ab9b14007219455382020e8ba2835de00c5b337691cf76559ea75d67829d8a9d

Sharing

Copy URL Twitter E-mail

General

Target

ab9b14007219455382020e8ba2835de00c5b337691cf76559ea75d67829d8a9d
Size

2.3MB
MD5

f4a93635c5561430c45eff7b41210f01
SHA1

db842e1f2629eb01d844f21e50828b0345aec3ee
SHA256

ab9b14007219455382020e8ba2835de00c5b337691cf76559ea75d67829d8a9d
SHA512

5249ff54b054195e20035079a5ae61cfa42c49ba65e8caefcb2cf17d02fb5c36a749c11029267ad8105f5049dc608b881d0817832f9efda09280f1e285e683e7
SSDEEP

49152:wEDrRFeSvigx6/0tS3RLRyqoVDmZ5EVAiZCHlNfh/gGQGDwxL15d:wEDrRASqg4/0tmRL8qoVDmZ5EVAiZCHK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab9b14007219455382020e8ba2835de00c5b337691cf76559ea75d67829d8a9d

Files

ab9b14007219455382020e8ba2835de00c5b337691cf76559ea75d67829d8a9d
.exe windows:6 windows x86

9aef75ab5004fd195041d1f4d5926504

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
HeapQueryInformation
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
GetEnvironmentStringsW
CreateThread
GetFullPathNameW
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
CompareStringW
LCMapStringW
GetDriveTypeW
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetCurrentDirectoryW
CreateFileW
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetTempFileNameA
FindResourceExW
GetProfileIntA
GetTempPathA
SearchPathA
IsValidCodePage
GetWindowsDirectoryA
GetCPInfo
GetOEMCP
VirtualProtect
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetACP
GlobalFlags
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
InitializeCriticalSectionAndSpinCount
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExA
GetCurrentThread
GlobalAddAtomA
WritePrivateProfileStringA
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
SetEvent
FindResourceA
FreeResource
GetCurrentProcessId
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetVolumeInformationA
lstrcmpiA
LoadLibraryW
LoadLibraryA
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcess
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
DeleteFileA
CopyFileA
MulDiv
GlobalSize
MultiByteToWideChar
GetSystemPowerStatus
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetThreadExecutionState
TerminateThread
FindNextFileA
FindFirstFileA
FindClose
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCommandLineW
OpenMutexA
CreateMutexA
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
GetLastError
DeviceIoControl
FormatMessageA
LocalFree
LocalAlloc
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
CloseHandle
CreateFileA
ExpandEnvironmentStringsA
WideCharToMultiByte
lstrlenA
FindResourceW
SizeofResource
LockResource
LoadResource
Sleep
ExitThread
WriteConsoleW

user32

DestroyIcon
CopyImage
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
IsDialogMessageA
SetWindowTextA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
DeleteMenu
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CharNextA
CopyAcceleratorTableA
SendMessageA
PostMessageA
IsIconic
SetClipboardData
SetRectEmpty
SendDlgItemMessageA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
SystemParametersInfoA
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
CopyRect
ReleaseDC
GetDC
MapVirtualKeyA
GetKeyNameTextA
PostQuitMessage
SetCursor
SetTimer
KillTimer
InvalidateRect
InflateRect
IntersectRect
BringWindowToTop
ReleaseCapture
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
DestroyMenu
InsertMenuItemA
LoadImageA
UnpackDDElParam
ReuseDDElParam
SetParent
MonitorFromPoint
SetLayeredWindowAttributes
LoadCursorW
EnumDisplayMonitors
OpenClipboard
GetCapture
EnableWindow
GetSystemMetrics
DrawIcon
GetClientRect
MessageBoxA
MessageBoxExA
LoadIconW
GetMenuStringA
GetMenuState
GetSubMenu
DefMDIChildProcA
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
CharUpperA
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
GetDesktopWindow
GetMessageA
TranslateMessage
EnumChildWindows
RegisterClipboardFormatA
LockWindowUpdate
SetClassLongA
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
CloseClipboard
EmptyClipboard
DrawStateA
IsRectEmpty
LoadImageW
TrackMouseEvent
GetAsyncKeyState
SetCapture
LoadMenuW
GetSystemMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
ModifyMenuA
PostThreadMessageA
WaitMessage
GetKeyboardLayout
GetKeyboardState
RegisterWindowMessageA
ToAsciiEx
GetMenuItemInfoA
MapDialogRect
GetMenuDefaultItem
UnionRect
SetRect
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
SetCursorPos
CharUpperBuffA
UpdateLayeredWindow
EnableScrollBar
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcA
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
GetUpdateRect
SubtractRect
MapVirtualKeyExA
IsCharLowerA
TranslateMDISysAccel
UnregisterClassA

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CombineRgn
SetRectRgn
DPtoLP
LineTo
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
EnumFontFamiliesExA
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceA
SetPixelV
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateCompatibleBitmap
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
DeleteService
CreateServiceA
ControlService
StartServiceA
QueryServiceStatusEx
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
SHGetDesktopFolder
SHBrowseForFolderA
CommandLineToArgvW

shlwapi

PathStripToRootA
PathFindFileNameA
PathFileExistsA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA
PathIsUNCA

uxtheme

GetWindowTheme
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetThemePartSize
IsAppThemed
GetThemeColor
GetCurrentThemeName

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
VariantCopy
VarBstrFromDate
SysAllocString

gdiplus

GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree

setupapi

SetupDiGetDeviceInfoListDetailA
SetupDiOpenDeviceInfoA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetClassDevsExA
SetupDiRemoveDevice
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInstallParamsA
SetupDiSetClassInstallParamsA
CM_Get_Device_ID_ExA
CM_Get_DevNode_Status
CM_Locate_DevNode_ExA
CM_Reenumerate_DevNode_Ex
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiCreateDeviceInfoListExA

hid

HidP_GetCaps
HidP_GetValueCaps
HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetFeature
HidD_SetFeature

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aef75ab5004fd195041d1f4d5926504

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

setupapi

hid

version

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 333KB - Virtual size: 333KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 212KB - Virtual size: 212KB

.reloc Size: 146KB - Virtual size: 145KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 333KB - Virtual size: 333KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 212KB - Virtual size: 212KB

.reloc
Size: 146KB - Virtual size: 145KB