545f715b42e2c93f1576a8153591c0a97abcd6f2477c4dae01b848f061b8e7e5

Sharing

Copy URL Twitter E-mail

General

Target

545f715b42e2c93f1576a8153591c0a97abcd6f2477c4dae01b848f061b8e7e5
Size

2.4MB
MD5

118b067e0a0b6149f47b31ff4a46cc9d
SHA1

8830b707948c019e049af0535c250b8a7da3a7b3
SHA256

545f715b42e2c93f1576a8153591c0a97abcd6f2477c4dae01b848f061b8e7e5
SHA512

f66b1162b4041d9bd2e28d2582e1e12b7da48f25a39404d0d1067e183a7d26b64e530e3526b71548cc7b6c59515330fc4c6da3f2b408bfe93fc21d33ec6f3702
SSDEEP

49152:EydSXXOUAECPhKveSb0z3teXfH5oPYfoJyVtftNvstj04UUr2W8t:EydSn+Psvz0z3twfZoPYgJ6tftNb4UU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
545f715b42e2c93f1576a8153591c0a97abcd6f2477c4dae01b848f061b8e7e5

Files

545f715b42e2c93f1576a8153591c0a97abcd6f2477c4dae01b848f061b8e7e5
.exe windows:6 windows x86

e1369605a51934ca107368b79661a21d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHGetValueW
PathFileExistsW
StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathAppendW

wininet

InternetConnectW
HttpOpenRequestW
InternetOpenUrlW
InternetOpenW
HttpAddRequestHeadersW
InternetReadFile
InternetCloseHandle
HttpSendRequestW
InternetCrackUrlW
HttpQueryInfoW

kernel32

GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
OutputDebugStringW
WaitForSingleObjectEx
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
RtlUnwind
ExitProcess
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
ExitThread
ResetEvent
SetFilePointer
CreateMutexW
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
VirtualProtect
lstrcmpiW
DuplicateHandle
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetTempPathW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
FileTimeToSystemTime
GlobalGetAtomNameW
CompareStringW
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
SetThreadPriority
VerifyVersionInfoW
lstrcpyW
InitializeCriticalSectionAndSpinCount
VerSetConditionMask
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeLibrary
GetVersionExW
GetCurrentThread
OutputDebugStringA
FormatMessageW
MulDiv
GlobalSize
GlobalFree
GetPrivateProfileIntW
GetTickCount
GetTickCount64
ResumeThread
LockResource
WaitForMultipleObjects
WritePrivateProfileStringW
GetPrivateProfileStringW
SetEvent
CreateProcessW
GetModuleFileNameW
GetStartupInfoW
CreateThread
CreateEventW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryW
MoveFileW
GlobalUnlock
CopyFileW
GetModuleHandleW
GetProcessHeap
GetCurrentProcessId
DeleteCriticalSection
LocalFree
GlobalLock
DecodePointer
HeapAlloc
FindResourceW
LoadResource
RaiseException
HeapReAlloc
GlobalAlloc
Sleep
SetFileAttributesW
HeapSize
FreeResource
FindClose
InitializeCriticalSectionEx
RemoveDirectoryW
TerminateProcess
GetCurrentProcess
FindNextFileW
HeapFree
FindFirstFileW
SizeofResource
GetCurrentDirectoryW
GetFileAttributesW
ReadFile
GetFileSize
UnlockFile
CloseHandle
DeleteFileW
GetFileAttributesExW
GetLastError
ReleaseMutex
WaitForSingleObject
CreateFileW
LockFile
WriteFile
SetLastError
CreateDirectoryW
GetLocalTime
WideCharToMultiByte
MultiByteToWideChar
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
VirtualQuery

