c4344f393a369b2d9669ae614c72a88cb11db1854fd6cac41737275491de67ad

Sharing

Copy URL Twitter E-mail

General

Target

c4344f393a369b2d9669ae614c72a88cb11db1854fd6cac41737275491de67ad
Size

1.9MB
MD5

c8e219249e23619966d810370c569d7d
SHA1

52cdf7cba25ef67c7a0c322e7eb225001ba9e30f
SHA256

c4344f393a369b2d9669ae614c72a88cb11db1854fd6cac41737275491de67ad
SHA512

1d81a434e5647dbb5b8e480abd5286ade768ff36219e154c5f95be6877d064a7a1e3512adfe8b4569e8cbafe06ae550df980828ec12a066b853d092d70e2cdf0
SSDEEP

49152:vY/eyjiv5zcq1GvGjDzk+pMmWF0m4S/fWvd2w4aJ6Zhf3F2S49WPqF3r7:ceNhzcxvGjDRMmWFx4S/fWvd2w4aInUf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4344f393a369b2d9669ae614c72a88cb11db1854fd6cac41737275491de67ad

Files

c4344f393a369b2d9669ae614c72a88cb11db1854fd6cac41737275491de67ad
.exe windows:5 windows x86

aa259525157ea3f6261db61b2f4dc398

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
SetThreadPriority
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFlags
GetACP
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetCPInfo
GetOEMCP
GetThreadLocale
FileTimeToSystemTime
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetWindowsDirectoryA
GetNumberFormatA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetProfileIntA
Sleep
SearchPathA
VirtualProtect
GetModuleHandleA
FindResourceExW
RaiseException
RtlUnwind
EncodePointer
DecodePointer
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
IsProcessorFeaturePresent
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetStdHandle
LCMapStringW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
LoadLibraryA
ActivateActCtx
DeactivateActCtx
lstrcmpW
GetLastError
SetLastError
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
FreeLibrary
GetProcAddress
CompareStringA
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetCurrentProcess
CreateFileA
CloseHandle
GetFileSize
DeleteFileA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
GlobalGetAtomNameA
SizeofResource
GetDriveTypeW

user32

UnregisterClassA
SetRectEmpty
InvalidateRect
DeleteMenu
SetTimer
KillTimer
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperA
CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RedrawWindow
GetMenuDefaultItem
CreatePopupMenu
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetIconInfo
CopyImage
LoadImageA
DrawIconEx
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
SetClassLongA
GetSystemMenu
DrawStateA
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
CopyIcon
CharUpperBuffA
IntersectRect
SubtractRect
DestroyCursor
GetWindowRgn
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
EnableWindow
SendMessageA
GetSubMenu
LoadMenuW
ClientToScreen
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ShowWindow
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
GetWindowThreadProcessId
GetMessagePos
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
CheckMenuItem
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
DrawIcon
IsIconic
GetClientRect
LoadIconW
GetSystemMetrics
GetDC
MoveWindow
ScreenToClient
GetWindowRect
EnableMenuItem
wsprintfA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetDoubleClickTime
GetMessageTime

gdi32

SetLayout
GetLayout
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateFontIndirectA
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetObjectA
SetBkColor
SetTextColor
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
OffsetRgn
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreateDCA
GetDeviceCaps
CreatePalette
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetTextMetricsA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CopyMetaFileA

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
CryptEncrypt
CryptImportKey
CryptGenRandom
CryptReleaseContext
CryptGetHashParam
RegEnumKeyExA
CryptDestroyKey
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA

shell32

SHAppBarMessage
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
ShellExecuteA

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA

oledlg

ord8

wldap32

ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22

ws2_32

WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
WSAIoctl
getsockname
ntohs
bind
htons
getsockopt
getpeername
setsockopt
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePalette

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

ole32

CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoRevokeClassObject

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VarBstrFromDate
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen
VariantCopy
OleCreateFontIndirect
SysAllocString
VariantClear

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa259525157ea3f6261db61b2f4dc398

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

ole32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 319KB - Virtual size: 318KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 202KB - Virtual size: 201KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 319KB - Virtual size: 318KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 202KB - Virtual size: 201KB