b5e7163eaac0e737fe08a085e6bbdab13baf8e1e03278ddc2ffc42eab00c1420

Sharing

Copy URL Twitter E-mail

General

Target

b5e7163eaac0e737fe08a085e6bbdab13baf8e1e03278ddc2ffc42eab00c1420
Size

9.7MB
MD5

5ba2f0ee247b603f71a297579a419e8c
SHA1

40616492f0a44eaeeee90031e64eca857a321edd
SHA256

b5e7163eaac0e737fe08a085e6bbdab13baf8e1e03278ddc2ffc42eab00c1420
SHA512

21f76cea6ec305ab9419ac30249474e1f760344310e99237c0209388de58a061085809eb618faefb3d6a58a4e25126fcc9378eb8b2d5ba34d36de3027e54fc7d
SSDEEP

98304:5D/s50b2RNUTj39TZ9n8CVdeahh28IUu04ttt+1Wp8:QRWxLxfhhHSp8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5e7163eaac0e737fe08a085e6bbdab13baf8e1e03278ddc2ffc42eab00c1420

Files

b5e7163eaac0e737fe08a085e6bbdab13baf8e1e03278ddc2ffc42eab00c1420
.exe windows:5 windows x86

896bd82f192d2a260dd31070e00b8466

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetProcessHeap
GetConsoleMode
GetConsoleCP
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetDateFormatA
IsValidCodePage
GetTimeFormatA
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
GetFileType
SetStdHandle
HeapReAlloc
RaiseException
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitThread
HeapFree
HeapAlloc
ExitProcess
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempFileNameW
SetErrorMode
GlobalGetAtomNameW
lstrlenA
lstrcpyW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
FindNextFileW
GetModuleHandleA
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetVersionExW
GetThreadLocale
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
GetCurrentProcessId
SetLastError
GlobalAddAtomW
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GetModuleHandleW
GetPrivateProfileIntW
WritePrivateProfileStringW
FindClose
FindFirstFileW
CreateDirectoryW
GetTempPathW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
GetCurrentDirectoryW
GetModuleFileNameW
DeleteFileW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
GetTickCount
CancelIo
WaitForSingleObject
ReleaseSemaphore
WaitForMultipleObjects
WaitCommEvent
PurgeComm
SetCommMask
GetCommMask
ResetEvent
ReadFile
ClearCommError
GetOverlappedResult
WriteFile
CloseHandle
CreateThread
CreateSemaphoreW
SetCommState
GetCommState
CreateEventW
CreateFileW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
CreateMutexW
GetSystemDefaultLCID
Sleep
SetThreadUILanguage
MultiByteToWideChar
FindResourceW
SizeofResource
LoadResource
LockResource
GetDriveTypeA

user32

MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
RegisterWindowMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSysColor
DestroyMenu
GetMenuItemInfoW
InflateRect
UnhookWindowsHookEx
SetFocus
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
CheckDlgButton
GetWindowTextLengthW
GetWindowTextW
GetMenuStringW
GetMenuItemID
LoadMenuW
LockWindowUpdate
GetLastActivePopup
MessageBoxW
ShowOwnedPopups
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
WinHelpW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
PostQuitMessage
SetRectEmpty
GetDlgCtrlID
DestroyCursor
GetWindowRgn
LoadIconW
PostMessageW
GetSystemMenu
CopyRect
SetCapture
ReleaseCapture
ReleaseDC
LoadBitmapW
GetDC
GetWindowLongW
SetWindowLongW
GetSubMenu
InsertMenuW
SetWindowRgn
FrameRect
SetWindowPos
GetCursorPos
EnableMenuItem
SetRect
SetParent
GetFocus
GetParent
SetTimer
PtInRect
CharUpperW
WindowFromPoint
WaitMessage
DeleteMenu
GetSysColorBrush
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsW
MessageBoxExW
EnableWindow
KillTimer
GetWindowRect
CheckMenuItem
CreatePopupMenu
GetAncestor
InvalidateRect
LoadCursorW
SetCursor
IsZoomed
CreateAcceleratorTableW
NotifyWinEvent
SetClassLongW
IsMenu
IsRectEmpty
GetMenuItemCount
BringWindowToTop
AppendMenuW
SendMessageW
FindWindowW
IsIconic
EnumChildWindows
RegisterClipboardFormatW
DrawStateW
GetWindowThreadProcessId
GetSystemMetrics
GetClientRect
DrawIcon
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
RemoveMenu
OpenClipboard

gdi32

SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
DPtoLP
OffsetRgn
GetRgnBox
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
SetPixel
CreateDIBSection
GetBkColor
CreateEllipticRgn
Polyline
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetTextExtentPoint32W
ExtTextOutW
CreateFontIndirectW
CopyMetaFileW
GetDeviceCaps
CreateBitmap
CreateSolidBrush
DeleteObject
GetObjectW
Rectangle
CreateRectRgn
CreateCompatibleBitmap
CreateRoundRectRgn
StretchBlt
SelectObject
CreateCompatibleDC
CreatePolygonRgn
GetStockObject
Ellipse
CreatePen
GetMapMode
CreateFontW
BitBlt

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumValueW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

DragFinish
SHGetFileInfoW
SHAppBarMessage
ShellExecuteW
DragQueryFileW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
CoUninitialize
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
VariantCopy
VariantTimeToSystemTime
SafeArrayDestroy
SystemTimeToVariantTime
VariantInit
OleCreateFontIndirect
VariantChangeType
VariantClear

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDrawRectangle
GdipFillRectangle
GdipDrawImagePointRectI
GdipDrawPath
GdipAddPathLine2I
GdipSetClipHrgn
GdipReleaseDC
GdipGetDC
GdipFillPolygonI
GdipDrawLineI
GdipDrawEllipseI
GdipFillEllipseI
GdipSetSolidFillColor
GdipSetPenColor
GdipDeletePen
GdipCreatePen1
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipGetImageGraphicsContext
GdipLoadImageFromStream
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetPixelOffsetMode
GdipDrawImageRectRect
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdipSetLinePresetBlend
GdipFillRectangleI
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipCreateSolidFill
GdipSetTextRenderingHint
GdipDrawString
GdipGetImageWidth
GdipGetImageHeight
GdipMeasureString
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipCreatePath
GdipDeletePath
GdipAddPathString
GdipFillPath

winmm

PlaySoundW

hid

HidD_GetHidGuid
HidD_GetAttributes

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr
recvfrom
__WSAFDIsSet
WSAStartup
connect
gethostname
socket
htons
htonl
send
closesocket
recv
gethostbyname
bind
sendto
setsockopt
select

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

896bd82f192d2a260dd31070e00b8466

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

winmm

hid

setupapi

iphlpapi

ws2_32

imm32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 706KB - Virtual size: 706KB

.data Size: 33KB - Virtual size: 309KB

.rsrc Size: 6.2MB - Virtual size: 6.2MB

.reloc Size: 356KB - Virtual size: 356KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 706KB - Virtual size: 706KB

.data
Size: 33KB - Virtual size: 309KB

.rsrc
Size: 6.2MB - Virtual size: 6.2MB

.reloc
Size: 356KB - Virtual size: 356KB