307774dbe0a8f844ea8eb4fec65f6d10d222f269ed0f3bed30450e6d3412d81f

Sharing

Copy URL Twitter E-mail

General

Target

307774dbe0a8f844ea8eb4fec65f6d10d222f269ed0f3bed30450e6d3412d81f
Size

11.6MB
MD5

dedf5f191e1fa05ff86a344cb514a98a
SHA1

b7b8cf9c89e66d2086fdef1818ecc148ce6ee9cb
SHA256

307774dbe0a8f844ea8eb4fec65f6d10d222f269ed0f3bed30450e6d3412d81f
SHA512

7fb3c482228f461be68cfe9a2fb763a6588d0d89627e95c4128c417d08170c65dfc827b133012a0db0adf9e990d1fa8396ae9d225f6a5a105a71f6b2425169c7
SSDEEP

196608:bM48LHGp9Gdon2+4O7NADtV6v+ifayfc5NgE384nRuYcjeUm++PzxB3Mt4M/wUVI:i82Y7niEcTH3RRuY/Umxtq3bIzio

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
307774dbe0a8f844ea8eb4fec65f6d10d222f269ed0f3bed30450e6d3412d81f

Files

307774dbe0a8f844ea8eb4fec65f6d10d222f269ed0f3bed30450e6d3412d81f
.exe windows:6 windows x86

d0eb48dafd3ae5d2ebcd7b7d009973bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind
NtLoadDriver
RtlAdjustPrivilege
RtlInitUnicodeString
RtlCreateRegistryKey
RtlWriteRegistryValue
NtUnloadDriver

kernel32

QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
LCMapStringW
GetCPInfo
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
TerminateProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFileInformationByHandleEx
AreFileApisANSI
SetFilePointerEx
SetFileInformationByHandle
FindNextFileW
FindFirstFileExW
FormatMessageA
OutputDebugStringW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
FindResourceExW
GetTempFileNameW
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
WaitForSingleObjectEx
SearchPathW
GetProfileIntW
GetTickCount
VirtualProtect
GetTempPathW
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetFileSize
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalFindAtomW
EncodePointer
VerifyVersionInfoW
VerSetConditionMask
FormatMessageW
MulDiv
LocalFree
GlobalSize
lstrcpyW
GlobalFree
GlobalUnlock
GlobalAddAtomW
GetCurrentProcessId
WritePrivateProfileStringW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetVersionExW
GetCurrentThread
GetModuleHandleW
GetModuleFileNameW
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
CreateEventW
WaitForSingleObject
SetEvent
Wow64RevertWow64FsRedirection
GetSystemDirectoryW
Wow64DisableWow64FsRedirection
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
MultiByteToWideChar
GetFileAttributesW
CreateFileW
SetFilePointer
SetFileTime
WriteFile
ReadFile
GetPrivateProfileIntA
QueryFullProcessImageNameW
WideCharToMultiByte
CopyFileW
FreeLibrary
ExitProcess
GetProcAddress
LoadLibraryW
WritePrivateProfileStringA
CloseHandle
DeleteFileW
DeleteFileA
LoadLibraryA
GlobalAddAtomA
Sleep
GetPrivateProfileStringW
OpenProcess
GetModuleHandleA
GetEnvironmentVariableA
CreateMutexW
GetEnvironmentVariableW
GetPrivateProfileIntW
CreateDirectoryW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
RaiseException
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
SizeofResource
WriteConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetCommandLineA

user32

MonitorFromPoint
SetParent
CopyImage
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IntersectRect
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
TrackMouseEvent
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
InvalidateRect
UpdateWindow
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
LoadCursorW
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
ModifyMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
GetSubMenu
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
RealChildWindowFromPoint
UnregisterClassW
EnableWindow
IsIconic
GetParent
LoadMenuW
UnhookWindowsHookEx
PtInRect
ScreenToClient
ClientToScreen
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetLastActivePopup
GetWindowThreadProcessId
IsZoomed
CharUpperW
GetAsyncKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetSystemMenu
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
SetCursorPos
SetRect
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuItemInfoW
GetMenuDefaultItem
CreateWindowExW
WaitMessage
UpdateLayeredWindow
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetWindowRgn
DestroyCursor
InvertRect
GetClientRect
LoadIconW
MessageBoxA
DrawIcon
GetSystemMetrics
SendMessageW
MessageBoxW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
RegisterWindowMessageW
DrawEdge
DrawFrameControl
GetFocus
DrawStateW
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
PostMessageW
PostQuitMessage
ShowOwnedPopups
SetCursor
IsWindowEnabled
GetWindowLongW
HideCaret
CreateMenu
GetComboBoxInfo
SetMenuDefaultItem
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetNextDlgGroupItem
PostThreadMessageW
IsClipboardFormatAvailable
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
SubtractRect
GetKeyNameTextW
MapDialogRect
CopyAcceleratorTableW
CreateAcceleratorTableW
LoadAcceleratorsW
LoadBitmapW
MapVirtualKeyW

gdi32

GetTextMetricsW
CopyMetaFileW
CreateDCW
GetDeviceCaps
BitBlt
CreateBitmap
CreateCompatibleDC
CreatePen
CreatePatternBrush
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
Polyline
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
GetTextExtentPoint32W
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW
SHGetSpecialFolderPathA

shlwapi

SHDeleteKeyW
PathFindExtensionW
PathFindFileNameW
PathFileExistsW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
DrawThemeText
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
GetThemeSysColor

ole32

IsAccelerator
OleTranslateAccelerator
OleCreateMenuDescriptor
CoInitializeEx
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
OleDestroyMenuDescriptor

oleaut32

VarBstrFromDate
LoadTypeLi
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantInit
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdiplusStartup
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdiplusShutdown
GdipAlloc
GdipFree
GdipDeleteGraphics
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize

ws2_32

WSACleanup
closesocket
gethostbyname
WSAStartup
inet_addr
send
socket
connect
inet_ntoa
recv
htons

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0eb48dafd3ae5d2ebcd7b7d009973bf

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 328KB - Virtual size: 328KB

.data Size: 22KB - Virtual size: 39KB

.vmp0 Size: 10KB - Virtual size: 10KB

.reloc Size: 135KB - Virtual size: 135KB

.rsrc Size: 9.6MB - Virtual size: 9.6MB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 328KB - Virtual size: 328KB

.data
Size: 22KB - Virtual size: 39KB

.vmp0
Size: 10KB - Virtual size: 10KB

.reloc
Size: 135KB - Virtual size: 135KB

.rsrc
Size: 9.6MB - Virtual size: 9.6MB