3a10d77f75aae3073e669ac97acfdd9a881c89d2d9e5066fe6f0250bb5c403b5

Sharing

Copy URL Twitter E-mail

General

Target

3a10d77f75aae3073e669ac97acfdd9a881c89d2d9e5066fe6f0250bb5c403b5
Size

779KB
MD5

6553becd4d8948cb78d7a127884e492e
SHA1

b28cb1b9f4ed05034a4e985b42f0396a69d27371
SHA256

3a10d77f75aae3073e669ac97acfdd9a881c89d2d9e5066fe6f0250bb5c403b5
SHA512

9539a377580724b25d7bff9053d27c036323f205620c317e808caafbbceebe9042f139543d587aad8eb2c9fc5f312cf2a9281c3284986b139d68c5a5541bf2c7
SSDEEP

12288:hW7LNugFd/O+YEXdi3QJ85VmcfbOLBuC7CBWw0acjrtIARcY3rHuJnm:hwugFdWCXdiAJ8dyLPtIiuJnm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a10d77f75aae3073e669ac97acfdd9a881c89d2d9e5066fe6f0250bb5c403b5

Files

3a10d77f75aae3073e669ac97acfdd9a881c89d2d9e5066fe6f0250bb5c403b5
.exe windows:5 windows x86

2840ff6b1aec0cabfb30723bbd5ea709

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetDriveTypeA
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
CompareStringA
GetLocaleInfoA
FindFirstFileA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GlobalUnlock
WaitForSingleObject
GlobalAddAtomA
GetCurrentProcessId
FreeResource
GlobalFree
GetVersionExA
lstrcmpW
MultiByteToWideChar
GlobalFindAtomA
GlobalGetAtomNameA
MulDiv
LocalFree
GetFullPathNameA
GetModuleFileNameW
FileTimeToSystemTime
WritePrivateProfileStringA
GlobalFlags
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetCPInfo
GetOEMCP
GetModuleHandleW
FileTimeToLocalFileTime
SetErrorMode
GetTickCount
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
Sleep
ExitProcess
ExitThread
CreateThread
HeapReAlloc
VirtualAlloc
HeapSize
GetACP
IsValidCodePage
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
FindClose
CreateFileA
CloseHandle
FormatMessageA
lstrlenA
LocalAlloc
FreeLibrary
lstrcatA
DeleteFileA
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
SetLastError
GetModuleFileNameA
InterlockedDecrement

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
LoadCursorA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
DestroyMenu
GetSysColorBrush
SendDlgItemMessageA
UnregisterClassA
RegisterClipboardFormatA
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
WinHelpA
GetCapture
GetClassLongA
EnableWindow
LoadBitmapA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
DestroyWindow
GetClassInfoExA
GetClassInfoA
RegisterClassA
CreateWindowExA
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetDC
GetWindowRect
GetClientRect
SendMessageA
UpdateWindow
MessageBoxA
RegisterWindowMessageA
GetMenu
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
SetActiveWindow
LoadIconA
GetSysColor
CreateDialogIndirectParamA
wsprintfA
GetDesktopWindow
IsWindowVisible
GetFocus
SetWindowLongA
GetWindowLongA
PostMessageA
ReleaseDC
CopyRect
GetMenuItemCount
GetMenuItemID
ModifyMenuA
GetSubMenu
GetParent

gdi32

SetMapMode
RestoreDC
SaveDC
GetStockObject
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject

shell32

ShellExecuteA

oleaut32

VariantInit
VariantChangeType
VariantClear

shlwapi

PathFindExtensionA
PathFindFileNameA

wldap32

ord211
ord143
ord60
ord50
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord26
ord30
ord200
ord22

ws2_32

htonl
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
ntohl
gethostname

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey

Sections

.text
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 249KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2840ff6b1aec0cabfb30723bbd5ea709

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

shlwapi

wldap32

ws2_32

crypt32

oleacc

winspool.drv

advapi32

Sections

.text Size: 431KB - Virtual size: 431KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 9KB - Virtual size: 25KB

.rsrc Size: 249KB - Virtual size: 252KB

.text
Size: 431KB - Virtual size: 431KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 9KB - Virtual size: 25KB

.rsrc
Size: 249KB - Virtual size: 252KB