8467dd250d6d4284a369114adcff035f0ce1efc5cdb75e98452d060588b91256

Sharing

Copy URL

Twitter E-mail

General

Target

8467dd250d6d4284a369114adcff035f0ce1efc5cdb75e98452d060588b91256
Size

1.7MB
MD5

c40bd5b0e95e1490e5dfd069b92d1b8e
SHA1

172cd4790d17c91fab27217cc2b7eafd4328496d
SHA256

8467dd250d6d4284a369114adcff035f0ce1efc5cdb75e98452d060588b91256
SHA512

2123089dc772983546cfb3756b31e1a55b13c5c6b89250faf5714edce657a655be91f88ad21e95cabac98de0ae996f83b652f7da792ffcf9da9b20833a72e715
SSDEEP

49152:6y68XRadJQl267gI8BXv8Ughsipl0PR3t2r4PRSEk1ul:6yX068BXvKqip6dt2sEE5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8467dd250d6d4284a369114adcff035f0ce1efc5cdb75e98452d060588b91256

Files

8467dd250d6d4284a369114adcff035f0ce1efc5cdb75e98452d060588b91256
.exe windows:5 windows x86

f3d894e1b7f2c68d12813578c98993a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
DeleteFileW
FindNextFileW
lstrcmpiW
RemoveDirectoryW
FindClose
FindFirstFileW
CreateToolhelp32Snapshot
Process32NextW
Module32FirstW
Process32FirstW
GetProcAddress
lstrlenW
MultiByteToWideChar
CreateFileW
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesW
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
HeapSize
GetLocaleInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteConsoleW
SetEndOfFile
GetProcessHeap
MulDiv
GetCurrentDirectoryW
GlobalUnlock
GlobalLock
GetFileSize
GlobalAlloc
LocalFree
FormatMessageW
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
lstrcpynW
GetLocalTime
WideCharToMultiByte
WriteFile
GetModuleHandleW
CreateDirectoryW
GetCurrentProcess
FindResourceExW
ReleaseMutex
GetLastError
CreateMutexW
GetCommandLineW
LockResource
SizeofResource
LoadResource
FindResourceW
FreeResource
CloseHandle
GetTempPathW
GetModuleFileNameW
TerminateProcess
OpenProcess
WaitForSingleObject
ReadFile
CreateProcessW

user32

GetDC
GetCursorPos
DestroyWindow
GetFocus
MapWindowPoints
GetSysColor
IntersectRect
IsWindowVisible
IsRectEmpty
GetUpdateRect
EndPaint
BeginPaint
GetActiveWindow
IsWindowEnabled
FillRect
CharPrevW
SetRect
DrawTextW
GetWindowRgn
UpdateLayeredWindow
MoveWindow
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
DestroyMenu
TrackPopupMenu
EnableMenuItem
AppendMenuW
CreatePopupMenu
GetCaretBlinkTime
UpdateWindow
GetKeyNameTextW
MapVirtualKeyExW
GetKeyboardLayout
SetWindowTextW
SetForegroundWindow
DrawTextA
wsprintfA
InvalidateRgn
GetGUIThreadInfo
ReleaseDC
GetWindowTextW
GetWindowTextLengthW
EqualRect
CharNextW
SetCursor
UnionRect
InflateRect
OffsetRect
CreateWindowExW
GetClassInfoExW
RegisterClassExW
LoadCursorW
SetPropW
GetPropW
GetWindowLongW
CallWindowProcW
GetSystemMetrics
LoadImageW
SendMessageW
GetWindowRect
GetParent
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
GetWindow
EnableWindow
GetMessageW
SetFocus
TranslateMessage
DispatchMessageW
IsWindow
SetWindowLongW
DefWindowProcW
GetClientRect
RegisterClassW
PostMessageW
PostQuitMessage
ScreenToClient
ShowWindow
wsprintfW
ReleaseCapture
SetCapture
SetTimer
KillTimer
InvalidateRect
GetKeyState
MessageBoxW
SetWindowRgn
IsZoomed
IsIconic
CreateAcceleratorTableW
PtInRect

advapi32

RegSetValueW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

DragQueryFileW
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHChangeNotify
CommandLineToArgvW
ShellExecuteW

ole32

CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
DoDragDrop
OleDuplicateData
OleLockRunning
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
CreateStreamOnHGlobal

shlwapi

SHDeleteKeyW
PathIsDirectoryEmptyW
PathFileExistsW

wininet

InternetConnectW
HttpSendRequestW
HttpOpenRequestW
InternetOpenW

ws2_32

gethostbyname
WSAStartup
gethostname

gdi32

SaveDC
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
CreateDIBSection
SetStretchBltMode
CreateCompatibleBitmap
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
BitBlt
SetTextColor
SetBkMode
GetObjectA
GdiFlush
PtInRegion
CreateRectRgn
GetBitmapBits
SetBitmapBits
GetTextExtentPointA
CreatePatternBrush
CreateRoundRectRgn
GetTextMetricsW
SelectObject
PlayEnhMetaFile
DeleteDC
GetStockObject
RestoreDC
Rectangle
CreateEnhMetaFileW
CloseEnhMetaFile
SetWindowOrgEx
RemoveFontMemResourceEx
AddFontMemResourceEx
CreatePen
CreateDIBitmap
GetEnhMetaFileHeader
GetDeviceCaps
CreateCompatibleDC
SetBkColor
DeleteObject
CreateFontIndirectW
GetObjectW

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear

comctl32

ord17
InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetPropertyItem
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCreatePath
GdipDeletePath
GdipDeleteGraphics
GdipDeleteFont
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCreateSolidFill
GdipSetPenMode
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipAddPathLine
ord1
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipDrawString
GdipMeasureString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipCloneImage
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageHeight

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1000KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3d894e1b7f2c68d12813578c98993a7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

wininet

ws2_32

gdi32

oleaut32

comctl32

gdiplus

imm32

Sections

.text Size: 556KB - Virtual size: 555KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 11KB - Virtual size: 34KB

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 1000KB - Virtual size: 1004KB

.text
Size: 556KB - Virtual size: 555KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 11KB - Virtual size: 34KB

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 1000KB - Virtual size: 1004KB