72fc330edcd60adb0bbeb44ecd2095cdde551c7274adc3fef4a33b49c31b39fd

Sharing

Copy URL

Twitter E-mail

General

Target

72fc330edcd60adb0bbeb44ecd2095cdde551c7274adc3fef4a33b49c31b39fd
Size

5.0MB
MD5

01b6dcef51c4070b63a96ef4eeadf5df
SHA1

8262ea1146c2ca377d0b26b3551f6c5867dc17b8
SHA256

72fc330edcd60adb0bbeb44ecd2095cdde551c7274adc3fef4a33b49c31b39fd
SHA512

f98eca73e2b4f3fc2fcfd1a5efffeb10e23da1780fe97280cc1fc39835bc9425c9e0c1881ec95565ca05e7b34958e6f4b165579e972e68a52247ffe35a235957
SSDEEP

49152:G4+3hseWfcgFS33qx2mvgJKeAcUlSFW8wde/sTCdxmN9lG48MMC+gaVTiGOC:Gd30fcW3V3de/eKmN9lG48rC+g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72fc330edcd60adb0bbeb44ecd2095cdde551c7274adc3fef4a33b49c31b39fd

Files

72fc330edcd60adb0bbeb44ecd2095cdde551c7274adc3fef4a33b49c31b39fd
.exe windows:6 windows x86

fe994580fac6ec8f6f57bd3c6f394716

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExW
ReadFile
RemoveDirectoryW
CreatePipe
PeekNamedPipe
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
CreateProcessW
OpenProcess
GetSystemInfo
GetVersionExW
VirtualQuery
GlobalFlags
LocalFree
FormatMessageW
CopyFileW
IsBadReadPtr
IsBadWritePtr
SetSystemPowerState
GenerateConsoleCtrlEvent
GetQueuedCompletionStatus
ResetEvent
Sleep
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetLocalTime
SetLocalTime
FileTimeToSystemTime
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryExW
lstrcmpiW
lstrcpynW
CreateFileW
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
FindNextFileW
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
HeapQueryInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
WriteFile
HeapValidate
GetTimeZoneInformation
GetCommandLineA
WriteConsoleW
GetFileType
GetStdHandle
GetModuleHandleExW
InterlockedFlushSList
RtlUnwind
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
FormatMessageA
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCommandLineW
GetUserDefaultLCID
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
GetTickCount
DebugBreak
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalAlloc
OutputDebugStringW
FindClose
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
SetPriorityClass
GetCurrentThread
OpenEventW
GetShortPathNameW
GetEnvironmentVariableW
SetFileAttributesW
CreateWaitableTimerW
SetWaitableTimer
GetCurrentProcess
MultiByteToWideChar
ExitProcess
DeleteFileW
GetModuleHandleW
GetCurrentThreadId
LeaveCriticalSection
IsDebuggerPresent
ResumeThread
SetThreadPriority
CreateThread
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileStringW
GetModuleFileNameW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTempPathW
GetVolumeInformationW
WideCharToMultiByte
IsBadStringPtrW
TryEnterCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadStringPtrA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
GetLastError
RaiseException
GetFileSizeEx
DecodePointer
SetEndOfFile

user32

DrawTextW
GetNextDlgTabItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
ClientToScreen
ReleaseCapture
SetCapture
MapVirtualKeyA
SendInput
CallWindowProcW
GetCursorPos
TrackPopupMenu
DeleteMenu
ModifyMenuW
AppendMenuW
InsertMenuW
GetMenuItemCount
GetSubMenu
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
CreateMenu
GetMenu
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetMonitorInfoW
MonitorFromWindow
EnumDisplaySettingsW
SetForegroundWindow
SetActiveWindow
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
DrawStateW
WindowFromPoint
DrawFocusRect
FillRect
FrameRect
CopyRect
InflateRect
OffsetRect
RegisterClassExW
UnregisterClassW
IsWindow
GetClassInfoExW
GetActiveWindow
GetFocus
MessageBoxW
GetDesktopWindow
SendMessageW
PostMessageW
DestroyWindow
ShowWindow
MoveWindow
SetWindowPos
InvalidateRect
DestroyIcon
CharNextW
PostQuitMessage
GetDlgItem
RedrawWindow
FindWindowExW
IsMenu
IsChild
IsWindowVisible
IsIconic
GetDlgCtrlID
IsWindowEnabled
SetMenu
GetSystemMenu
DrawIcon
BeginPaint
EndPaint
SetWindowRgn
IntersectRect
GetTopWindow
SetRect
IsRectEmpty
PtInRect
ScreenToClient
MessageBeep
WinHelpW
IsDialogMessageW
WaitForInputIdle
AttachThreadInput
CopyImage
LoadImageW
LoadIconW
LoadCursorW
GetParent
RemovePropW
GetWindowLongW
SetWindowLongW
SetParent
GetSysColor
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
DefWindowProcW
GetKeyState
EnableWindow
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
SetCursor
GetWindow
ExitWindowsEx
MsgWaitForMultipleObjects
wsprintfW
ShowWindowAsync
OpenIcon
CloseWindow
SetDlgItemTextW
SetTimer
KillTimer
FindWindowW
EnumWindows
GetClassNameW
GetAncestor
MessageBoxTimeoutW
GetWindowThreadProcessId
GetSystemMetrics
GetDC
GetWindowDC
ReleaseDC
GetClientRect
GetWindowRect
LoadStringW
RegisterClassW
GetClassInfoW
SetFocus
GetLastActivePopup
CreateWindowExW
SetPropW
GetPropW
IsZoomed

