60e2f14d422214ae73cb07b603a24c6214e8bd3ee46564094350da5f94f4a226

Sharing

Copy URL Twitter E-mail

General

Target

60e2f14d422214ae73cb07b603a24c6214e8bd3ee46564094350da5f94f4a226
Size

13.4MB
MD5

6674c42ed2af47a1bb1c7286da6bf798
SHA1

ee0567cbd8180b3db5f584a9aca763615203279a
SHA256

60e2f14d422214ae73cb07b603a24c6214e8bd3ee46564094350da5f94f4a226
SHA512

41b6f00f13d7bc9a6f5cb550f986ff9312ce2deacdec95a7129d8cd4b8c57338164637346485288a757fc823c4b1fd50baf86f3154d0b4a6b78189a1e8ba23f6
SSDEEP

393216:bDqc/tSHcQcTH3Bs0KibPhfkuGbt4EpXTVE24pZOKFK:b8eOibPxFGHV1S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60e2f14d422214ae73cb07b603a24c6214e8bd3ee46564094350da5f94f4a226

Files

60e2f14d422214ae73cb07b603a24c6214e8bd3ee46564094350da5f94f4a226
.exe windows:6 windows x86

2141df66480fc3cf282df515486d2fc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
GetLocalTime
lstrcpynW
InterlockedIncrement
InterlockedDecrement
DeleteFileA
GetSystemDirectoryA
DeleteFileW
SetThreadExecutionState
SetEndOfFile
CopyFileA
GetSystemPowerStatus
GetNativeSystemInfo
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
GetPrivateProfileStringW
CopyFileW
GetDriveTypeA
GetTimeZoneInformation
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
RemoveDirectoryA
CreateProcessA
GetVolumeInformationW
GetDiskFreeSpaceW
DeviceIoControl
GetVolumeInformationA
GetDiskFreeSpaceA
GetLogicalDriveStringsA
DeleteVolumeMountPointA
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetSystemTime
CopyFileExA
QueryDosDeviceW
FindFirstVolumeW
SetVolumeLabelW
SetVolumeLabelA
SetVolumeMountPointW
FindVolumeClose
GetVolumePathNamesForVolumeNameW
DeleteVolumeMountPointW
FindNextVolumeW
ExitThread
MulDiv
ExitProcess
GetACP
GetCurrentDirectoryW
lstrlenW
GetTickCount
GetDriveTypeW
FreeResource
VerifyVersionInfoA
LocalFree
LoadLibraryA
VerSetConditionMask
ExpandEnvironmentStringsA
WaitForMultipleObjects
FormatMessageA
SleepEx
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
SetFilePointer
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetFileAttributesExW
SetStdHandle
GetFullPathNameW
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetStdHandle
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetModuleHandleExW
LoadLibraryExW
RtlUnwind
InitializeSListHead
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
SetLastError
GetStringTypeW
FormatMessageW
LocalFileTimeToFileTime
GetFileAttributesW
SystemTimeToFileTime
GetModuleHandleA
SetFileTime
CreateMutexW
lstrcmpiW
lstrcpyW
lstrcatW
GetCurrentThread
GetEnvironmentVariableW
SetThreadPriority
GetShortPathNameW
SetPriorityClass
MoveFileA
SetFileAttributesA
WritePrivateProfileStringA
OutputDebugStringW
SetFileAttributesW
GetExitCodeProcess
GlobalUnlock
CreateDirectoryA
GetEnvironmentStringsW
GetModuleHandleW
CreateProcessW
GetProcessHeap
DeleteCriticalSection
GetFileSize
GlobalLock
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
CreateThread
LoadLibraryW
GetSystemInfo
RaiseException
CloseHandle
HeapReAlloc
Process32FirstW
GlobalAlloc
LockResource
TerminateThread
CreateFileA
Process32NextW
GetLastError
Sleep
CreateToolhelp32Snapshot
HeapSize
MultiByteToWideChar
OpenProcess
CreateFileW
WaitForSingleObject
InitializeCriticalSectionEx
CreatePipe
GetProcessId
GetModuleFileNameW
TerminateProcess
WriteFile
GetCurrentProcess
HeapFree
GetFileSizeEx
SizeofResource
GetModuleFileNameA
ReadFile
CreateDirectoryW
WideCharToMultiByte
GetCurrentProcessId
FreeLibraryAndExitThread

