6570a2bd9a6a88fd386bf1425db80833df13e5d2e455936f7a6bf17138905e9f

Sharing

Copy URL

Twitter E-mail

General

Target

6570a2bd9a6a88fd386bf1425db80833df13e5d2e455936f7a6bf17138905e9f
Size

1.4MB
MD5

247ac685e238b8edcc95875e5303ec40
SHA1

6ac20bb4eaf13eda1f1411755195a02e81517bc4
SHA256

6570a2bd9a6a88fd386bf1425db80833df13e5d2e455936f7a6bf17138905e9f
SHA512

6f12e6999664f87184a26a71d14a6775c53a19256022fd198b9ea415d216ab21fa746fc2cbbeddc54dd5debc4e5fedbfe8bcaf9eea38e37802e025d1d018a235
SSDEEP

24576:YNWr3f/sXb7tVo2QxY1Yh8zLf0BaMiaKNwURcx/l9DOFBHq:u4PUftuxYM8zLGaTNzRE/HDOFNq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6570a2bd9a6a88fd386bf1425db80833df13e5d2e455936f7a6bf17138905e9f

Files

6570a2bd9a6a88fd386bf1425db80833df13e5d2e455936f7a6bf17138905e9f
.exe windows:5 windows x86

32219a95a6135020e8711a1248f6c0c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetW
ImageList_ReplaceIcon
InitCommonControlsEx
CreateToolbarEx
PropertySheetA
ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
ImageList_AddMasked
ord17
CreateStatusWindowW

mpr

WNetEnumResourceW
WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA
WNetOpenEnumW
WNetGetResourceParentA
WNetAddConnection2A
WNetGetResourceParentW
WNetGetResourceInformationA
WNetGetResourceInformationW
WNetAddConnection2W

kernel32

GetSystemInfo
GetProcAddress
LoadLibraryW
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcess
GetFileAttributesA
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
DeleteFileA
Process32Next
Process32First
CreateDirectoryA
VirtualAlloc
VirtualFree
CreateEventA
SetEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
AreFileApisANSI
GetTickCount
GlobalLock
GlobalUnlock
LoadLibraryExW
LoadLibraryExA
GetModuleFileNameW
LocalFree
FormatMessageW
FormatMessageA
GetWindowsDirectoryW
GetWindowsDirectoryA
GetSystemDirectoryW
GetSystemDirectoryA
SetFileTime
SetFileAttributesW
SetFileAttributesA
RemoveDirectoryW
RemoveDirectoryA
MoveFileW
MoveFileA
GetModuleHandleW
CreateDirectoryW
SetCurrentDirectoryW
SetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentDirectoryA
GetTempPathW
GetTempPathA
GetCurrentProcessId
GetCurrentThreadId
FindClose
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
GetFileAttributesW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstChangeNotificationA
GetLogicalDriveStringsW
GetLogicalDriveStringsA
DeviceIoControl
SetEndOfFile
GetFileInformationByHandle
GetVolumeInformationW
GetVolumeInformationA
GetDriveTypeW
GetDriveTypeA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
EnumResourceTypesA
GlobalFree
GlobalReAlloc
CreateProcessW
CreateProcessA
GetVersionExA
FileTimeToSystemTime
lstrlenA
HeapFree
HeapAlloc
GetProcessHeap
GlobalMemoryStatus
DosDateTimeToFileTime
FileTimeToDosDateTime
GetSystemTimeAsFileTime
GetStdHandle
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenEventA
SetProcessAffinityMask
CreateFileMappingA
WaitForMultipleObjects
FileTimeToLocalFileTime
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
MulDiv
FindNextChangeNotification
CopyFileA
GetStartupInfoA
CreatePipe
GetCommandLineW
GetCompressedFileSizeW
CopyFileW
GetPrivateProfileIntA
WritePrivateProfileStringA
ResumeThread
OutputDebugStringA
GlobalSize
SuspendThread
SetPriorityClass
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
GetLocaleInfoW
IsValidCodePage
GetOEMCP
GetACP
FlushFileBuffers
FatalAppExitA
ExitProcess
SetHandleCount
GetTimeZoneInformation
HeapDestroy
HeapCreate
GetConsoleMode
GetConsoleCP
GetFileType
InitializeCriticalSectionAndSpinCount
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
GetCPInfo
LCMapStringW
GetStartupInfoW
HeapSetInformation
FindFirstFileExA
HeapReAlloc
ExitThread
GetDateFormatA
GetTimeFormatA
RtlUnwind
RaiseException
InterlockedCompareExchange
DecodePointer
EncodePointer
InterlockedExchange
MultiByteToWideChar
CompareFileTime
WideCharToMultiByte
EnumResourceNamesA
EnumResourceLanguagesA
BeginUpdateResourceA
LoadLibraryA
SetLastError
FindResourceA
FreeLibrary
SizeofResource
LoadResource
LockResource
BeginUpdateResourceW
UpdateResourceA
EndUpdateResourceA
ReleaseMutex
WaitForSingleObject
CreateMutexW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateThread
DeleteFileW
CreateFileA
SetFilePointer
CloseHandle
ReadFile
WriteFile
CreateFileW
GetLastError
GetFileSize
GetCommandLineA
Sleep
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetEnvironmentVariableA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
WriteConsoleW
CompareStringW
GlobalAlloc