gdi32

CreateSolidBrush
GetObjectType
GetPixel
LineTo
RoundRect
SetBkColor
SetBkMode
SetTextColor
MoveToEx
ExtTextOutW
CreateEllipticRgn
CreateRoundRectRgn
GetClipBox
ExcludeClipRect
CreatePen
CombineRgn
CreateBrushIndirect
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
ExtCreateRegion
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
SetMapMode
SetPixel
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateBitmap
GetTextExtentPoint32W
GetObjectW
SetDIBColorTable
CreateDIBSection
GdiAlphaBlend
SetStretchBltMode
StretchBlt
SelectPalette
SelectObject
RealizePalette
GetSystemPaletteEntries
GetStockObject
GetDIBits
GetDeviceCaps
DeleteDC
CreatePalette
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetTextMetricsW
DeleteObject
CreateFontIndirectW

advapi32

RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumKeyExW
OpenProcessToken
RegDeleteKeyW
RegSetValueExW

shell32

SHGetSpecialFolderPathW
DragQueryFileW
DragFinish
Shell_NotifyIconW
DragAcceptFiles
SHChangeNotify
ShellExecuteExW
ShellExecuteW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoSetProxyBlanket
OleRun
CLSIDFromProgID
IIDFromString
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoUninitialize
CLSIDFromString

oleaut32

VariantClear
VarUI4FromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
OleCreatePictureIndirect
OleCreateFontIndirect
GetActiveObject
SafeArrayAccessData
RegisterTypeLi
LoadTypeLi
LHashValOfNameSys
VarCmp
VariantChangeType
VariantCopyInd
VariantCopy
VariantInit
SafeArrayUnaccessData
SysAllocString
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysStringLen
SysFreeString

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIcon
InitCommonControlsEx

bcrypt

BCryptDecrypt
BCryptDestroyKey
BCryptEncrypt
BCryptGenerateSymmetricKey
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptOpenAlgorithmProvider
BCryptGetProperty

libcurl

curl_easy_init
curl_slist_free_all
curl_global_cleanup
curl_global_init
curl_easy_perform
curl_easy_getinfo
curl_slist_append
curl_easy_pause
curl_easy_cleanup
curl_easy_setopt

libiconv

libiconv
libiconv_open
libiconv_close

vmprotectsdk32

VMProtectEnd
VMProtectBeginUltraLockByKey
VMProtectBeginUltra

gdiplus

GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetImageHeight
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipBitmapUnlockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipDrawImageRectI
GdipSetCompositingMode
GdipDeleteGraphics
GdipGetImagePixelFormat

iphlpapi

GetPerAdapterInfo
GetAdaptersInfo

shlwapi

PathRemoveBlanksW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

uxtheme

SetWindowTheme

ws2_32

WSACleanup
WSAStartup

winmm

PlaySoundW

Exports

Exports

?get_active_implementation@simdutf@@YAAAV?$atomic_ptr@$$CBVimplementation@simdutf@@@internal@1@XZ
?get_available_implementations@simdutf@@YAABVavailable_implementation_list@internal@1@XZ

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe994580fac6ec8f6f57bd3c6f394716

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

bcrypt

libcurl

libiconv

vmprotectsdk32

gdiplus

iphlpapi

shlwapi

version

uxtheme

ws2_32

winmm

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 20KB - Virtual size: 43KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 112KB - Virtual size: 112KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 20KB - Virtual size: 43KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 112KB - Virtual size: 112KB