user32

DestroyMenu
SetCaretPos
wsprintfW
GetCaretPos
EnableMenuItem
EqualRect
wsprintfA
SetClipboardData
ExitWindowsEx
EmptyClipboard
CloseClipboard
OpenClipboard
DrawTextA
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
GetKeyboardLayout
AppendMenuW
TrackPopupMenu
CreateCaret
GetCaretBlinkTime
HideCaret
ClientToScreen
ShowCaret
SendMessageW
PostMessageW
CreatePopupMenu
GetWindowRgn
UpdateLayeredWindow
MoveWindow
GetWindowRect
PtInRect
GetCursorPos
PostQuitMessage
KillTimer
SetTimer
FindWindowA
LoadIconW
GetKeyNameTextW
MessageBoxW
CharNextW
CharPrevW
DrawTextW
FillRect
SetRect
IntersectRect
OffsetRect
IsRectEmpty
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
IsWindow
DestroyWindow
SetWindowPos
IsWindowVisible
IsIconic
IsZoomed
SetFocus
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
ScreenToClient
MapWindowPoints
GetSysColor
UnionRect
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
SetForegroundWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetCursor
LoadCursorW
InflateRect
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
CharLowerA
SetPropW
GetPropW
SetWindowRgn
IsWindowEnabled
UpdateWindow
MapVirtualKeyExW
ShowWindow

gdi32

LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
DeleteObject
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
CreateDIBSection
PtInRegion
ExtSelectClipRgn
GetBitmapBits
SetBitmapBits
SelectObject
SetTextColor
SelectClipRgn
MoveToEx
TextOutW
CreateDIBitmap
CreateFontIndirectW
CreatePen
GetDeviceCaps
GetStockObject
AddFontMemResourceEx
RemoveFontMemResourceEx
Rectangle
RestoreDC
SaveDC
CloseEnhMetaFile
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
GetTextExtentPointA
CreateEnhMetaFileW
GetEnhMetaFileHeader
GdiFlush
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreatePatternBrush
CreatePenIndirect
CreateRectRgn

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

CryptDestroyKey
CryptHashData
CryptCreateHash
CryptEncrypt
CryptImportKey
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
CryptDestroyHash

shell32

DragQueryFileW
SHChangeNotify
SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteA
SHGetFolderPathW

ole32

DoDragDrop
OleDuplicateData
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoInitialize
ReleaseStgMedium
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString

shlwapi

PathRemoveFileSpecW
PathFileExistsA
PathFileExistsW
UrlGetPartA
PathCombineW
StrCpyW

wininet

InternetCheckConnectionW

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdiplus

GdipAddPathArc
GdipAddPathLine
GdipDeletePath
GdipCreatePath
GdipReleaseDC
GdipCreatePen1
GdipAlloc
GdipSetSmoothingMode
GdipCreateSolidFill
GdipFillPieI
GdipFree
GdipCreateFromHDC
GdipCloneBrush
GdipDeleteGraphics
GdipDeletePen
GdipSetPenMode
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdiplusStartup
GdiplusShutdown
GdipGetImageWidth
GdipDeleteBrush

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

ws2_32

gethostbyname
gethostname
WSAStartup
WSACleanup
sendto
htons
WSAEnumNetworkEvents
recvfrom
WSAWaitForMultipleEvents
ntohs
socket
inet_addr
WSACreateEvent
ioctlsocket
listen
accept
freeaddrinfo
getaddrinfo
WSAIoctl
setsockopt
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
ntohl
WSAEventSelect

psapi

EnumDeviceDrivers
GetDeviceDriverBaseNameA

wldap32

ord143
ord46
ord211
ord60
ord50
ord41
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord301
ord200

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2141df66480fc3cf282df515486d2fc3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

comctl32

gdiplus

imm32

ws2_32

psapi

wldap32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 433KB - Virtual size: 433KB

.data Size: 16KB - Virtual size: 57KB

.rsrc Size: 11.2MB - Virtual size: 11.2MB

.reloc Size: 73KB - Virtual size: 73KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 433KB - Virtual size: 433KB

.data
Size: 16KB - Virtual size: 57KB

.rsrc
Size: 11.2MB - Virtual size: 11.2MB

.reloc
Size: 73KB - Virtual size: 73KB