72c0c0fd787e7438d890bfbd8bde5db216aa3e3d8ff6df662dc3ca038e7a8462

Sharing

Copy URL Twitter E-mail

General

Target

72c0c0fd787e7438d890bfbd8bde5db216aa3e3d8ff6df662dc3ca038e7a8462
Size

520KB
MD5

953741d5ac51ccfeb48bbbf8b789087f
SHA1

a205467c4293f358dfd3c7f2d87d1614d4ae9a01
SHA256

72c0c0fd787e7438d890bfbd8bde5db216aa3e3d8ff6df662dc3ca038e7a8462
SHA512

230f6384a75876b9e3ddf24925f749dd94927ddd874716b6c1146d9a5028e7894905f472a518dedca4efece27e970cf37a7150cf10e142fc01ae8facdf1159e8
SSDEEP

6144:D5gV02HSeL0tTiDZnYjxrXq1HcULrU7+OM4QA/kDxl09GejeAe+eBe6eLeMeZe9q:Fga2STiDZBRcULro+OR/kDxl0eUgg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72c0c0fd787e7438d890bfbd8bde5db216aa3e3d8ff6df662dc3ca038e7a8462

Files

72c0c0fd787e7438d890bfbd8bde5db216aa3e3d8ff6df662dc3ca038e7a8462
.exe windows:4 windows x86

379371e29473b68c81241b44c070f107

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
FreeEnvironmentStringsA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
UnhandledExceptionFilter
GetProfileStringA
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapSize
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetTickCount
GetCurrentDirectoryA
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
SizeofResource
SetLastError
GlobalFlags
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
MulDiv
GetShortPathNameA
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
GlobalReAlloc
GlobalAlloc
lstrcpynA
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetModuleHandleA
GetSystemDirectoryA
CreateFileA
GetFileSize
CloseHandle
MoveFileExA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
lstrlenA
GetThreadLocale
IsBadReadPtr
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetFileAttributesA

user32

IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowTextA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
LoadBitmapA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
EnableWindow
ModifyMenuA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
LoadCursorA
DefDlgProcA
IsWindowUnicode
SendMessageA
GetMenuCheckMarkDimensions
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
MoveWindow
ShowWindow
EnableMenuItem
CheckMenuItem
GetWindowTextLengthA
SetMenuItemBitmaps
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
MessageBoxA
wsprintfA
UpdateWindow
LoadMenuA
GetSubMenu
GetCursorPos
GetDesktopWindow
ReleaseDC
GetDC
CharUpperA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
DestroyMenu
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
PtInRect
IsZoomed
SetParent
IsRectEmpty
AppendMenuA
DeleteMenu
PostThreadMessageA
RegisterClipboardFormatA
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
DestroyIcon
GetMenuStringA
UnregisterClassA
GetMenuState
InsertMenuA
LockWindowUpdate
GetDCEx
InvertRect
SetCapture
WindowFromPoint
KillTimer
SetTimer
InflateRect
LoadStringA
GetSysColorBrush
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetClassNameA
SetRect
GetSystemMenu
DestroyCursor
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
FillRect
SetWindowsHookExA
FindWindowA

gdi32

DPtoLP
GetStockObject
Rectangle
CreatePen
GetViewportOrgEx
AbortDoc
SetAbortProc
CreateDCA
CreateFontIndirectA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
LPtoDP
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
ExtTextOutA
Escape
GetMapMode
SetRectRgn
CombineRgn
BitBlt
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
GetTextExtentPoint32A
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchDIBits
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetTextMetricsA
StartDocA
StartPage
TextOutA
DeleteDC
EndPage
CreateDIBitmap
GetTextExtentPointA
EndDoc

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
PrintDlgA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegCreateKeyA
RegCloseKey
SetFileSecurityA
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
ExtractIconA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime

odbc32

ord4
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord3
ord11
ord18
ord13
ord61
ord16
ord5
ord10
ord72

Sections

.text
Size: 364KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

379371e29473b68c81241b44c070f107

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

Sections

.text Size: 364KB - Virtual size: 360KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 364KB - Virtual size: 360KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 40KB - Virtual size: 39KB