91f3be7e6578624b9efe04576df2bf6b9a121e33e3db710c908d34fd25fd79aa

Sharing

Copy URL Twitter E-mail

General

Target

91f3be7e6578624b9efe04576df2bf6b9a121e33e3db710c908d34fd25fd79aa
Size

1.1MB
MD5

aeebc9a2f6685871ad1659b0900fb2d2
SHA1

4bb2f3a74785df9261560f87f4610cfce0f894c7
SHA256

91f3be7e6578624b9efe04576df2bf6b9a121e33e3db710c908d34fd25fd79aa
SHA512

0739f56aa8be6be5e5a16609fc5570da70355e300fba02e54a4a57326526d31b311f80982750f5e3530330eddf89475ffaf9a92d1c50012b54e1c19119174d83
SSDEEP

24576:Qlk3LPuL/FOjfCSnlcbnWzF4L/SJvnJZQeeRpih+:Xs/FOjfCEWCBS/SJ3Qzih

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91f3be7e6578624b9efe04576df2bf6b9a121e33e3db710c908d34fd25fd79aa

Files

91f3be7e6578624b9efe04576df2bf6b9a121e33e3db710c908d34fd25fd79aa
.exe windows:4 windows x86

a1d191ea7f079669fd6863400b223cda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TerminateThread
lstrlenW
MultiByteToWideChar
GetStringTypeExW
GetThreadLocale
WideCharToMultiByte
Sleep
SetLastError
GetCurrentThreadId
SetErrorMode
GetFileSize
FindClose
GetTempPathW
GetCurrentProcess
GetSystemDirectoryW
GetWindowsDirectoryW
CreateDirectoryW
FindNextFileW
WritePrivateProfileStringW
GetShortPathNameW
MoveFileExW
RemoveDirectoryW
DeleteFileW
ReadFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
SetEndOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
CreateMutexW
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
GetDateFormatW
GetTimeFormatW
LoadLibraryW
LoadLibraryExW
FreeLibrary
GetProcAddress
CreateProcessW
GetExitCodeProcess
TerminateProcess
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
SetUnhandledExceptionFilter
GetThreadSelectorEntry
GetCurrentProcessId
GetVersionExA
GetEnvironmentVariableW
GetModuleFileNameA
GetVersionExW
GetVolumeInformationW
GetSystemDefaultLangID
GetUserDefaultLangID
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjectsEx
QueryPerformanceFrequency
QueryPerformanceCounter
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW
lstrlenA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
HeapSize
TlsSetValue
TlsAlloc
TlsGetValue
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetStdHandle
VirtualProtect
FlushInstructionCache
GetLastError
CreateThread
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
InterlockedDecrement
InterlockedIncrement
MulDiv
FindResourceExW
LoadResource
SizeofResource
LockResource
GetCurrentDirectoryW
LocalAlloc
LocalFree
GetModuleFileNameW
WriteFile
CloseHandle
FormatMessageW
GetModuleHandleW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
ReleaseActCtx
SetFileAttributesW
GetCommandLineW
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
GetSystemTime
FindFirstFileW
GetFileAttributesW
GetTickCount
CreateFileW

user32

SetWindowTextW
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItemTextW
MapWindowPoints
GetDlgItem
ScreenToClient
GetWindowRect
PeekMessageW
MessageBoxW
SetWindowPlacement
IsWindow
GetForegroundWindow
MapDialogRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
EndDialog
DialogBoxIndirectParamW
CopyRect
DrawMenuBar
RemoveMenu
GetWindowDC
RegisterClipboardFormatW
MsgWaitForMultipleObjects
LoadBitmapW
DrawEdge
GetKeyState
GetDlgCtrlID
InflateRect
GetWindowTextLengthW
PtInRect
WindowFromPoint
GetMenu
LoadMenuIndirectW
LoadMenuW
GetSubMenu
IsWindowVisible
DrawFocusRect
UnhookWindowsHookEx
SetWindowsHookExW
DestroyIcon
RegisterWindowMessageW
LoadImageW
SetMenu
CharLowerW
DeleteMenu
GetSysColorBrush
FrameRect
DrawTextW
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
GetSysColor
BeginPaint
GetParent
FillRect
EndPaint
GetWindowTextW
InvalidateRect
GetClassLongW
SetClassLongW
DefWindowProcW
PostQuitMessage
DefFrameProcW
GetMessageW
DestroyWindow
TranslateMDISysAccel
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
RemovePropW
SetWindowLongW
GetWindowLongW
ClientToScreen
GetClientRect
IsDialogMessageW
LoadAcceleratorsW
LoadIconW
RegisterClassExW
ShowWindow
UpdateWindow
GetDC
ReleaseDC
ReleaseCapture
GetCursorPos
SetCapture
SystemParametersInfoW
ChangeDisplaySettingsW
EnumDisplaySettingsW
SetWindowPos
AdjustWindowRectEx
GetWindowPlacement
SetTimer
CreateWindowExW
GetSystemMetrics
SetCursor
CallNextHookEx
PostMessageW
SetPropW
CallWindowProcW
KillTimer
SetFocus
SetForegroundWindow
SendMessageW
LoadCursorW
EnableMenuItem
TrackPopupMenu
DestroyMenu
CharNextW
GetPropW
GetWindow

ole32

ReleaseStgMedium
CoUninitialize
CLSIDFromProgID
CoInitialize
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
OleRun
OleSetContainedObject
OleDraw
OleSetMenuDescriptor
OleSave
CoCreateInstance
CoTaskMemFree
CoCreateGuid
StringFromGUID2

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create

winmm

timeGetTime

gdi32

GetStockObject
CreateCompatibleDC
CreatePen
GdiFlush
SelectObject
CreateSolidBrush
GetTextMetricsW
RoundRect
SetBkColor
SetTextColor
SetBkMode
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateDIBSection
StretchBlt
DeleteObject
DeleteDC
SaveDC
CreateFontIndirectW
EnumFontFamiliesExW
Rectangle
SetROP2
CreateHatchBrush
CreateFontW
RestoreDC
GetPixel
SetStretchBltMode
Ellipse
GetDeviceCaps
GetObjectW

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
CryptAcquireContextW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptDestroyKey
CryptReleaseContext
CryptDeriveKey
CryptDecrypt
GetUserNameW

shell32

DragQueryFileW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFileInfoW

oleaut32

SysAllocString
SysFreeString
OleLoadPicture
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VariantInit
SafeArrayPtrOfIndex
SafeArrayCreate
GetErrorInfo

Sections

.text
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1d191ea7f079669fd6863400b223cda

Headers

File Characteristics

Imports

kernel32

user32

ole32

version

comctl32

winmm

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 252KB - Virtual size: 249KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 32KB - Virtual size: 46KB

.rsrc Size: 740KB - Virtual size: 737KB

.text
Size: 252KB - Virtual size: 249KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 32KB - Virtual size: 46KB

.rsrc
Size: 740KB - Virtual size: 737KB