428953d326aea4be1445afe7684143b7f9d014f54e281d5b005e144406e2871f

Sharing

Copy URL

Twitter E-mail

General

Target

428953d326aea4be1445afe7684143b7f9d014f54e281d5b005e144406e2871f
Size

2.8MB
MD5

85d4bdf57db35a9c5c4a4390160df479
SHA1

b4b768402ebd814e21c1590afc6029ac73f8954e
SHA256

428953d326aea4be1445afe7684143b7f9d014f54e281d5b005e144406e2871f
SHA512

68d7819aa28f921821ee0d632b2975b9875eb82d48e39cf782a452551e3ee00d6cb6b1e4bde297e429516d768f5c32cbff06d85fc403bd0eae63888aba27a40d
SSDEEP

49152:gWONjfsJlQ4tMnGSorq1b4pJNEtlu0qBTSqZSr2gIak0bMred3f/Gg/G:kNjfs84tMnGPqWpJNEtlu0qBWzr2gIud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
428953d326aea4be1445afe7684143b7f9d014f54e281d5b005e144406e2871f

Files

428953d326aea4be1445afe7684143b7f9d014f54e281d5b005e144406e2871f
.exe windows:5 windows x86

831e0724b790ab983416d93024e7ecd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetModuleFileNameA
GetCurrentThreadId
lstrlenW
LocalFree
FormatMessageA
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
SetThreadPriority
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesExA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
GetACP
GetNumberFormatA
GetTempFileNameA
GetTempPathA
InitializeCriticalSectionAndSpinCount
GetTickCount
GetProfileIntA
GlobalUnlock
SearchPathA
VirtualProtect
FindResourceExW
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
HeapSize
HeapQueryInformation
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
HeapCreate
GetStdHandle
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
CompareStringW
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetModuleHandleA
GetProcAddress
CompareStringA
LoadLibraryW
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
MultiByteToWideChar
lstrcmpW
MulDiv
FindResourceA
Sleep
FreeResource
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
CreateThread
DeleteFileA
GetVersion
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
lstrlenA
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
SetFilePointer
CreateFileA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
FreeLibrary
LoadLibraryA
GetCurrentProcessId
GetWindowsDirectoryA
GetDriveTypeW

user32

InflateRect
GetMenuItemInfoA
DestroyMenu
SystemParametersInfoA
RealChildWindowFromPoint
GetSysColorBrush
IntersectRect
DeleteMenu
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
IsIconic
DestroyIcon
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
OffsetRect
GetIconInfo
CopyImage
LoadImageA
GetNextDlgGroupItem
DrawIconEx
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
SetClassLongA
LoadMenuW
GetSystemMenu
DrawStateA
DrawEdge
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
UnregisterClassA
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowPos
GetWindow
EnableWindow
GetClientRect
PtInRect
ReleaseCapture
RedrawWindow
CharUpperA
GetSystemMetrics
MapVirtualKeyA
GetKeyNameTextA
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetCursorPos
BeginPaint
WindowFromPoint
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
GetWindowThreadProcessId
EndPaint
GetForegroundWindow
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
SetCapture
SetWindowLongA
SendMessageA
LoadCursorA
SetCursor
GetParent
InvalidateRect
wsprintfA
SetTimer
KillTimer
PostMessageA
GetWindowRect
MoveWindow
MessageBoxA
IsWindow
UpdateWindow
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
CharUpperBuffA
GetWindowTextA

gdi32

CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetObjectA
CreateFontIndirectA
GetStockObject
CreateSolidBrush
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetBkColor
GetTextCharsetInfo
CreateBitmap
SetTextColor
EnumFontFamiliesA
CreateCompatibleBitmap
CreateDIBitmap
GetTextMetricsA
DPtoLP
CombineRgn
SetRectRgn
GetTextExtentPoint32A
PatBlt
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
CreateHatchBrush
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetBkColor

shell32

SHAppBarMessage
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
ShellExecuteA
SHGetFileInfoA

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW
PathStripToRootA
PathFindFileNameA

wldap32

ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22

ws2_32

socket
WSAGetLastError
WSAStartup
closesocket
WSACleanup
inet_addr
htons
connect
recv
send
shutdown
gethostbyname
inet_ntoa
bind
getsockname
ntohs
accept
WSASetLastError
listen
__WSAFDIsSet
select
WSAIoctl
setsockopt
getsockopt
getpeername
freeaddrinfo
getaddrinfo
sendto
recvfrom
ioctlsocket
gethostname
htonl
ntohl

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateFromHDC
GdipBitmapLockBits

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegDeleteValueA
CryptCreateHash
CryptHashData
CryptDestroyHash
RegCloseKey
RegQueryValueExA
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
CryptAcquireContextA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
VarBstrFromDate
SysAllocString
VariantClear

Exports

Exports

AddFile
AddFile1
RecvFile
SendFile

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

831e0724b790ab983416d93024e7ecd0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 311KB - Virtual size: 310KB

.data Size: 23KB - Virtual size: 52KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 311KB - Virtual size: 310KB

.data
Size: 23KB - Virtual size: 52KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB