c09bb53ea342978f26abdb40676800b5cc6cbf22f22acb369646e228febdce1f

Sharing

Copy URL Twitter E-mail

General

Target

c09bb53ea342978f26abdb40676800b5cc6cbf22f22acb369646e228febdce1f
Size

3.1MB
MD5

4a78e8f9a4cee1a19f86b6cf630e2473
SHA1

c4dab9c770ebf59811ea1f5e90289fca33d715eb
SHA256

c09bb53ea342978f26abdb40676800b5cc6cbf22f22acb369646e228febdce1f
SHA512

f87c7d0179c96d246c61eba887e4f11aedaf623b8ee56deb6bdb0b7892f5eb8dbe2294a895c12a20a0acae6a2f3b5501584130997dad7ea31d0dffd374b2a741
SSDEEP

49152:JV+CpNIGqQiDC3a1e6u6vCsHu7UZJojO6Q8ZTxy5/m:B3zqy3vcAUvlx5/m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c09bb53ea342978f26abdb40676800b5cc6cbf22f22acb369646e228febdce1f

Files

c09bb53ea342978f26abdb40676800b5cc6cbf22f22acb369646e228febdce1f
.exe windows:5 windows x64

a72a2a37add969ea93809f61eae88d0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

WSASetLastError
shutdown
send
ioctlsocket
WSAGetLastError
recv
connect
inet_ntoa
htons
inet_addr
htonl
getsockname
setsockopt
sendto
bind
gethostbyname
listen
accept
select
__WSAFDIsSet
getpeername
socket
closesocket
WSAStartup

kernel32

FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetDriveTypeW
CreateEventW
SetEvent
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WriteFile
GetFileAttributesW
GlobalSize
ReadFile
GetFileSize
SetFileTime
CreateFileW
MoveFileW
CreateDirectoryW
GetTempPathA
ResetEvent
WaitForSingleObject
TerminateThread
SetThreadPriority
CreateThread
WideCharToMultiByte
GetSystemTimeAsFileTime
GetLocalTime
OutputDebugStringA
CreateFileA
DeviceIoControl
FindFirstFileA
FindNextFileA
DeleteFileA
GetCurrentThread
ReleaseSemaphore
CreateSemaphoreW
GetProcessAffinityMask
GetConsoleMode
WriteConsoleW
GetStdHandle
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetFullPathNameA
GetConsoleCP
SetFilePointer
GetStartupInfoA
RemoveDirectoryW
LoadLibraryA
SetConsoleCtrlHandler
HeapSize
HeapCreate
HeapSetInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
GetTimeZoneInformation
DebugBreak
ExitThread
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetStartupInfoW
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualQuery
GetSystemInfo
VirtualProtect
ExitProcess
HeapReAlloc
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
GetProcessHeap
HeapAlloc
HeapFree
InterlockedPushEntrySList
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
ProcessIdToSessionId
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
LoadLibraryW
CreateProcessA
VerSetConditionMask
VerifyVersionInfoW
FlushFileBuffers
CreateFileMappingW
GetVersionExW
GetModuleFileNameA
Sleep
CreateMutexW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
lstrlenW
GetTickCount
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CloseHandle
GetCurrentProcessId
InitializeCriticalSection
SetLastError
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetConsoleOutputCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
QueryPerformanceCounter
LCMapStringA
LCMapStringW
LocalAlloc
ReadConsoleInputA
SetConsoleMode
SetHandleCount

user32

EnumDisplaySettingsW
EnumDisplayMonitors
GetPriorityClipboardFormat
GetClipboardSequenceNumber
ExitWindowsEx
GetClipboardData
MapVirtualKeyW
SendInput
GetForegroundWindow
GetWindowThreadProcessId
GetGUIThreadInfo
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetThreadDesktop
FindWindowW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
IntersectRect
FillRect
DrawTextA
SetScrollInfo
GetCursorInfo
ShowScrollBar
SetScrollPos
GetScrollRange
GetScrollPos
EnableWindow
ClientToScreen
MoveWindow
CreatePopupMenu
AppendMenuW
DialogBoxParamW
GetDlgCtrlID
GetKeyState
LockWorkStation
GetSystemMetrics
GetCursorPos
GetCapture
PtInRect
SetCursor
GetUserObjectInformationW
OpenInputDesktop
mouse_event
WindowFromPoint
GetDlgItemInt
GetIconInfo
ReleaseCapture
OffsetRect
EndPaint
BeginPaint
GetWindowLongPtrW
GetSubMenu
TrackPopupMenu
EnumWindows
UnregisterClassW
RegisterClassW
GetScrollInfo
CallWindowProcW
MonitorFromPoint
DestroyMenu
CheckMenuItem
EnableMenuItem
DeleteMenu
LoadMenuW
DrawTextW
SetForegroundWindow
SystemParametersInfoW
ChangeDisplaySettingsW
DrawIconEx
DestroyIcon
LoadImageW
SetWindowLongW
GetParent
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsWindow
IsDialogMessageW
SetFocus
SetCapture
KillTimer
SetTimer
IsWindowVisible
ReleaseDC
GetDC
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SendMessageW
GetWindowLongW
DefWindowProcW
MessageBoxW
CreateWindowExW
RegisterClassExW
CharNextW
PeekMessageW
LoadStringW
LoadCursorW
GetClassInfoExW
OpenDesktopW
SetThreadDesktop
CloseDesktop
GetMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
CreateDialogParamW
SetWindowLongPtrW
GetDlgItemTextA
EndDialog
DestroyWindow
PostThreadMessageW
GetDlgItem
ShowWindow
InvalidateRect
UpdateWindow
GetClientRect
SetWindowPos
PostMessageW
UnregisterClassA
GetDesktopWindow
GetProcessWindowStation
GetActiveWindow

gdi32

GetPaletteEntries
CreateDCW
StretchBlt
ExtSelectClipRgn
CreateRectRgn
RestoreDC
SaveDC
CreateCompatibleDC
CreateDIBSection
SetStretchBltMode
GetDeviceCaps
GetTextExtentExPointW
CreatePen
CreateHatchBrush
CreateFontW
SetBkColor
ExtTextOutW
RoundRect
Polygon
Ellipse
ExcludeClipRect
SelectClipRgn
SetViewportOrgEx
SetTextColor
SetBkMode
GetStockObject
SelectObject
Rectangle
CreateSolidBrush
BitBlt
DeleteDC
DeleteObject

advapi32

RegisterServiceCtrlHandlerW
SetServiceStatus
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
ReportEventW
DeregisterEventSource
RegisterEventSourceW
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
DeleteService
CreateServiceW
OpenServiceW
StartServiceW
ControlService
ChangeServiceConfig2W
OpenSCManagerW
CloseServiceHandle
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
StartServiceCtrlDispatcherW

shell32

SHGetFolderPathW
DragFinish
Shell_NotifyIconW
ShellExecuteA
DragQueryFileW

ole32

CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantClear
VariantInit
VarUI4FromStr

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 650KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 618KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a72a2a37add969ea93809f61eae88d0c

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

userenv

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rodata Size: 11KB - Virtual size: 10KB

.rdata Size: 650KB - Virtual size: 650KB

.data Size: 110KB - Virtual size: 618KB

.pdata Size: 79KB - Virtual size: 79KB

.rsrc Size: 292KB - Virtual size: 292KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rodata
Size: 11KB - Virtual size: 10KB

.rdata
Size: 650KB - Virtual size: 650KB

.data
Size: 110KB - Virtual size: 618KB

.pdata
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 292KB - Virtual size: 292KB

.reloc
Size: 34KB - Virtual size: 34KB