3d71ac941c3c3b47e3a39cb1b4010cc1e83673cc9dfb948abb8906f050578387

Target

3d71ac941c3c3b47e3a39cb1b4010cc1e83673cc9dfb948abb8906f050578387
Size

2.8MB
MD5

6ada247c1cad4f357a0c08cb86db7b11
SHA1

a001396f39d5fd84b594edcb8cdb913dfea013cb
SHA256

3d71ac941c3c3b47e3a39cb1b4010cc1e83673cc9dfb948abb8906f050578387
SHA512

9cef9a745dabaac217e4765fec732f486720b734f49b5171506ea444047b10e914dcdbcfa8359959e37bccb45368f07bdf27bf268024a25f07500e7618f7f11c
SSDEEP

49152:KGUtDSJJpiX/kVDkNhnEpBGuUlve1XMdg3yqcyMuLlTRdxkARnw5p5x+agB4a:+5QzivkVDUhnETGuUI1cdg3ZcSxRdxkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d71ac941c3c3b47e3a39cb1b4010cc1e83673cc9dfb948abb8906f050578387

Files

3d71ac941c3c3b47e3a39cb1b4010cc1e83673cc9dfb948abb8906f050578387
.exe windows:6 windows x86

97cfa29432a5390175015c818e2e67db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetThreadPriority
ResumeThread
EncodePointer
GetSystemDirectoryW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalFindAtomA
GetVersionExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileTime
SystemTimeToTzSpecificLocalTime
GetLocaleInfoW
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
GetACP
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetProfileIntA
SearchPathA
GetTempFileNameA
GetUserDefaultLCID
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
LCMapStringEx
GetStringTypeW
OutputDebugStringW
RtlUnwind
GetSystemInfo
VirtualAlloc
VirtualQuery
HeapQueryInformation
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
QueryPerformanceFrequency
SetStdHandle
GetFileType
ExitProcess
GetStdHandle
SetFilePointerEx
GetConsoleOutputCP
GetConsoleMode
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetFileAttributesExW
CreateDirectoryW
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
WriteConsoleW
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
GlobalAddAtomA
GlobalFlags
GetModuleFileNameA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CompareStringA
GlobalGetAtomNameA
lstrcmpA
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
SetLastError
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
WaitForSingleObject
GetCommandLineW
lstrcmpiA
MapViewOfFile
CreateFileMappingA
GetLocalTime
FileTimeToSystemTime
GetFileInformationByHandle
UnmapViewOfFile
CreateDirectoryA
SystemTimeToFileTime
CloseHandle
CreateFileA
LocalFileTimeToFileTime
SetFileTime
WriteFile
CopyFileA
GetTickCount
Sleep
MultiByteToWideChar
IsBadReadPtr
FreeLibrary
GetProcAddress
LoadLibraryA
RemoveDirectoryA
lstrcpyA
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
RaiseException
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
GetFileSizeEx
SizeofResource

user32

NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
SetClassLongA
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
CopyImage
GetMenuItemInfoA
DestroyMenu
IntersectRect
InflateRect
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
LoadCursorW
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CharUpperA
DestroyIcon
RealChildWindowFromPoint
GetClassNameA
PtInRect
ClientToScreen
GetWindowRect
IsDialogMessageA
SetWindowLongA
SetWindowTextA
GetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
GetWindow
GetScrollPos
SetScrollPos
SetFocus
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
wsprintfA
GetDesktopWindow
InvertRect
HideCaret
GetMenuState
GetMenuStringA
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
DrawFocusRect
IsRectEmpty
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
InvalidateRect
KillTimer
SetTimer
DeleteMenu
ShowScrollBar
SetCursor
SystemParametersInfoA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
StrFormatKBSizeA

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetThemePartSize
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText

gdiplus

GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDCA
GetDeviceCaps
DeleteDC
DeleteObject
BitBlt
CreateBitmap
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
ExtTextOutA
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
TextOutA
MoveToEx
GetObjectA
SetTextColor
SetTextAlign
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
CopyMetaFileA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHAppBarMessage
SHGetPathFromIDListA

ole32

OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoDisconnectObject
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
OleCreateMenuDescriptor
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
LoadTypeLi
SysFreeString
SysAllocStringLen
SysAllocStringByteLen
VariantInit
SysAllocString

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

97cfa29432a5390175015c818e2e67db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msimg32

shlwapi

uxtheme

gdiplus

oleacc

imm32

winmm

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 380KB - Virtual size: 379KB

.data Size: 21KB - Virtual size: 38KB

.rsrc Size: 17KB - Virtual size: 20KB

.reloc Size: 145KB - Virtual size: 145KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 380KB - Virtual size: 379KB

.data
Size: 21KB - Virtual size: 38KB

.rsrc
Size: 17KB - Virtual size: 20KB

.reloc
Size: 145KB - Virtual size: 145KB