755630230adf73468ed48237331cea5bdb3910429727c810f40c9ba54b5ba10a

Sharing

Copy URL Twitter E-mail

General

Target

755630230adf73468ed48237331cea5bdb3910429727c810f40c9ba54b5ba10a
Size

2.7MB
MD5

c251296ab79412514c13f04546222c4b
SHA1

cfa344043892c2427ccecfbb6a04589b220482f2
SHA256

755630230adf73468ed48237331cea5bdb3910429727c810f40c9ba54b5ba10a
SHA512

84d68ee41e7a2aed55c1f76561074563784a20b86b3bbb61820c07a75e2c6a6deb9711cd6c5fa4faa3b194321a25a0422d049faf60664387dca3a2e8e093f973
SSDEEP

49152:Z8HTKb7IzTmQ9FVfqO9wJXyczX2IkkPMHhLIgsNEVQgXLRw1jfnWJbbR:Z8zKbQv/VCyoyc/kkPMBXsNEVQgXLc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
755630230adf73468ed48237331cea5bdb3910429727c810f40c9ba54b5ba10a

Files

755630230adf73468ed48237331cea5bdb3910429727c810f40c9ba54b5ba10a
.exe windows:5 windows x86

fffadabaffff42b6080fbf5f19562c60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntryW
GetUrlCacheEntryInfoW
HttpAddRequestHeadersW
InternetReadFile
InternetConnectW
InternetCloseHandle
HttpSendRequestW
InternetCrackUrlW
HttpQueryInfoW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetCanonicalizeUrlW
InternetOpenUrlW
InternetOpenW
HttpOpenRequestW
InternetSetFilePointer

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

VerSetConditionMask
VerifyVersionInfoW
GetProfileIntW
GetUserDefaultLCID
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
IsDebuggerPresent
IsValidLocale
GetACP
ExitProcess
FindResourceExW
VirtualQuery
VirtualAlloc
GetSystemInfo
GetFileType
SetStdHandle
HeapQueryInformation
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
OutputDebugStringW
lstrcpyW
SetErrorMode
GetFileTime
GetFileSizeEx
WriteConsoleW
GetLocaleInfoW
SetEnvironmentVariableA
GetFileAttributesExW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
QueryPerformanceFrequency
GetSystemDefaultUILanguage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleCP
GetTimeZoneInformation
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
InterlockedDecrement
GetSystemDirectoryW
WaitForSingleObject
WideCharToMultiByte
MultiByteToWideChar
GetStartupInfoW
ReadFile
SizeofResource
HeapFree
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
HeapSize
GetLastError
LockResource
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
LoadLibraryW
LoadResource
FindResourceW
HeapAlloc
DecodePointer
GetProcAddress
DeleteCriticalSection
GetProcessHeap
CompareStringW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
SetThreadPriority
lstrcmpiW
DuplicateHandle
UnlockFile
LockFile
GetVolumeInformationW
FlushFileBuffers
GetPrivateProfileIntW
GetCurrentThread
LocalAlloc
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GlobalDeleteAtom
GetModuleHandleA
EncodePointer
GetTickCount
OutputDebugStringA
GetThreadLocale
lstrcmpA
SetLastError
FormatMessageW
MulDiv
LocalFree
GlobalSize
CreateSemaphoreW
ReleaseSemaphore
FindNextFileW
SetEndOfFile
GetWindowsDirectoryW
GetFullPathNameW
SearchPathW
LoadLibraryExW
GetStdHandle
ResumeThread
GetCurrentThreadId
ResetEvent
SetEvent
CreateEventW
ExitThread
WaitForMultipleObjects
GetCurrentDirectoryW
SetFileTime
FileTimeToSystemTime
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryA
GetSystemTimeAsFileTime
FindClose
FindFirstFileW
GetCommandLineW
CopyFileW
FreeResource
GlobalUnlock
GlobalLock
CreateMutexW
lstrcmpW
GetVersionExW
GetCurrentProcessId
TerminateProcess
GetFileAttributesW
SetFileAttributesW
GetModuleHandleW
WritePrivateProfileStringW
GetLocalTime
GetPrivateProfileStringW
WriteFile
SetFilePointer
GetFileSize
CreateFileW
CreateDirectoryW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Sleep
CreateThread
DeleteFileW
GetTempFileNameW
GetTempPathW
GetModuleFileNameW
FreeLibrary
CreateProcessW