user32

GetNextDlgGroupItem
MessageBeep
DrawEdge
DrawFrameControl
SetWindowRgn
DrawFocusRect
InflateRect
IsRectEmpty
DrawIconEx
UnregisterClassW
UpdateWindow
PostMessageW
LoadIconW
SendMessageW
SetClassLongW
SetCursor
LoadCursorW
GetDC
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetForegroundWindow
GetClassNameW
GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
GetWindowRect
ToUnicodeEx
GetKeyboardLayout
CharUpperW
GetAsyncKeyState
GetKeyboardState
GetWindowLongW
IsWindowVisible
EnumWindows
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
GetLastInputInfo
KillTimer
GetCursorPos
ScreenToClient
AttachThreadInput
SetForegroundWindow
SetActiveWindow
BringWindowToTop
SetWindowPos
EnableWindow
InvalidateRect
PtInRect
SetCapture
ReleaseCapture
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
PostQuitMessage
SetWindowContextHelpId
GetParent
MapDialogRect
IsWindow
ShowWindow
MoveWindow
GetDlgItem
CheckDlgButton
DestroyAcceleratorTable
TrackMouseEvent
IsZoomed
LoadMenuW
GetSystemMenu
NotifyWinEvent
SetCursorPos
SetParent
CreatePopupMenu
LockWindowUpdate
DestroyIcon
SendDlgItemMessageA
InvertRect
HideCaret
GetWindowRgn
DestroyCursor
GetComboBoxInfo
CreateMenu
PostThreadMessageW
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
ModifyMenuW
CopyIcon
GetIconInfo
GetDoubleClickTime
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
LoadImageW
InsertMenuItemW
TranslateAcceleratorW
MonitorFromPoint
UnionRect
EnableScrollBar
DestroyMenu
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
GetWindow
GetDlgCtrlID
SetFocus
GetFocus
IsWindowEnabled
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
OffsetRect
CharNextW
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
WaitMessage
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
FillRect
DrawStateW
GetLastActivePopup
MessageBoxW
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
GetActiveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
CopyRect
SetRectEmpty
GetSysColorBrush
GetSysColor
MapWindowPoints
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
IsDialogMessageW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetMenuItemInfoW

advapi32

SetSecurityDescriptorDacl
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
InitializeSecurityDescriptor

ole32

CoCreateInstance
CoInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoRegisterMessageFilter
DoDragDrop
OleLockRunning
CoRevokeClassObject
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoSetProxyBlanket
CoUninitialize
IsAccelerator

shell32

SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW

oleaut32

VarBstrFromDate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
VariantCopy
VariantChangeType
VariantInit
SysFreeString
SysAllocString
VariantClear
LoadTypeLi
OleCreateFontIndirect

wtsapi32

WTSEnumerateProcessesW
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification
WTSFreeMemory

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
SetDIBColorTable
GetObjectW
CreateDIBSection
CopyMetaFileW
CreateDCW
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
CreateRectRgnIndirect
CreateSolidBrush
EnumFontFamiliesW
GetStockObject
GetTextCharsetInfo
GetTextMetricsW
CreateBitmap
CreateHatchBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
CreateEllipticRgn
Ellipse
GetTextExtentPoint32W
PatBlt
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
GetMapMode
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPixelV
GetTextFaceW
DeleteDC
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comctl32

InitCommonControlsEx
_TrackMouseEvent

uxtheme

CloseThemeData
DrawThemeParentBackground
OpenThemeData
DrawThemeText
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

oledlg

OleUIBusyW

gdiplus

GdipDeleteFont
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipMeasureString
GdipLoadImageFromStream
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipDisposeImage
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDrawImageI
GdipFillPolygon
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipDrawImageRectI
GdipDeleteBrush
GdipCreateSolidFill

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus
ImmDisableIME

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1369605a51934ca107368b79661a21d

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

advapi32

ole32

shell32

oleaut32

wtsapi32

gdi32

msimg32

winspool.drv

comctl32

uxtheme

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 376KB - Virtual size: 376KB

.data Size: 27KB - Virtual size: 46KB

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 143KB - Virtual size: 143KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 376KB - Virtual size: 376KB

.data
Size: 27KB - Virtual size: 46KB

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 143KB - Virtual size: 143KB