01bead26f388f9841a642b62f31f05b9f57aadbd892e531abbcb0ac8ad04d876

Sharing

Copy URL Twitter E-mail

General

Target

01bead26f388f9841a642b62f31f05b9f57aadbd892e531abbcb0ac8ad04d876
Size

2.0MB
MD5

9f085fd3fd92ab02ed8a3fbe4a6d5884
SHA1

442f878a25763dc9fc5e27dfa2988ed66d9a579e
SHA256

01bead26f388f9841a642b62f31f05b9f57aadbd892e531abbcb0ac8ad04d876
SHA512

88c8bf914ba5b1b940d93eeb81f63e68e439eaee86e23695467f3730c58f5525f6223719ba1a60759af32245b6facb595cad07c1c572751bd0d205fe7123e68b
SSDEEP

49152:RUD1wa4w7QvREQVWcTbImDOYR65jnDJFTgIp:O1wnwk5EQVWcTbZDOYR65jnDJFU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01bead26f388f9841a642b62f31f05b9f57aadbd892e531abbcb0ac8ad04d876

Files

01bead26f388f9841a642b62f31f05b9f57aadbd892e531abbcb0ac8ad04d876
.exe windows:6 windows x86

1cd8d848a75812f9673c75fd420f2376

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EncodePointer
GetTickCount
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThread
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
GetSystemDirectoryW
LoadLibraryA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GlobalFlags
MulDiv
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
LocalFree
GlobalSize
CopyFileA
FindResourceA
GetCurrentDirectoryA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
DeleteFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiA
GetVolumeInformationA
SetErrorMode
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToSystemTime
CreateToolhelp32Snapshot
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetACP
lstrcpyA
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetProfileIntA
SearchPathA
GetTempFileNameA
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
WriteConsoleW
LCMapStringA
GetStartupInfoA
CreateProcessA
WaitForSingleObject
CreateDirectoryA
CreateFileA
WriteFile
Sleep
GetUserDefaultLCID
WideCharToMultiByte
MultiByteToWideChar
FormatMessageA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsBadReadPtr
GetModuleHandleA
ExitProcess
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
TerminateProcess
OpenProcess
GetCurrentProcess
Process32Next
CloseHandle
Process32First
LoadLibraryExW

ole32

CreateStreamOnHGlobal
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoDisconnectObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoInitializeEx
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

user32

GetSystemMenu
UnregisterClassA
wsprintfA
MessageBoxA
SendMessageA
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
BringWindowToTop
TrackMouseEvent
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
IsZoomed
DrawFrameControl
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
LoadMenuW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
PostThreadMessageA
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
DrawEdge
GetActiveWindow
GetKeyState
LoadImageW
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
RegisterClipboardFormatA
UnhookWindowsHookEx
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
IsChild
DestroyWindow
InflateRect
GetMenuItemInfoA
DestroyMenu
GetWindowPlacement
CharUpperA
DestroyIcon
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoA
CopyImage
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
RealChildWindowFromPoint
GetDesktopWindow
ClientToScreen
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
SetWindowPos

gdi32

SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateDCA
CopyMetaFileA
GetDeviceCaps
DeleteObject
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
MoveToEx
TextOutA
ExtTextOutA
CreateRectRgnIndirect
SetViewportExtEx

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA

shlwapi

PathFindExtensionA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathIsUNCA
PathFindFileNameA

uxtheme

DrawThemeBackground
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetCurrentThemeName
GetThemeColor
GetWindowTheme

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantInit
SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor
RegisterTypeLi
LoadTypeLi
LHashValOfNameSys
VarR8FromBool
VarR8FromCy
VariantChangeType
VariantCopy
VariantClear
SafeArrayDestroy
SafeArrayCreate
SysFreeString
SysAllocString
VarBstrFromDate
SafeArrayAccessData

oledlg

ord8

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipGetImageHeight
GdipSetInterpolationMode

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cd8d848a75812f9673c75fd420f2376

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 23KB - Virtual size: 87KB

.rsrc Size: 135KB - Virtual size: 134KB

.reloc Size: 133KB - Virtual size: 132KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 23KB - Virtual size: 87KB

.rsrc
Size: 135KB - Virtual size: 134KB

.reloc
Size: 133KB - Virtual size: 132KB