user32

IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
DrawFocusRect
PostThreadMessageW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
LoadImageW
TrackMouseEvent
RegisterClipboardFormatW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
WindowFromPoint
WaitMessage
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
RealChildWindowFromPoint
SendDlgItemMessageA
CopyImage
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableW
GetSysColorBrush
ShowOwnedPopups
GetActiveWindow
TranslateMessage
GetMessageW
CharUpperW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
GetMenuItemInfoW
DestroyMenu
GetSystemMetrics
InflateRect
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
GetSystemMenu
SetCursorPos
CopyIcon
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
GetSysColor
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
FrameRect
DrawIcon
UnionRect
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
SetMenu
GetMenu
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowThreadProcessId
wsprintfW
ReleaseDC
UpdateLayeredWindow
SetWindowLongW
GetWindowLongW
ReleaseCapture
SetCursor
SetCapture
SetFocus
CallWindowProcW
DefWindowProcW
PtInRect
SetRectEmpty
CopyRect
IntersectRect
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
GetDlgItem
GetWindowRgn
GetDlgCtrlID
DestroyCursor
CharNextW
UnregisterClassW
EnableWindow
LoadMenuW
GetSubMenu
SetMenuItemInfoW
DeleteMenu
TrackPopupMenu
SendMessageW
InvalidateRect
GetFocus
LoadCursorW
GetClientRect
SetTimer
KillTimer
SetPropW
LoadIconW
SystemParametersInfoW
ShowWindow
PostMessageW
GetWindowRect
GetCursorPos
CreatePopupMenu
AppendMenuW
SetForegroundWindow
SetWindowRgn
ScreenToClient
UpdateWindow
GetWindow
OffsetRect
GetParent
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetKeyState
GetCapture
GetDC
GetPropW
IsWindow
GetDesktopWindow

gdi32

GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetMapMode
PatBlt
SetRectRgn
ExcludeClipRect
GetTextExtentPoint32W
GetRgnBox
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
Escape
CreateSolidBrush
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
SetBkColor
GetTextColor
GetStockObject
GetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetClipBox
CreateRectRgnIndirect
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateRoundRectRgn
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CombineRgn
ExtSelectClipRgn
GetObjectW
SelectClipRgn
DPtoLP
CreateRectRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

InitializeSecurityDescriptor
RegQueryValueExW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW
OpenProcessToken
ConvertSidToStringSidW
GetTokenInformation
GetUserNameW
RegDeleteValueW
RegCloseKey
RegSetValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetDesktopFolder
SHBrowseForFolderW
SHAppBarMessage

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathRenameExtensionW
PathFileExistsW
PathQuoteSpacesW
PathStripPathW
PathRemoveFileSpecW
UrlUnescapeW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
StrFormatKBSizeW
PathCombineW

uxtheme

DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetWindowTheme
GetThemeSysColor
DrawThemeText

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoInitialize
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateGuid
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeSecurity

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
SysAllocStringLen
OleCreateFontIndirect
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayUnaccessData
VarBstrFromDate
LoadTypeLi
SafeArrayAccessData
VariantClear
VariantInit
SysFreeString
SafeArrayDestroy
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdipSetSolidFillColor
GdipDisposeImageAttributes
GdipDrawRectangleI
GdipSetImageAttributesColorMatrix
GdipGetFontSize
GdipGetPathWorldBounds
GdipGetFontStyle
GdipCreatePath
GdipDeletePath
GdipAddPathString
GdipGetFamily
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateImageAttributes
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdipFillRectangleI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipAlloc
GdipFree
GdipDeleteGraphics
GdipCreateFromHDC
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectRect
GdipGetImageWidth
GdipSetImageAttributesWrapMode
GdipDeletePen
GdipCreatePen1
GdipFillRectangle
GdipDrawString
GdipDeleteFont
GdipCreateFont
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipCloneImage
GdipGetImageHeight

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho
GetAdaptersAddresses
GetAdaptersInfo

netapi32

Netbios

snmpapi

SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree

ws2_32

WSACleanup
inet_addr
inet_ntoa
__WSAFDIsSet
closesocket
gethostbyname
select
send
socket
connect
recv
htons
WSAGetLastError
WSAStartup

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 425KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fffadabaffff42b6080fbf5f19562c60

Headers

DLL Characteristics

File Characteristics

Imports

wininet

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

iphlpapi

netapi32

snmpapi

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 425KB - Virtual size: 424KB

.data Size: 27KB - Virtual size: 53KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 160KB - Virtual size: 160KB

.reloc Size: 137KB - Virtual size: 136KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 425KB - Virtual size: 424KB

.data
Size: 27KB - Virtual size: 53KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 160KB - Virtual size: 160KB

.reloc
Size: 137KB - Virtual size: 136KB