65c63514cd57335f15581e483b5f587f8435597123701c2ef922d35c9dd31a3c

Sharing

Copy URL

Twitter E-mail

General

Target

65c63514cd57335f15581e483b5f587f8435597123701c2ef922d35c9dd31a3c
Size

4.5MB
MD5

06567399e6223278bc71573de31a5d0f
SHA1

b7c7865a854661b03caea7808503b24577df3e1a
SHA256

65c63514cd57335f15581e483b5f587f8435597123701c2ef922d35c9dd31a3c
SHA512

81dda6c9beddda2a11a09243a4d212e445abe6399c41dcf8b880368e0c23dbb4b7baee48f8723aa9179953bf53403ae9eecce6acca8e54120c32077175633fbd
SSDEEP

98304:xjJ7VsPiHpVfxmKyCVJPzoC392r5yyVKnFLOAkGkzdnEVomFHKnPSW:ZEPiz4K92r5yyUnFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65c63514cd57335f15581e483b5f587f8435597123701c2ef922d35c9dd31a3c

Files

65c63514cd57335f15581e483b5f587f8435597123701c2ef922d35c9dd31a3c
.exe windows:6 windows x86

08cccc04f5421c5db6daccb4edee46cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
QueryPerformanceFrequency
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetConsoleOutputCP
GetTimeFormatW
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
SwitchToThread
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
VirtualQuery
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetDateFormatW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
GetWindowsDirectoryW
FindResourceExW
SetErrorMode
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GetFileSize
CreateFileW
DeleteFileW
Sleep
VirtualProtect
GetAtomNameW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetCurrentDirectoryW
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetProfileIntW
GetTempPathW
SearchPathW
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GlobalFree
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalAlloc
GetVersionExW
GetCurrentThread
CompareStringW
GlobalFindAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
WideCharToMultiByte
GlobalGetAtomNameW
GlobalAddAtomW
GlobalUnlock
GlobalLock
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetCurrentProcessId
SetLastError
OutputDebugStringA
FindResourceW
VirtualAlloc
SizeofResource
LockResource
LoadResource
InitializeCriticalSectionAndSpinCount
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
GetSystemInfo
WriteConsoleW

user32

DrawTextW
RemoveMenu
InsertMenuW
GetMenuStringW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
FillRect
DrawStateW
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
KillTimer
SetTimer
WaitMessage
MessageBeep
PostQuitMessage
MonitorFromPoint
DeleteMenu
ModifyMenuW
GetSystemMenu
SetCapture
NotifyWinEvent
SystemParametersInfoW
SetClassLongW
WindowFromPoint
ClientToScreen
AppendMenuW
GetMenuState
DestroyAcceleratorTable
GetAsyncKeyState
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
DrawTextExW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
TrackPopupMenuEx
TrackPopupMenu
GetFocus
WindowFromDC
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
WinHelpW
LoadImageW
DestroyIcon
LoadIconW
GetLastActivePopup
GetWindowThreadProcessId
GetClassNameW
GetDesktopWindow
UpdateLayeredWindow
EnableScrollBar
SetCursorPos
UpdateWindow
EnableWindow
UnregisterClassW
RegisterWindowMessageW
SendMessageW
SetWindowLongW
GetWindowLongW
EqualRect
IntersectRect
GetSysColor
SetCursor
InvalidateRect
SetActiveWindow
InsertMenuItemW
GetMenuItemCount
GetMenuItemID
GetSubMenu
DestroyMenu
CreatePopupMenu
SetMenu
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
GetCursorPos
GetMessageW
TranslateMessage
ShowOwnedPopups
SetLayeredWindowAttributes
GetSysColorBrush
LoadCursorW
EnumDisplayMonitors
LockWindowUpdate
InflateRect
MonitorFromRect
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetWindowTextLengthW
PostMessageW
IsWindow
DestroyWindow
IsWindowVisible
RealChildWindowFromPoint
IsIconic
IsZoomed
GetCapture
GetSystemMetrics
SetForegroundWindow
SetWindowRgn
RedrawWindow
GetClientRect
GetWindowRect
SetRectEmpty
CopyRect
OffsetRect
IsRectEmpty
GetClassLongW
GetParent
SetParent
GetTopWindow
GetWindow
PeekMessageW
GetClassInfoW
ShowWindow
SetWindowPos
BringWindowToTop
GetDlgItem
GetDlgCtrlID
SetFocus
GetActiveWindow
GetKeyState
ReleaseCapture
IsWindowEnabled
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
GetMenu
SetRect
DestroyCursor
GetKeyNameTextW
MapVirtualKeyW
InSendMessage
GetMenuItemInfoW
InvertRect
HideCaret
GetTabbedTextExtentW
MapVirtualKeyExW
IsCharLowerW
GetComboBoxInfo
GetWindowRgn
GetDCEx
CreateMenu
DrawIcon
CopyIcon
GetIconInfo
GetDoubleClickTime
SubtractRect
GetDialogBaseUnits
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EnumChildWindows
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CharUpperBuffW
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
PostThreadMessageW
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
GetMenuDefaultItem
CharUpperW
TrackMouseEvent
CopyAcceleratorTableW
SendNotifyMessageW
SendDlgItemMessageA
CopyImage
EndDeferWindowPos

