810bdca77eba8213063cc21973c4cb2b072b0d9b59e0881b4bca8d8bb9c959cc

Sharing

Copy URL Twitter E-mail

General

Target

810bdca77eba8213063cc21973c4cb2b072b0d9b59e0881b4bca8d8bb9c959cc
Size

1.9MB
MD5

7713ec7b79db66c382885a0f604b640b
SHA1

c1c958a6767a1f59d5d808332ea4ecd79f16583c
SHA256

810bdca77eba8213063cc21973c4cb2b072b0d9b59e0881b4bca8d8bb9c959cc
SHA512

78cc1a4d6253d7fb46db916c16f822d225b3d2fc781268a887a165ba1ebdd62c01ebab3d7c1ad6a39407d3c13f78e75253a1ec76ac08ab6c8434eeac62b7617b
SSDEEP

49152:bBNia1AaPNWgMss/o9ZBzr6rZqlbs1M7qi23FImKw23LUMjxgk0WUWbIq:lN3AaPNWgMsZ9ZZ6rZqFsC7qi23KYM1F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
810bdca77eba8213063cc21973c4cb2b072b0d9b59e0881b4bca8d8bb9c959cc

Files

810bdca77eba8213063cc21973c4cb2b072b0d9b59e0881b4bca8d8bb9c959cc
.exe windows:5 windows x86

d20cb8be3e2c797ffabb50b0055c6076

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
GlobalFindAtomA
ActivateActCtx
GlobalGetAtomNameA
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
GetThreadLocale
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
SetThreadPriority
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFlags
GetACP
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetCPInfo
GetOEMCP
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetTickCount
GetProfileIntA
Sleep
SearchPathA
VirtualProtect
GetVersionExA
FindResourceExW
GetSystemTimeAsFileTime
RtlUnwind
EncodePointer
DecodePointer
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
HeapCreate
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoW
QueryPerformanceCounter
GetStringTypeW
CompareStringW
LCMapStringW
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
DeactivateActCtx
lstrcmpW
GetLastError
SetLastError
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
GetModuleHandleA
CompareStringA
LoadLibraryW
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
WriteFile
SetFileTime
GetCurrentDirectoryA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
ReadFile
CloseHandle
CreateFileA
SetFilePointer
GetFileAttributesA
SystemTimeToFileTime
FileTimeToSystemTime
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
OutputDebugStringA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
GlobalAddAtomA
SizeofResource
GetDriveTypeW

user32

SetWindowContextHelpId
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
IntersectRect
OffsetRect
DeleteMenu
GetSystemMenu
SetWindowRgn
RedrawWindow
SetTimer
KillTimer
SetCapture
WindowFromPoint
ReleaseCapture
MessageBeep
NotifyWinEvent
GetAsyncKeyState
IsZoomed
IsRectEmpty
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
SetMenuDefaultItem
GetMenuDefaultItem
WaitMessage
DestroyIcon
CharNextA
CopyAcceleratorTableA
SetRect
InvalidateRgn
GetNextDlgGroupItem
SetParent
DestroyAcceleratorTable
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
InvertRect
HideCaret
GetIconInfo
CopyImage
LoadImageA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
FrameRect
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
MapDialogRect
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemInt
GetDlgItem
CheckDlgButton
GetWindow
GetClassNameA
LoadBitmapW
InvalidateRect
UpdateWindow
FillRect
DrawStateA
EnableWindow
MessageBoxA
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
SendMessageA
EnableMenuItem
GetSubMenu
PostQuitMessage
MapVirtualKeyA
GetKeyNameTextA
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CharUpperA
EndPaint
GetWindowThreadProcessId
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
EqualRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
RegisterWindowMessageA
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
LoadMenuW
GetClientRect
GetMessagePos
SetWindowLongA
GetWindowLongA
PtInRect
GetWindowRect
SetClassLongA
SetCursor
LoadCursorA
GetCursorPos
wsprintfA
DrawIcon
IsIconic
LoadIconW
GetSystemMetrics
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetDoubleClickTime
ScreenToClient

gdi32

SetLayout
GetLayout
SetTextAlign
MoveToEx
CreateFontA
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetStockObject
SetPixelV
GetObjectA
GetTextFaceA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
GetRgnBox
GetTextColor
GetBkColor
CreateDIBSection
CreateRoundRectRgn
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
PatBlt
CreateRectRgnIndirect
GetTextExtentPoint32A
CreateFontIndirectA
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
SelectClipRgn
OffsetWindowOrgEx
SetWindowOrgEx
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateSolidBrush

shell32

DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
ShellExecuteA

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
SafeArrayDestroy
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen
VariantCopy

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

wldap32

ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord79
ord33
ord301
ord27
ord41
ord46
ord35

ws2_32

__WSAFDIsSet
WSASetLastError
WSACleanup
WSAStartup
select
inet_ntoa
setsockopt
htons
socket
send
WSAIoctl
getsockname
ntohs
getsockopt
getpeername
inet_addr
connect
recv
WSAGetLastError
closesocket
ntohl
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
gethostbyname
bind

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA
CryptAcquireContextA
CryptCreateHash
CryptHashData
RegCloseKey
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptReleaseContext
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
CryptGenRandom
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
IsAccelerator

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d20cb8be3e2c797ffabb50b0055c6076

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

wldap32

ws2_32

crypt32

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 335KB - Virtual size: 334KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 106KB - Virtual size: 106KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 335KB - Virtual size: 334KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 106KB - Virtual size: 106KB