8e615d864fa7d6b5e3250068cc456ff2227c63d4ae276242ff14c54c8323c174

Sharing

Copy URL Twitter E-mail

General

Target

8e615d864fa7d6b5e3250068cc456ff2227c63d4ae276242ff14c54c8323c174
Size

4.7MB
MD5

4d4167c669228226528981dc2618dff6
SHA1

106708dd6b307c1d4c7fa5894157af6438b5412d
SHA256

8e615d864fa7d6b5e3250068cc456ff2227c63d4ae276242ff14c54c8323c174
SHA512

a50e38bee3f5e5dfa2f870daa3c4ad64a1300a23579da0c6fcf4c59b285914de1eaa4ac366f5f401ab7fbcc8b5a237bdeb66b62812381aa1066d793ab5a7eaa1
SSDEEP

49152:CLcCGYPwMNurUzph05zzsbCOMVMJFFYE+uY+WRw4VW5/Psfs:MvpCFMHtfvPs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e615d864fa7d6b5e3250068cc456ff2227c63d4ae276242ff14c54c8323c174

Files

8e615d864fa7d6b5e3250068cc456ff2227c63d4ae276242ff14c54c8323c174
.exe windows:6 windows x64

400b40610e47f84ca1f65be29aa20eed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetClipboardFormatNameA
CharUpperA
LoadAcceleratorsW
DrawIconEx
GetIconInfo
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageW
UpdateLayeredWindow
MonitorFromPoint
TrackMouseEvent
GetComboBoxInfo
WaitMessage
OffsetRect
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
SetClassLongPtrA
ChangeWindowMessageFilter
GetDoubleClickTime
CopyIcon
RegisterClipboardFormatA
CharUpperBuffA
IsRectEmpty
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
DestroyCursor
PtInRect
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
MoveWindow
NotifyWinEvent
LoadCursorW
SetParent
GetDesktopWindow
WindowFromPoint
HideCaret
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
SetForegroundWindow
GetForegroundWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
PostThreadMessageA
GetMonitorInfoA
MonitorFromWindow
LoadImageA
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
CopyImage
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetMenuCheckMarkDimensions
GetFocus
GetSysColor
ScreenToClient
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
LoadBitmapW
InvertRect
FrameRect
FillRect
DrawFocusRect
GetSysColorBrush
DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
SetMenuItemBitmaps
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
IsMenu
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
MapDialogRect
TabbedTextOutA
IsWindow
PostMessageA
SendMessageA
PeekMessageA
DestroyIcon
DestroyMenu
GetAsyncKeyState
SetCursor
ReleaseCapture
SetRectEmpty
GetSystemMetrics
GetCursorPos
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
RealChildWindowFromPoint
SystemParametersInfoA
MapVirtualKeyA
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam
GetClassNameA
CheckDlgButton
WinHelpA
EndDialog
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DestroyWindow
DialogBoxParamA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
SetPropA
LoadStringA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathFindExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindFileNameA

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeTextEx
EndBufferedPaint
BeginBufferedPaint
BufferedPaintInit
BufferedPaintUnInit

dwmapi

DwmDefWindowProc
DwmIsCompositionEnabled
DwmSetWindowAttribute

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipCreateFromHDC
GdipSetInterpolationMode
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

kernel32

GetCommandLineA
HeapSize
HeapValidate
GetSystemInfo
EncodePointer
DecodePointer
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
VerifyVersionInfoA
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
ExitProcess
GetStdHandle
GetFileType
OutputDebugStringW
WriteConsoleW
GetSystemTimeAsFileTime
SetStdHandle
GetProcessHeap
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
TerminateProcess
IsValidCodePage
HeapFree
HeapReAlloc
HeapQueryInformation
HeapAlloc
lstrlenA
WaitForSingleObjectEx
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
CompareStringEx
LCMapStringEx
GetTimeZoneInformation
CreateFileW
SetEnvironmentVariableA
OpenEventW
FileTimeToLocalFileTime
InitializeCriticalSectionEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
VerSetConditionMask
GetTempFileNameA
lstrcpyA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
GetHandleInformation
SearchPathA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
GetUserDefaultUILanguage
FindResourceExW
GetACP
GetCPInfo
GetOEMCP
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GlobalFlags
FileTimeToSystemTime
GetModuleHandleA
WaitForSingleObject
SetEvent
CloseHandle
VirtualProtect
GetProfileIntA
GetVersionExA
ResumeThread
SetThreadPriority
CompareStringA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
FreeResource
FreeLibrary
GetCurrentThreadId
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetProcAddress
GetModuleHandleExW
GetModuleFileNameW
GetTickCount
OutputDebugStringA
lstrcmpA
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
GlobalSize
GetModuleFileNameA
GetCurrentProcessId
LocalFree
LocalReAlloc
LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetAtomNameA
GlobalGetAtomNameA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
SetLastError
GetLastError
Sleep
DuplicateHandle
GetTempPathA
SetThreadStackGuarantee

gdi32

ExtTextOutA
SetDIBColorTable
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesA
CopyMetaFileA
CreateDCA
GetDeviceCaps
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateDIBitmap
GetSystemPaletteEntries
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
EnumFontFamiliesExA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsA
GetObjectA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
DeleteDC
DeleteObject
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RevertToSelf
OpenThreadToken
SetThreadToken
RegEnumKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileA
SHCreateItemFromParsingName
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
DragFinish

ole32

OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleTranslateAccelerator

oleaut32

SysStringLen
VariantChangeType
VariantClear
SysAllocStringLen
VarBstrFromDate
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
VariantInit

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

400b40610e47f84ca1f65be29aa20eed

Headers

DLL Characteristics

File Characteristics

Imports

user32

msimg32

shlwapi

uxtheme

dwmapi

oleacc

gdiplus

imm32

winmm

kernel32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 30KB - Virtual size: 80KB

.pdata Size: 154KB - Virtual size: 154KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 226KB - Virtual size: 225KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 30KB - Virtual size: 80KB

.pdata
Size: 154KB - Virtual size: 154KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 226KB - Virtual size: 225KB