2050bd73d97b41e9314ae695475a06622f13eeb60a24a484f691947d073dd878

Sharing

Copy URL

Twitter E-mail

General

Target

2050bd73d97b41e9314ae695475a06622f13eeb60a24a484f691947d073dd878
Size

2.0MB
MD5

97b0cad955ed51c902401b074b75847b
SHA1

e42514c52827fb6559d3a0b03479a6ad906b69cf
SHA256

2050bd73d97b41e9314ae695475a06622f13eeb60a24a484f691947d073dd878
SHA512

c90c85974c92e0dc4d0eebade9425f876cf7515a7a3274be86b7ff04be6bb6f2e0f6586ad4e0a294c9d13899cb8754c95b314bb1be4c4ccddbeaf7d29e847a0b
SSDEEP

49152:MFtvFQ6deKgCa2m/k2qrpaPVjk69wZL1J1t:6vFQsenGm/k2qrpa9jk69wZL1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2050bd73d97b41e9314ae695475a06622f13eeb60a24a484f691947d073dd878

Files

2050bd73d97b41e9314ae695475a06622f13eeb60a24a484f691947d073dd878
.exe windows:6 windows x86

9892d252b61d32654d5f31513660b0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
FindResourceA
lstrcmpW
FreeResource
GetSystemDirectoryW
EncodePointer
GetTickCount
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
InitializeCriticalSection
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameA
GetVersionExA
SetLastError
OutputDebugStringA
ResumeThread
GetCurrentThreadId
MulDiv
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
LocalFree
GlobalSize
CopyFileA
GetCurrentDirectoryA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
DeleteFileA
FindClose
FindFirstFileA
FlushFileBuffers
TlsAlloc
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiA
GetVolumeInformationA
SetErrorMode
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetACP
lstrcpyA
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
CreateToolhelp32Snapshot
GetProfileIntA
SearchPathA
GetTempFileNameA
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
WriteConsoleW
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetStartupInfoA
CreateProcessA
WaitForSingleObject
CreateDirectoryA
CreateFileA
WriteFile
Sleep
GetUserDefaultLCID
WideCharToMultiByte
FormatMessageA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsBadReadPtr
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
MultiByteToWideChar
ExitProcess
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableW
GetModuleFileNameW
TerminateProcess
OpenProcess
GetCurrentProcess
Process32Next
CloseHandle
Process32First
GlobalDeleteAtom

ole32

OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoDisconnectObject
CoFreeUnusedLibraries
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoCreateGuid
CoInitializeEx
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleRun
OleInitialize
CreateStreamOnHGlobal

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHAppBarMessage
SHChangeNotify
ShellExecuteExW

user32

DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
IsRectEmpty
TrackMouseEvent
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
InflateRect
GetMenuItemInfoA
DestroyMenu
PostThreadMessageA
CharUpperA
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
LoadImageW
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
LoadCursorW
UnregisterClassA
wsprintfA
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
MessageBoxA
SendMessageA
GetNextDlgGroupItem
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
GetWindowLongA
DestroyIcon
FillRect
GetWindowDC
TabbedTextOutA
GetWindowThreadProcessId
GetLastActivePopup
GrayStringA
DrawTextExA
DrawTextA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoA
CopyImage
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
RealChildWindowFromPoint
GetDesktopWindow
ClientToScreen
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
UnhookWindowsHookEx
RegisterClipboardFormatA

gdi32

SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateDCA
CopyMetaFileA
GetDeviceCaps
DeleteObject
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
SetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
CreateRectRgnIndirect
CreatePolygonRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
VarBstrFromDate
SafeArrayAllocDescriptor
RegisterTypeLi
LoadTypeLi
LHashValOfNameSys
VarR8FromBool
VarR8FromCy
VariantChangeType
VariantCopy
VariantClear
SafeArrayDestroy
SafeArrayCreate
SysFreeString
SysAllocString
SafeArrayAllocData

oledlg

ord8

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipGetImageWidth
GdiplusShutdown
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipAlloc
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipBitmapUnlockBits

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9892d252b61d32654d5f31513660b0c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

shell32

user32

gdi32

msimg32

winspool.drv

advapi32

shlwapi

uxtheme

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 23KB - Virtual size: 88KB

.rsrc Size: 135KB - Virtual size: 134KB

.reloc Size: 133KB - Virtual size: 132KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 23KB - Virtual size: 88KB

.rsrc
Size: 135KB - Virtual size: 134KB

.reloc
Size: 133KB - Virtual size: 132KB