dfdd635d4934f3e7f17aeffe2ae77ea644494bf7b2c8d3c92da8c1442bd90d02

Sharing

Copy URL Twitter E-mail

General

Target

dfdd635d4934f3e7f17aeffe2ae77ea644494bf7b2c8d3c92da8c1442bd90d02
Size

2.4MB
MD5

0a2a5561b1faa02f74b9708050874cfe
SHA1

68cea2521867059aaae3d2eeea3820bef30828c5
SHA256

dfdd635d4934f3e7f17aeffe2ae77ea644494bf7b2c8d3c92da8c1442bd90d02
SHA512

8bf15d6bc9de35287c34dad60d4a734b126687148c01326c8991b6a96d5e955d797058ef605804af11168c718ce3453604b74b48adcb8f700852af7e30c386fd
SSDEEP

49152:bC/s48pCeyCLd0RnmqQGbI74Q0rQrn53sR6dyxSt7nJC4Y0Zhpef:2E48D5L6Rmq1bI74Q1rnhsR6dyxSt7nf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfdd635d4934f3e7f17aeffe2ae77ea644494bf7b2c8d3c92da8c1442bd90d02

Files

dfdd635d4934f3e7f17aeffe2ae77ea644494bf7b2c8d3c92da8c1442bd90d02
.exe windows:5 windows x86

fb3371d06fca1ddba82a28c5faecbbed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

LCMapStringW
CompareStringW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetCommandLineW
GetCommandLineA
HeapQueryInformation
VirtualQuery
GetSystemInfo
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
CreateProcessW
GetFullPathNameW
GetDriveTypeW
RtlUnwind
OutputDebugStringW
GetCurrentDirectoryW
GetFileAttributesExW
ReadConsoleW
GetConsoleCP
CreateFileW
SetConsoleMode
ReadConsoleInputW
GetStringTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameA
SearchPathA
GetProfileIntA
GetTickCount64
GetTempPathA
GetExitCodeProcess
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVersionExA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
GlobalFlags
lstrcmpiA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
GlobalAddAtomA
SetThreadPriority
lstrcpyA
lstrcmpW
FileTimeToSystemTime
GlobalGetAtomNameA
CompareStringA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringA
lstrcmpA
GlobalReAlloc
WideCharToMultiByte
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
FindResourceW
SetLastError
OpenMutexA
CreateMutexA
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
ResumeThread
GetCurrentThreadId
WritePrivateProfileStringA
WriteConsoleW
lstrcpynA
FindFirstFileA
FindClose
MoveFileA
GetModuleFileNameA
WriteFile
SetFilePointer
ReadFile
FlushFileBuffers
CreateFileA
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateEventA
WaitForSingleObject
SetEvent
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
GetLastError
FindResourceA
SizeofResource
LockResource
LoadResource
GetModuleHandleA
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FreeEnvironmentStringsW
SetEnvironmentVariableW
VirtualAlloc

user32

GetMenuItemInfoA
DestroyMenu
PostQuitMessage
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
CopyImage
RegisterWindowMessageA
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
GetMenuStringA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IntersectRect
InflateRect
HideCaret
IsDialogMessageA
SetWindowLongA
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
GetScrollPos
SetScrollPos
SetFocus
RealChildWindowFromPoint
SetRectEmpty
OffsetRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
ShowOwnedPopups
SetCursor
DeleteMenu
SetTimer
KillTimer
InvalidateRect
TrackMouseEvent
LoadImageW
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
SystemParametersInfoA
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
GetMessagePos
SetClipboardData
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
EnableWindow
GetDesktopWindow
UnhookWindowsHookEx
SendMessageA
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
EmptyClipboard
GetSysColorBrush
LoadCursorA
GetWindowTextA
GetWindowTextLengthA
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
FillRect
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
DestroyIcon
CharUpperA
GetDlgCtrlID
GetFocus
DrawStateA
SetClassLongA
SetWindowRgn
SetParent
SetWindowTextA
GetWindowRect
PtInRect
GetClassNameA
GetWindow
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
CopyRect
DefMDIChildProcA

gdi32

SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
SaveDC
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteDC
GetDeviceCaps
CreateDCA
GetPaletteEntries
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

OpenServiceA
RegOpenCurrentUser
RegCreateKeyExA
RegEnumKeyExA
StartServiceA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
QueryServiceStatus
RegCloseKey
OpenSCManagerA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
ChangeServiceConfig2A
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHAppBarMessage
SHBrowseForFolderA
DragFinish

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW
PathFindFileNameA
StrFormatKBSizeA

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SysStringLen
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
SysAllocStringByteLen
LoadTypeLi
VariantInit
SysAllocString
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate

odbc32

ord5
ord3
ord8
ord9
ord10
ord11
ord12
ord13
ord14
ord2
ord15
ord16
ord17
ord43
ord68
ord61
ord59
ord41
ord23
ord76
ord39
ord20
ord49
ord19
ord48
ord18
ord38
ord45
ord44
ord1

crypt32

CryptUnprotectData
CryptProtectData

iphlpapi

GetAdaptersInfo

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb3371d06fca1ddba82a28c5faecbbed

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

odbc32

crypt32

iphlpapi

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 348KB - Virtual size: 348KB

.data Size: 21KB - Virtual size: 100KB

.rsrc Size: 409KB - Virtual size: 408KB

.reloc Size: 135KB - Virtual size: 135KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 348KB - Virtual size: 348KB

.data
Size: 21KB - Virtual size: 100KB

.rsrc
Size: 409KB - Virtual size: 408KB

.reloc
Size: 135KB - Virtual size: 135KB