35194450cc835a5c43f8b545da3acb9afe1f9e8ac05b7e83cfce93267ffd5e96

Sharing

Copy URL Twitter E-mail

General

Target

35194450cc835a5c43f8b545da3acb9afe1f9e8ac05b7e83cfce93267ffd5e96
Size

14.7MB
MD5

2ec7fbc64c83b851eea6147dd1443895
SHA1

b76d676af9787021b8677b05d8e0367e12f638d7
SHA256

35194450cc835a5c43f8b545da3acb9afe1f9e8ac05b7e83cfce93267ffd5e96
SHA512

d51013753effa8dbf99d138bb9fa6e1dfaac787c7533d7b0a48be1a58dcb9d31c815f2cf1388fe5ef864621d8ead293a1cb103692b45f7157d083cef18ec43ba
SSDEEP

196608:Kxhqhqeu6vN4F9I2+R1XMPNdPY4c2a+XAmSTuWo64KK9sAyQot1J0vmIak:BI6veF9I28RcN9MZcDKLAyQqPd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35194450cc835a5c43f8b545da3acb9afe1f9e8ac05b7e83cfce93267ffd5e96

Files

35194450cc835a5c43f8b545da3acb9afe1f9e8ac05b7e83cfce93267ffd5e96
.exe windows:5 windows x64

adab4e62b6d6798289c0ac167381c9cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetEnvironmentVariableA
WriteConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
QueryPerformanceCounter
lstrlenW
HeapCreate
GetVersion
HeapSetInformation
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
HeapSize
HeapQueryInformation
ExitProcess
HeapReAlloc
RtlPcToFileHeader
RtlUnwindEx
RtlLookupFunctionEntry
CreateThread
ExitThread
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetStartupInfoW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetFileAttributesExW
SetErrorMode
GetNumberFormatW
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentDirectoryW
GetThreadLocale
GlobalGetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
LoadLibraryExW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalFree
GlobalSize
ReleaseActCtx
CreateActCtxW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpA
LocalAlloc
GetVolumeInformationW
GetSystemDefaultLCID
GetLocaleInfoW
GetComputerNameW
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
lstrcatA
lstrcpyA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
ExpandEnvironmentStringsW
ProcessIdToSessionId
WaitForSingleObject
CreateProcessW
DuplicateHandle
GetModuleHandleW
GlobalMemoryStatusEx
GetVersionExW
ReadFile
SetFilePointer
GetFileSize
CreateDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetDriveTypeW
GetFileAttributesW
RemoveDirectoryW
Process32NextW
Process32FirstW
MoveFileExW
GetTempFileNameW
DeleteFileW
WriteFile
GetFileSizeEx
CopyFileW
SetFileAttributesW
GetPrivateProfileStringW
WritePrivateProfileStringW
UnmapViewOfFile
FlushInstructionCache
VirtualProtectEx
MapViewOfFile
CreateFileMappingW
GetLocalTime
lstrcmpW
Sleep
GetCommandLineW
OpenProcess
IsDebuggerPresent
RaiseException
GetCurrentProcess
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
CloseHandle
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetTickCount
HeapFree
GetProcessHeap
HeapAlloc
FreeLibrary
GetProcAddress
LoadLibraryW
TerminateProcess
LocalFree
FormatMessageW
GetLastError
DeleteCriticalSection
GetModuleFileNameW
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
MulDiv
FindClose
FindNextFileW
lstrcpynW
FindFirstFileW
lstrcpyW
lstrcatW
LeaveCriticalSection
VirtualProtect
ExitProcess

