b4da4bf13cb6960ac707dc49a0b239949319a9c8e28a3c54832967ee213e13af

Sharing

Copy URL Twitter E-mail

General

Target

b4da4bf13cb6960ac707dc49a0b239949319a9c8e28a3c54832967ee213e13af
Size

499KB
MD5

57a777a06c3e9183e9ffa395eff67df6
SHA1

92378881dcc0a5b76259267302bda39f64f4d5f7
SHA256

b4da4bf13cb6960ac707dc49a0b239949319a9c8e28a3c54832967ee213e13af
SHA512

d37d65186b8492057c45edc1576d419cfa3bca911957c9ac9639c2a1e28fc6e5c4951a8d26dde07e588f49a367c8b70b3bc39394d792e699d39751c3c8b2afe1
SSDEEP

12288:WqjIE18534kkX9pUiP4NmPQwPFAIzVL4/X/OPywV:W4IEAokm9pUiP4IPz9AIzF4nOKwV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4da4bf13cb6960ac707dc49a0b239949319a9c8e28a3c54832967ee213e13af

Files

b4da4bf13cb6960ac707dc49a0b239949319a9c8e28a3c54832967ee213e13af
.exe windows:5 windows x86

1418831ab541f4528a7979df7cb8f779

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
SetErrorMode
FileTimeToLocalFileTime
GetFileSizeEx
GetModuleHandleW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
ExitThread
HeapAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
GetProcessHeap
GetFileInformationByHandle
PeekNamedPipe
GetFileType
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetConsoleCP
GlobalFlags
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
CompareStringW
GetStringTypeA
GetStringTypeW
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetFileTime
FormatMessageA
LocalFree
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
ResumeThread
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
MulDiv
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
SetLastError
lstrcmpW
GetModuleHandleA
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetFileAttributesA
CreateDirectoryA
GetLocalTime
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
SetEvent
CreateEventA
WaitForSingleObject
VirtualFree
VirtualAlloc
GetFileSize
SetFilePointer
WriteFile
DeleteCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
InitializeCriticalSection
FindClose
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
lstrcpyA
GetPrivateProfileIntA
WritePrivateProfileStringA
IsDBCSLeadByte
Sleep
MoveFileA
TerminateThread
ExitProcess
CreateThread
GetModuleFileNameA
OutputDebugStringA
LoadLibraryA
GetProcAddress
CopyFileA
EnterCriticalSection
LeaveCriticalSection
SetCurrentDirectoryA
CreateFileMappingA
GetLastError
FreeLibrary
GetTickCount
CreateFileA
ReadFile
DeleteFileA
CreateProcessA
CloseHandle
GetWindowsDirectoryA
FindFirstFileA
FileTimeToSystemTime
FindNextFileA
GetConsoleMode
GetCurrentDirectoryA

user32

UnregisterClassA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
InvalidateRgn
CopyAcceleratorTableA
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetCursorPos
ReleaseCapture
SetCursor
LoadCursorA
ClientToScreen
SetWindowRgn
FillRect
IsRectEmpty
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
GetMenuItemInfoA
InflateRect
GetSysColorBrush
CharNextA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
SetCapture
DestroyMenu
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDlgCtrlID
GetFocus
IsChild
GetParent
IsWindow
AdjustWindowRectEx
CharUpperA
LoadBitmapA
GetClassLongA
SetClassLongA
LoadImageA
GetSystemMetrics
LoadIconA
GetWindowLongA
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetDC
GetClientRect
IsIconic
SendMessageA
DrawIcon
SetRect
PtInRect
PostQuitMessage
MessageBoxA
EnableWindow
GetClassNameA

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetDeviceCaps
CreateRectRgnIndirect
GetRgnBox
CreateCompatibleBitmap
GetBkColor
GetTextColor
GetMapMode
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
Rectangle
CreatePatternBrush
CreateSolidBrush
CreatePen
DeleteObject
BitBlt
SelectObject
GetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
ShellExecuteA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoTaskMemAlloc
CoRevokeClassObject
CoGetClassObject
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoUninitialize
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
SysStringLen
VariantChangeType
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString

ws2_32

send
gethostbyname
inet_ntoa
socket
ioctlsocket
htons
inet_addr
connect
select
closesocket
WSAStartup
recv

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1418831ab541f4528a7979df7cb8f779

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 361KB - Virtual size: 360KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 21KB - Virtual size: 40KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 361KB - Virtual size: 360KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 21KB - Virtual size: 40KB

.rsrc
Size: 29KB - Virtual size: 29KB