02b8e284bc50d9b4562f123c5e378864b4a83afeabf4cab8eec053fb3b8c520b

Sharing

Copy URL Twitter E-mail

General

Target

02b8e284bc50d9b4562f123c5e378864b4a83afeabf4cab8eec053fb3b8c520b
Size

2.2MB
MD5

ab091ae762168ac194954a2b34631286
SHA1

a179585b1fe202d7d6bd3433801bb244840956ba
SHA256

02b8e284bc50d9b4562f123c5e378864b4a83afeabf4cab8eec053fb3b8c520b
SHA512

f29884f892496fa1a66c64848b187ee994ecb9388cd6ec7e21a9528e51432836d77de975987817bcf86c26b58c209c1461b723f3fdf8f2efe699aef4fc3f7093
SSDEEP

49152:W6ZCKghRE+KjaCtR/SpjQpJSf3/uJ1mfPwCfLHpjdAO4xqpq32P7w:WTREHjaU/QEpA3/uJ1mnLDHpjdC9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b8e284bc50d9b4562f123c5e378864b4a83afeabf4cab8eec053fb3b8c520b

Files

02b8e284bc50d9b4562f123c5e378864b4a83afeabf4cab8eec053fb3b8c520b
.exe windows:5 windows x86

ad5dc74781ef3b0ff3ea059bc641bfaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lcksafedoc

EFS_SetEncryptProcessPoilcyExW

kernel32

WriteConsoleA
GetConsoleCP
IsValidLocale
SetEnvironmentVariableA
GetTimeZoneInformation
GetDateFormatA
InterlockedCompareExchange
GetProcessHeap
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
LCMapStringA
WriteConsoleW
GetConsoleMode
GetTimeFormatA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
CreateThread
ExitThread
GetSystemTimeAsFileTime
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
VirtualProtect
Sleep
GetProfileIntW
SearchPathW
SetErrorMode
GetFileTime
GlobalGetAtomNameW
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
GlobalReAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
FindActCtxSectionStringW
CompareStringA
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
lstrlenA
GetModuleHandleA
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
MulDiv
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
SetFileAttributesW
RemoveDirectoryW
WritePrivateProfileStringW
FlushFileBuffers
ReleaseMutex
GetCurrentThreadId
CreateMutexW
LoadLibraryExW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ProcessIdToSessionId
SetFilePointer
OutputDebugStringW
WaitForSingleObject
CreateProcessW
CopyFileW
lstrcpyW
CreateFileA
GetVersionExW
GetWindowsDirectoryW
DeleteFileW
MoveFileExW
GetTempFileNameW
GetCurrentProcess
CreateDirectoryW
WriteFile
ReadFile
GetFileSize
GetDriveTypeW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesExW
FreeLibrary
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
GetTempPathW
CloseHandle
GetFileSizeEx
CreateFileW
GetCurrentDirectoryW
GetProcAddress
GetModuleHandleW
LoadLibraryW
InterlockedDecrement
GetLastError
GetModuleFileNameW
SetLastError
FindResourceW
SizeofResource
FreeResource
LockResource
LoadResource
FindResourceExW
GetSystemDirectoryW
GetFileAttributesW
GetUserDefaultUILanguage
GetPrivateProfileIntW
lstrlenW
lstrcmpiW
GetConsoleOutputCP

user32

InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
SetClassLongW
SetParent
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
UpdateLayeredWindow
WindowFromPoint
KillTimer
DeleteMenu
UnregisterClassW
SetWindowRgn
DrawFrameControl
DrawEdge
DrawIconEx
RegisterClipboardFormatW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
UnionRect
NotifyWinEvent
GetAsyncKeyState
ReleaseCapture
LoadCursorW
EnableScrollBar
HideCaret
SetCapture
DrawFocusRect
InvertRect
IsRectEmpty
DestroyMenu
GetMenuItemInfoW
ShowOwnedPopups
SetCursor
SetWindowContextHelpId
MapDialogRect
SystemParametersInfoW
MessageBeep
IsZoomed
PostQuitMessage
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
GetMenuState
GetMenuStringW
InsertMenuW
RemoveMenu
GetWindowThreadProcessId
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
CheckDlgButton
GetMessageW
TranslateMessage
ValidateRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
GetDesktopWindow
IsWindowEnabled
EnableWindow
GetActiveWindow
SetActiveWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
ReuseDDElParam
UnpackDDElParam
SetCursorPos
IsClipboardFormatAvailable
GetIconInfo
CopyIcon
GetDoubleClickTime
CharUpperBuffW
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
GetWindowRgn
TabbedTextOutW
SendMessageW
GetCursorPos
ScreenToClient
LoadIconW
MessageBoxW
GetDC
ReleaseDC
GetSystemMenu
AppendMenuW
GetClientRect
MapWindowPoints
IsIconic
GetSystemMetrics
DrawIcon
InvalidateRect
SetTimer
RedrawWindow
InflateRect
FillRect
OffsetRect
SetRectEmpty
LoadBitmapW
PtInRect
GetSysColor
CopyRect
GetSysColorBrush
FrameRect
DrawStateW
UpdateWindow
GetClassNameW
UnhookWindowsHookEx
EndDialog
GetNextDlgTabItem
GetParent
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
GetWindow
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
SetWindowPos
SetWindowLongW
GetMenu
DestroyCursor

gdi32

StretchBlt
SetPixel
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
Polyline
SetRectRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
OffsetRgn
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
CombineRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
SetPixelV
EnumFontFamiliesExW
GetTextFaceW
TextOutW
RectVisible
PtVisible
RealizePalette
SetDIBColorTable
GetDIBits
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
Rectangle
Polygon
Ellipse
CreateCompatibleBitmap
CreateDIBSection
CreateFontIndirectW
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
FrameRgn
DeleteObject
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetObjectW
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
SelectObject
CreateSolidBrush
GetTextColor
ExtTextOutW

msimg32

TransparentBlt
AlphaBlend

comdlg32

CommDlgExtendedError
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW
OpenServiceW
QueryServiceStatus
StartServiceW
CloseServiceHandle
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyW
OpenProcessToken
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
RegSetValueExW
RegCreateKeyW

shell32

DragQueryFileW
SHGetPathFromIDListW
ord680
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
SHAppBarMessage
ShellExecuteW
SHBrowseForFolderW
DragFinish

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFileExistsW
StrToIntW
StrStrW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleGetClipboard
CoUninitialize
CoCreateGuid
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleLockRunning
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
CoInitialize
CoLockObjectExternal
RevokeDragDrop
RegisterDragDrop

oleaut32

SysFreeString
VariantClear
VariantTimeToSystemTime
VariantInit
VariantChangeType
SysAllocString
VariantCopy
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
SafeArrayDestroy
LoadTypeLi
OleCreateFontIndirect

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipLoadImageFromFile
GdiplusStartup
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageHeight
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree

wininet

InternetSetOptionExW
InternetQueryDataAvailable
HttpOpenRequestW
InternetConnectW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad5dc74781ef3b0ff3ea059bc641bfaf

Headers

DLL Characteristics

File Characteristics

Imports

lcksafedoc

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

wininet

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 384KB - Virtual size: 384KB

.data Size: 37KB - Virtual size: 74KB

.rsrc Size: 89KB - Virtual size: 89KB

.reloc Size: 168KB - Virtual size: 168KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 384KB - Virtual size: 384KB

.data
Size: 37KB - Virtual size: 74KB

.rsrc
Size: 89KB - Virtual size: 89KB

.reloc
Size: 168KB - Virtual size: 168KB