user32

UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorW
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongPtrW
DestroyAcceleratorTable
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
NotifyWinEvent
SetWindowRgn
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
DeleteMenu
WaitMessage
ReleaseCapture
SetCapture
UnregisterClassW
IntersectRect
EnumDisplayMonitors
SetRectEmpty
GetSysColorBrush
CopyImage
RealChildWindowFromPoint
SystemParametersInfoW
GetMenuItemInfoW
InflateRect
ShowOwnedPopups
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
PostQuitMessage
GetMessageW
GetActiveWindow
GetMenuStringW
AppendMenuW
InsertMenuW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
MapVirtualKeyW
GetKeyNameTextW
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterClipboardFormatW
IsWindowEnabled
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
EnableWindow
TrackMouseEvent
InvalidateRect
GetClientRect
PtInRect
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
ValidateRect
GetMenuItemID
GetClassInfoExW
GetClassInfoW
GetSysColor
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcW
CopyRect
GetParent
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CopyIcon
CharUpperBuffW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
KillTimer
DestroyMenu
TrackPopupMenu
InsertMenuItemW
ModifyMenuW
GetSubMenu
LoadMenuW
DrawIcon
IsIconic
CharLowerW
GetWindowRgn
DrawStateW
SendMessageW
GetWindowTextW
LoadCursorW
SetCursor
DestroyIcon
GetDC
ReleaseDC
SetWindowPos
GetWindowLongPtrW
MapDialogRect
GetWindowRect
ScreenToClient
BeginPaint
EndPaint
ClientToScreen
AdjustWindowRectEx
GetMenu
MoveWindow
GetWindow
GetWindowDC
FrameRect
MessageBoxW
PeekMessageW
TranslateMessage
DispatchMessageW
SetWindowTextW
SetTimer
LoadIconW
RegisterClassW
CreateWindowExW
ShowWindow
UpdateWindow
GetSystemMenu
GetMenuItemCount
RemoveMenu
DrawMenuBar
SetForegroundWindow
DefWindowProcW
GetSystemMetrics
WindowFromPoint
GetClassNameW
GetWindowThreadProcessId
PostMessageW
SetWindowLongW
GetWindowLongW
SetLayeredWindowAttributes
RedrawWindow
LoadImageW
SetWindowLongPtrW
FindWindowW
IsWindow
ExitWindowsEx
CharUpperW
GetDoubleClickTime

gdi32

GetTextFaceW
SetPixelV
GetWindowExtEx
GetViewportExtEx
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExW
Rectangle
SetPixel
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateDIBSection
CreateRoundRectRgn
GetRgnBox
GetTextColor
GetBkColor
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
CreateDIBitmap
CreateDCW
CopyMetaFileW
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
DeleteObject
SelectObject
SetTextColor
SetBkMode
GetObjectW
CreateFontIndirectW
SetBkColor
GetTextExtentPoint32W
GetTextMetricsA
GetTextExtentPointA
CreateICW
GetDeviceCaps
DeleteDC
GetStockObject
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
StretchBlt
CreateFontW
CreateBitmap
CreateRectRgnIndirect
PatBlt
SaveDC
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
RestoreDC
SetPolyFillMode
SetROP2
GetPixel

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

FreeSid
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
InitializeSecurityDescriptor
LookupAccountNameW
SetSecurityDescriptorOwner
SetFileSecurityW
SetNamedSecurityInfoW
GetFileSecurityW
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
RegQueryValueW
RegEnumKeyW
ControlService
QueryServiceStatus
CloseServiceHandle
ChangeServiceConfigW
OpenServiceW
OpenSCManagerW
RevertToSelf
GetUserNameW
RegEnumValueW
RegRestoreKeyW
RegCreateKeyW
RegSaveKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
ImpersonateLoggedOnUser
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
GetSecurityDescriptorControl
SetSecurityDescriptorDacl
AddAce
EqualSid
GetAce
InitializeAcl

shell32

DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
ShellExecuteW
SHAppBarMessage
DragQueryFileW
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW

ole32

CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoInitializeEx
CoUninitialize
CoInitialize
OleUninitialize
CoCreateInstance
OleInitialize
CoTaskMemFree

oleaut32

SysAllocStringLen
VariantChangeType
SysStringLen
VariantCopy
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantClear
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

winmm

timeGetTime
PlaySoundW

wininet

InternetOpenUrlW
InternetGetConnectedState
InternetOpenW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 269KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: - Virtual size: 11.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp2
Size: 14.4MB - Virtual size: 14.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adab4e62b6d6798289c0ac167381c9cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

winmm

wininet

version

oleacc

imm32

Sections

.text Size: - Virtual size: 2.3MB

.rdata Size: - Virtual size: 817KB

.data Size: - Virtual size: 6.8MB

.pdata Size: - Virtual size: 87KB

text Size: - Virtual size: 2KB

data Size: - Virtual size: 1KB

.rsrc Size: 269KB - Virtual size: 1.3MB

.vmp0 Size: - Virtual size: 102KB

.vmp1 Size: - Virtual size: 11.7MB

.vmp2 Size: 14.4MB - Virtual size: 14.4MB

.reloc Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 2.3MB

.rdata
Size: - Virtual size: 817KB

.data
Size: - Virtual size: 6.8MB

.pdata
Size: - Virtual size: 87KB

text
Size: - Virtual size: 2KB

data
Size: - Virtual size: 1KB

.rsrc
Size: 269KB - Virtual size: 1.3MB

.vmp0
Size: - Virtual size: 102KB

.vmp1
Size: - Virtual size: 11.7MB

.vmp2
Size: 14.4MB - Virtual size: 14.4MB

.reloc
Size: 512B - Virtual size: 12B