c4ed0501ef258339a37f1dd82ec50b5cfe0c93cf476c288285314a476bb823fd

Sharing

Copy URL

Twitter E-mail

General

Target

c4ed0501ef258339a37f1dd82ec50b5cfe0c93cf476c288285314a476bb823fd
Size

3.4MB
MD5

63ef47c1e84c6d7b46ca84b4df6126a0
SHA1

115d63537274edac508caaa2dd234b6c0ad23a82
SHA256

c4ed0501ef258339a37f1dd82ec50b5cfe0c93cf476c288285314a476bb823fd
SHA512

5ed1c504b7a473d24c20426d3cbe435e341203c850e348a6648afa1d04cea8b86318b5f4e68731efe155fe35749a0c016c2e69a9e8aed9d128fadfafae958dae
SSDEEP

98304:1+OxK1GDBbex/z1y34LJnuWkLENkFgR3BWdsft:1+OIwB+zsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4ed0501ef258339a37f1dd82ec50b5cfe0c93cf476c288285314a476bb823fd

Files

c4ed0501ef258339a37f1dd82ec50b5cfe0c93cf476c288285314a476bb823fd
.exe windows:5 windows x86

b623940a58fad635d308acc63ed66460

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
GetPrivateProfileStringW
SizeofResource
LockResource
LoadResource
FindResourceW
GetLocalTime
GetModuleFileNameW
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
CreateFileW
GetFileSize
WriteFile
SetFilePointer
GetCurrentThreadId
VirtualFree
WideCharToMultiByte
GetACP
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CreateThread
WaitForSingleObject
GetLastError
DeleteFileW
CreateMutexW
WritePrivateProfileStringW
GetExitCodeThread
TerminateThread
WaitForMultipleObjects
Sleep
GetTickCount
ResetEvent
ReadFile
SetEvent
InterlockedCompareExchange
GetSystemInfo
FindFirstFileW
lstrcpynW
EnumResourceTypesW
EnumResourceNamesW
LocalSize
OpenProcess
LoadLibraryExW
LoadLibraryExA
GetProcessHeap
HeapCreate
GetStartupInfoA
GetCurrentProcessId
SetHandleCount
FindClose
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
ResumeThread
GlobalAlloc
FreeResource
lstrlenW
LocalFree
FormatMessageW
SetLastError
GetVersionExA
GetProcAddress
GetModuleHandleW
lstrcmpW
FreeLibrary
LoadLibraryA
CompareStringW
LoadLibraryW
GetVersionExW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetModuleHandleA
InterlockedDecrement
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
SuspendThread
FileTimeToSystemTime
FindNextFileW
FileTimeToLocalFileTime
lstrlenA
GetThreadLocale
MoveFileW
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
GlobalGetAtomNameW
InterlockedIncrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCurrentDirectoryW
GetFileAttributesW
GetFileSizeEx
GetFileTime
SetErrorMode
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
ExitThread
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW

user32

SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
GetCapture
DrawTextExW
ClientToScreen
GetWindowDC
IsWindowVisible
MessageBoxW
CreateWindowExW
BeginPaint
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
GetDlgCtrlID
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
GetWindowThreadProcessId
EndPaint
SetWindowTextW
MoveWindow
ShowWindow
EnableMenuItem
EnableWindow
SendMessageW
GetParent
LoadImageW
SetTimer
InvalidateRect
ModifyMenuW
CheckMenuItem
LoadIconW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
TabbedTextOutW
GrayStringW
DrawTextW
GetSystemMenu
DeleteMenu
AppendMenuW
CreateMenu
LoadBitmapW
SetParent
GetClientRect
IsIconic
GetSystemMetrics
DrawIcon
SetWindowLongW
GetWindowLongW
SetRect
GetDC
ReleaseDC
FillRect
GetSysColor
CopyRect
MapVirtualKeyW
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
ValidateRect
TranslateMessage
GetMessageW
SetCursor
ShowOwnedPopups
InflateRect
GetMenuItemInfoW
DestroyMenu
SystemParametersInfoW
CharUpperW
GetSysColorBrush
LoadCursorW
UnregisterClassW
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
CharNextW
IsRectEmpty
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
DestroyIcon
SetRectEmpty
TranslateAcceleratorW
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
LockWindowUpdate
GetDCEx
PostThreadMessageW
UnionRect
RegisterClipboardFormatW
GetClassInfoExW
RegisterWindowMessageW
KillTimer
LoadMenuW
GetSubMenu
SetMenuDefaultItem
UnpackDDElParam
GetCursorPos
SetForegroundWindow
PostMessageW
UpdateWindow
GetMenuItemCount
InsertMenuW
GetMenuItemID
GetMenuStringW
GetMenuState
EndDialog
GetNextDlgTabItem
IsWindowEnabled
TranslateMDISysAccel
DrawMenuBar
DefWindowProcW
CallWindowProcW
PtInRect
GetMenu
SetWindowPos
GetCursor
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
RedrawWindow
SetWindowLongA
GetWindowLongA
IsWindowUnicode
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
RegisterClassA
DrawEdge
DrawFrameControl
SendMessageTimeoutW
DrawIconEx
DrawStateW
InvertRect
SetWindowRgn
SetClassLongW
DrawFocusRect
GetDoubleClickTime
GetIconInfo
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
GetWindowRgn
IsMenu
ShowCaret
HideCaret
IsClipboardFormatAvailable
GetMenuDefaultItem
SetCursorPos
ToUnicodeEx
GetKeyboardState
GetKeyboardLayoutList

gdi32

GetWindowOrgEx
CreatePolygonRgn
GetBitmapBits
GetViewportOrgEx
Polyline
ExtCreateRegion
PtInRegion
GetCurrentObject
GetDIBits
CreateDIBitmap
CreatePalette
SetBrushOrgEx
EnumFontFamiliesExW
SetPixel
Polygon
GetTextAlign
CreateDIBSection
StretchBlt
GetTextCharsetInfo
OffsetRgn
Ellipse
DeleteObject
DeleteDC
SelectObject
GetDeviceCaps
CreateFontW
RoundRect
StretchDIBits
GetRgnBox
GetTextColor
GetBkColor
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetTextMetricsW
GetTextExtentPoint32W
CreateFontIndirectW
PatBlt
CreateRectRgnIndirect
CreatePen
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetClipRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
CreateSolidBrush
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetStockObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW

shell32

ShellExecuteW
DragQueryFileW
DragFinish
Shell_NotifyIconW

comctl32

_TrackMouseEvent
FlatSB_GetScrollProp
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_DrawEx
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ImageList_Draw
ImageList_DrawIndirect
ImageList_GetBkColor
InitCommonControlsEx

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW
OleUIAddVerbMenuW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleIsCurrentClipboard
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemAlloc
OleFlushClipboard
CoTaskMemFree
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
LoadTypeLi
SafeArrayDestroy
VariantCopy
SysAllocString
VariantInit
VariantChangeType
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SystemTimeToVariantTime
OleLoadPicture
VariantTimeToSystemTime
VariantClear

ws2_32

gethostname
send
recv
select
gethostbyname
inet_ntoa
connect
htons
closesocket
WSAStartup
inet_addr
WSAGetLastError
gethostbyaddr
socket

iphlpapi

IcmpCreateFile
SendARP
IcmpCloseHandle
IcmpSendEcho

imagehlp

ImageDirectoryEntryToData

winmm

PlaySoundW

Exports

Exports

?_GWDebugFlag@@3KA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b623940a58fad635d308acc63ed66460

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

iphlpapi

imagehlp

winmm

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 442KB - Virtual size: 441KB

.data Size: 32KB - Virtual size: 52KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 442KB - Virtual size: 441KB

.data
Size: 32KB - Virtual size: 52KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 175KB - Virtual size: 175KB