gdi32

GetDeviceCaps
BitBlt
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
CreateDCW
CreateFontIndirectW
CreateDIBitmap
CreateRectRgnIndirect
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CombineRgn
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
PatBlt
CreatePolygonRgn
Polygon
Polyline
GetMapMode
SetRectRgn
DPtoLP
CreateFontW
GetCharWidthW
StretchDIBits
CreateRoundRectRgn
GetDIBits
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
Rectangle
LPtoDP
GetWindowOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
CreatePalette
GetPaletteEntries
GetViewportOrgEx
EnumFontFamiliesExW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
RoundRect
GetTextAlign
GetNearestPaletteIndex
GetSystemPaletteEntries
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextFaceW
SetPixelV
CopyMetaFileW
GetStockObject
CreateSolidBrush
CreateBitmap
SetTextColor
SetBkColor
CreateCompatibleBitmap
GetObjectW
CreateDIBSection
SelectObject
GetCurrentObject
DeleteObject
CreateCompatibleDC
ScaleWindowExtEx
CreatePen
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegEnumValueW
RegEnumKeyExW
SetFileSecurityW
GetFileSecurityW
RegSetValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

DragFinish
SHAppBarMessage
SHAddToRecentDocs
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteExW
ShellExecuteW
ExtractIconW
SHGetFileInfoW
DragQueryFileW

shlwapi

PathRemoveExtensionW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW
PathFindFileNameW

uxtheme

CloseThemeData
GetThemeSysColor
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
DrawThemeBackground
GetThemeColor

ole32

OleRegGetUserType
RevokeDragDrop
OleRegGetMiscStatus
OleRegEnumVerbs
OleSetMenuDescriptor
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StringFromGUID2
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
CoDisconnectObject
CreateFileMoniker
CreateILockBytesOnHGlobal
StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateDocfile
PropVariantCopy
OleSetContainedObject
OleGetIconOfClass
SetConvertStg
RegisterDragDrop
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
OleGetClipboard
CreateDataAdviseHolder
CreateOleAdviseHolder
CoLockObjectExternal
GetRunningObjectTable
OleRun
OleIsRunning
CoGetMalloc
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
DoDragDrop
CoInitializeEx
OleQueryLinkFromData
OleQueryCreateFromData

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SysStringLen
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VariantClear
VarDecFromStr
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
SysAllocString
VariantInit
SafeArrayGetUBound
SysAllocStringLen

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromStreamICM
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM

ws2_32

accept
WSAAsyncSelect
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
gethostbyname
socket
sendto
send
select
recvfrom
recv
ntohs
inet_ntoa
inet_addr
htons
htonl
getsockname
getpeername
connect
closesocket
bind

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 531KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08cccc04f5421c5db6daccb4edee46cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 531KB - Virtual size: 531KB

.data Size: 36KB - Virtual size: 56KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 202KB - Virtual size: 201KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 531KB - Virtual size: 531KB

.data
Size: 36KB - Virtual size: 56KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 202KB - Virtual size: 201KB