c06f75a45d7ac2e6d29ce707668b45bf3c94d8dd55182dd644426053cb50bd25

Sharing

Copy URL Twitter E-mail

General

Target

c06f75a45d7ac2e6d29ce707668b45bf3c94d8dd55182dd644426053cb50bd25
Size

2.3MB
MD5

f7219c9235aa1fcb96f8fc84c595c8ad
SHA1

772611f606c6c5058c644d0fefa5d2417643b98f
SHA256

c06f75a45d7ac2e6d29ce707668b45bf3c94d8dd55182dd644426053cb50bd25
SHA512

3eb86a205230e4e6bad7ec547e660de174363ed750d142a6b3ddbc13e0765f18587fffad0ea75d802ef7f485673ce8487e2a15de70ce770fa0e0af104a3a6e56
SSDEEP

12288:fZ4yqF2Pc0BR/iQDKiKRF4Y4EnmNsXKFZq3wy5oQeLZ300+POOgkfRcunB9tC0:RsYPrBNiQ+iKR3XKFofbcunBO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c06f75a45d7ac2e6d29ce707668b45bf3c94d8dd55182dd644426053cb50bd25

Files

c06f75a45d7ac2e6d29ce707668b45bf3c94d8dd55182dd644426053cb50bd25
.dll windows:5 windows x86

228838b42bc9b0720c04435a0094c5e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSizeEx
GetFileTime
WritePrivateProfileStringW
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
ExitProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
InterlockedIncrement
ExpandEnvironmentStringsA
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
InterlockedDecrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcessId
MulDiv
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
GlobalHandle
GetTickCount
OpenFile
_lclose
GetModuleHandleW
GetDiskFreeSpaceA
GlobalFree
ReleaseMutex
CreateMutexW
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceExW
GetUserDefaultLangID
SetLastError
OpenMutexW
FormatMessageW
lstrlenW
LocalAlloc
LocalSize
LocalFree
GetLocaleInfoW
GetSystemDefaultLCID
GetPrivateProfileIntW
Sleep
GetWindowsDirectoryW
GetDiskFreeSpaceExW
GlobalMemoryStatusEx
CreateEventW
SetEvent
CreateThread
WaitForSingleObject
GetCurrentThreadId
GetEnvironmentVariableA
GetProcAddress
FreeLibrary
GetPrivateProfileStringW
GetModuleFileNameW
LoadLibraryW
GetLocalTime
GetVersionExW
CreateDirectoryW
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CreateFileW
GetLastError
CreateFileMappingW
GetTempPathW
GetTempFileNameW
CloseHandle
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
LoadResource
LockResource
SizeofResource
FindResourceW
OutputDebugStringW
VirtualAlloc

user32

SendDlgItemMessageA
WinHelpW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SendDlgItemMessageW
IsIconic
GetWindowPlacement
GetSubMenu
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
RegisterWindowMessageW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowLongW
SetWindowRgn
DrawEdge
GetNextDlgGroupItem
ClientToScreen
GetCapture
WindowFromPoint
DrawFocusRect
SetActiveWindow
UnhookWindowsHookEx
SetRect
ReleaseDC
GetDC
PeekMessageW
TranslateMessage
DispatchMessageW
SetCapture
ReleaseCapture
TrackMouseEvent
LoadCursorW
SetCursor
GetWindow
GetDlgItem
SetFocus
LoadBitmapW
GetScrollRange
SetScrollPos
GetScrollPos
SetParent
GetFocus
KillTimer
SetTimer
CallNextHookEx
LoadImageW
GetKeyState
SystemParametersInfoA
LoadIconW
SetWindowPos
PostMessageW
SetWindowsHookExW
GetClassInfoW
FillRect
GetSysColor
GetSystemMetrics
GetParent
OffsetRect
InflateRect
InvalidateRect
GetWindowRect
PtInRect
GetCursorPos
SendMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableWindow
GetClientRect
GetSysColorBrush
DestroyMenu
UnregisterClassW
GetMessageW
ValidateRect
PostQuitMessage
CharUpperW
GetWindowThreadProcessId
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsWindow
GetMessageTime

gdi32

GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
DeleteDC
CreateBitmap
CreateFontIndirectW
CreateDIBSection
CreateDCW
StretchDIBits
SelectClipRgn
GetPixel
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetStretchBltMode
SetMapMode
LineTo
MoveToEx
SetLayout
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
EndPath
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CombineRgn
StrokePath
CreateRectRgn
CreateFontW
GetBitmapBits
GetDeviceCaps
GetTextExtentPointW
PolyBezier
Rectangle
SelectObject
CreatePen
CreateCompatibleBitmap
BitBlt
CreateSolidBrush
DeleteObject
StretchBlt
CreateCompatibleDC
SetViewportOrgEx
BeginPath
GetObjectW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExA
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryValueExA

shell32

SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHParseDisplayName
SHGetFolderPathW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW
PathIsDirectoryW
PathAddBackslashW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree

oleaut32

VariantInit
VariantChangeType
VariantClear

sti

StiCreateInstanceW

Exports

Exports

DS_Entry

Sections

.text
Size: 567KB - Virtual size: 566KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

228838b42bc9b0720c04435a0094c5e1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

sti

Exports

Exports

Sections

.text Size: 567KB - Virtual size: 566KB

.rdata Size: 138KB - Virtual size: 137KB

.data Size: 16KB - Virtual size: 37KB

.rsrc Size: 6.6MB - Virtual size: 6.6MB

.reloc Size: 68KB - Virtual size: 68KB

.text
Size: 567KB - Virtual size: 566KB

.rdata
Size: 138KB - Virtual size: 137KB

.data
Size: 16KB - Virtual size: 37KB

.rsrc
Size: 6.6MB - Virtual size: 6.6MB

.reloc
Size: 68KB - Virtual size: 68KB