user32

SetFocus
SetCursor
ClientToScreen
RegisterClassExW
BeginPaint
GetClientRect
ReleaseDC
EndPaint
EnableWindow
SetParent
GetMessageA
TranslateMessage
DispatchMessageA
SetForegroundWindow
wsprintfW
RegisterClipboardFormatA
InvalidateRect
SetWindowPos
UpdateWindow
KillTimer
SetTimer
EndDialog
IsWindowVisible
DestroyWindow
LoadBitmapA
DestroyMenu
CreatePopupMenu
MessageBoxW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetWindowTextA
ReleaseCapture
RegisterClassW
GetWindowTextA
GetWindowTextLengthA
LoadStringW
LoadStringA
AppendMenuW
SetMenuItemInfoW
InsertMenuItemW
GetMenuItemInfoW
SetCapture
SetCaretPos
DestroyIcon
GetMenuItemCount
GetCursorPos
TrackPopupMenuEx
ChildWindowFromPointEx
WindowFromPoint
IsWindowEnabled
MapVirtualKeyA
GetMenu
LoadMenuA
SetMenu
DrawMenuBar
EnableMenuItem
CheckMenuItem
CheckMenuRadioItem
RemoveMenu
GetSubMenu
CheckRadioButton
IsDlgButtonChecked
CheckDlgButton
RegisterWindowMessageA
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
DispatchMessageW
LoadAcceleratorsA
TranslateAcceleratorA
LoadIconA
GetCapture
IsZoomed
FillRect
PostQuitMessage
HideCaret
GetWindowPlacement
SetWindowPlacement
GetParent
GetFocus
PostMessageA
GetSystemMetrics
GetWindowRect
FindWindowA
GetKeyState
GetClipboardData
GetWindowThreadProcessId
FindWindowExA
IsWindow
GetWindowLongA
CharUpperA
CharUpperW
OpenClipboard
CloseClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
SendMessageA
SendMessageW
ScreenToClient
MoveWindow
GetIconInfo
GetSysColor
InsertMenuItemA
AppendMenuA
SetMenuItemInfoA
CreateCaret
ShowCaret
CreateWindowExW
ShowWindow
SetWindowLongA
GetDlgItem
MapDialogRect
SystemParametersInfoA
GetDialogBaseUnits
CreateDialogParamA
DialogBoxParamA
CreateDialogParamW
DialogBoxParamW
CreateWindowExA
SetWindowLongW
CallWindowProcA
CallWindowProcW
DefWindowProcA
DefWindowProcW
RegisterClassA
LoadCursorA
GetClassInfoA
GetClassInfoW
GetMenuItemInfoA
GetDC

gdi32

CreateSolidBrush
CreateDIBSection
CreateFontIndirectA
GetObjectA
BitBlt
GetStockObject
SelectObject
DeleteDC
CreateCompatibleDC
GetDeviceCaps
SetBkColor
DeleteObject

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetOpenFileNameW

advapi32

GetTokenInformation
GetUserNameA
GetFileSecurityW
SetFileSecurityW
GetUserNameW
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumValueA
CreateProcessWithTokenW
DuplicateTokenEx
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
LookupPrivilegeValueW
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
OpenProcessToken

shell32

SHGetFolderPathA
DragFinish
SHChangeNotify
ExtractIconExW
SHFileOperationA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteExA
ShellExecuteA
SHGetFileInfoA
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA
DragQueryFileW
DragQueryFileA
SHGetSpecialFolderPathA

ole32

CoCreateInstance
DoDragDrop
RevokeDragDrop
RegisterDragDrop
CoTaskMemAlloc
OleUninitialize
OleInitialize
ReleaseStgMedium
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

SysFreeString
SysStringByteLen
VariantCopy
SysAllocString
SysStringLen
SysAllocStringLen
VariantClear

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExA

imagehlp

MakeSureDirectoryPathExists

ws2_32

getsockopt
select
closesocket
send
recv
connect
gethostbyname
htons
socket
WSAStartup
inet_ntoa
__WSAFDIsSet

netapi32

Netbios

imm32

ImmGetContext
ImmReleaseContext

shlwapi

PathFileExistsW
PathFileExistsA

gdiplus

GdipSetCompositingMode
GdipReleaseDC
GdipCreateFromHDC
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDrawString
GdipDeleteFont
GdipDeleteGraphics
GdipStringFormatGetGenericDefault
GdipDeleteStringFormat
GdipCloneStringFormat
GdipDeleteBrush
GdipAlloc
GdipFree
GdipGetImageWidth
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatAlign
GdipGetImageThumbnail
GdipBitmapGetPixel
GdipBitmapLockBits
GdipCreateBitmapFromHICON
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCloneImage
GdipDrawImageRectRectI
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDisposeImage
GdipDrawImageRectI

Sections

.text
Size: 929KB - Virtual size: 928KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

32219a95a6135020e8711a1248f6c0c2

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

mpr

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

version

psapi

imagehlp

ws2_32

netapi32

imm32

shlwapi

gdiplus

Sections

.text Size: 929KB - Virtual size: 928KB

.rdata Size: 197KB - Virtual size: 197KB

.data Size: 18KB - Virtual size: 33KB

.rsrc Size: 202KB - Virtual size: 201KB

.reloc Size: 115KB - Virtual size: 116KB

.text
Size: 929KB - Virtual size: 928KB

.rdata
Size: 197KB - Virtual size: 197KB

.data
Size: 18KB - Virtual size: 33KB

.rsrc
Size: 202KB - Virtual size: 201KB

.reloc
Size: 115KB - Virtual size: 116KB