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
EnumDisplayMonitors
SystemParametersInfoA
LoadCursorW
LoadCursorA
SetRectEmpty
SetLayeredWindowAttributes
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawStateA
GetSystemMetrics
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
GetWindowThreadProcessId
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
ReleaseDC
GetDC
MapVirtualKeyA
GetKeyNameTextA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
InvalidateRgn
SetRect
GetNextDlgGroupItem
EnableWindow
SendMessageA
LoadIconW
GetWindowRect
UpdateWindow
AdjustWindowRectEx
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
MessageBeep
SetParent
MonitorFromPoint
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageA
LoadImageW
TrackMouseEvent
IsZoomed
LoadMenuW
GetSystemMenu
BeginPaint
SetForegroundWindow
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
SetTimer
KillTimer
GetFocus
PostMessageA
GetParent
UnregisterClassA
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
CreateAcceleratorTableA
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
UpdateLayeredWindow
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
SubtractRect
CharUpperBuffA
FrameRect
IsClipboardFormatAvailable
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
HideCaret
InvertRect
DrawIcon
DestroyCursor
GetWindowRgn
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
GetUpdateRect
SetClassLongA
DestroyAcceleratorTable
ModifyMenuA
SetMenuDefaultItem
GetMenuDefaultItem
GetIconInfo
CopyIcon

gdi32

ExtTextOutA
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsA
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectA
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesA
GetStockObject
GetTextCharsetInfo
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
GetTextExtentPoint32A
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgn
CreateHatchBrush
CombineRgn
GetDeviceCaps
CreateDCA
CopyMetaFileA
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
MoveToEx
CreateEllipticRgn
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
ShellExecuteA
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindExtensionA

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsAppThemed
DrawThemeText
GetWindowTheme

ole32

RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterMessageFilter
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
RegisterDragDrop
StgOpenStorageOnILockBytes

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
OleCreateFontIndirect
SafeArrayDestroy
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen

oledlg

ord8

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipDrawImageRectI

msvfw32

MCIWndCreateA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

mixerClose
mixerGetControlDetailsA
mixerGetLineInfoA
PlaySoundA
mixerSetControlDetails
mixerGetLineControlsA
mixerOpen

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

915a1c620e79e6322eddd731d515c8b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

msvfw32

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 318KB - Virtual size: 318KB

.data Size: 23KB - Virtual size: 47KB

.gfids Size: 108KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 124KB - Virtual size: 124KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 318KB - Virtual size: 318KB

.data
Size: 23KB - Virtual size: 47KB

.gfids
Size: 108KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 124KB - Virtual size: 124KB