3ba9043dccff094692cefab28f4b999f89c29654907ea302c19bbc604bc67225

Sharing

Copy URL

Twitter E-mail

General

Target

3ba9043dccff094692cefab28f4b999f89c29654907ea302c19bbc604bc67225
Size

4.9MB
MD5

df7941950ad2a5a8cf54cbb1e4b5cb02
SHA1

9c919f7bc61241a7b4fa4647a3efbee3001594fa
SHA256

3ba9043dccff094692cefab28f4b999f89c29654907ea302c19bbc604bc67225
SHA512

391f49b9895f6ed21793f5e300651b13e4f0e4f9b4922f670435bcad3f08d42dc22715d90dd7130f7ec9679837d2d8392bf64622cb7553f33bb129c3ceb99ca0
SSDEEP

98304:DaZ5secf1DJROQugt88FLOAkGkzdnEVomFHKnP:DaDByaZ8FLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba9043dccff094692cefab28f4b999f89c29654907ea302c19bbc604bc67225

Files

3ba9043dccff094692cefab28f4b999f89c29654907ea302c19bbc604bc67225
.exe windows:6 windows x64

ec86b66ff35cb25b70bde51fadbeba8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

OpenSCManagerW
CloseServiceHandle
CreateServiceW
OpenServiceW
StartServiceW
ControlService
DeleteService
RegEnumKeyExW
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

kernel32

SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
GetStringTypeW
GetConsoleCP
CreateProcessA
LCMapStringW
GetACP
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
GetFileType
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
ExitProcess
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
SizeofResource
LockResource
LoadResource
FindResourceW
GetCurrentDirectoryW
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
WriteConsoleW
SetStdHandle
DecodePointer
DeleteCriticalSection
GetProcessHeap
AllocConsole
Sleep
FreeConsole
MultiByteToWideChar
DeviceIoControl
WideCharToMultiByte
GetLocalTime
GetSystemFirmwareTable
CreateFileW
GetFileSize
ReadFile
CloseHandle
GetNativeSystemInfo
GetProcAddress
GetModuleHandleW
GetCurrentProcess
GetModuleFileNameW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
EncodePointer
SetLastError
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleHandleExW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryW
GlobalAddAtomW
GlobalFindAtomW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
GlobalLock
GlobalUnlock
GlobalFree
GetCurrentProcessId
GlobalAlloc
GlobalSize
LocalFree
MulDiv
FormatMessageW
CopyFileW
GetCurrentThread
GetVersionExW
lstrcmpA
CompareStringA
lstrcpyW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
VerSetConditionMask
VerifyVersionInfoW
SetEvent
CreateEventW
SetThreadPriority
SuspendThread
ResumeThread
GlobalGetAtomNameW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
FileTimeToSystemTime
DeleteFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
GetFileAttributesW
GetTempFileNameW
GetTempPathW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetTickCount
GetProfileIntW
SetErrorMode
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW

user32

ShowOwnedPopups
TranslateMessage
GetMessageW
GetIconInfo
CopyImage
LoadImageW
DestroyIcon
WindowFromPoint
SetCursor
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetNextDlgGroupItem
EnumDisplayMonitors
SystemParametersInfoW
LoadCursorW
SetLayeredWindowAttributes
DrawIconEx
IsRectEmpty
InflateRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
PostQuitMessage
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetCursorPos
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetKeyNameTextW
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetParent
GetClassLongPtrW
SetWindowLongPtrW
SetParent
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursorPos
EnableWindow
UnregisterClassW
MessageBoxW
MapVirtualKeyW
DestroyMenu
GetMenuItemInfoW
WaitMessage
RealChildWindowFromPoint
GetAsyncKeyState
MapDialogRect
IntersectRect
TrackMouseEvent
IsZoomed
CharUpperW
DeleteMenu
MessageBeep
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
EnableMenuItem
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
GetWindowRect
GetDesktopWindow
SetWindowPos
GetClientRect
PostMessageW
IsIconic
GetSystemMetrics
DrawIcon
LoadBitmapW
UpdateWindow
InvalidateRect
FillRect
DrawStateW
RegisterClipboardFormatW
GetClassNameW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetRect
BringWindowToTop
LockWindowUpdate
GetDoubleClickTime
CopyIcon
ModifyMenuW
DestroyAcceleratorTable
SetClassLongPtrW
GetUpdateRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
CopyAcceleratorTableW
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
IsClipboardFormatAvailable
SubtractRect
InvertRect
HideCaret
PostThreadMessageW
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
GetWindowLongPtrW

gdi32

GetTextFaceW
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExW
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
GetRgnBox
Rectangle
SetDIBColorTable
SetPixel
RealizePalette
CreateDIBSection
CreateRoundRectRgn
DPtoLP
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateRectRgnIndirect
CreateEllipticRgn
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateBitmap
SetTextColor
SetBkColor
GetStockObject
DeleteObject
PatBlt
CreateSolidBrush
StretchBlt
GetObjectW
CreateCompatibleDC
CreateFontW
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoW
SHAppBarMessage
ShellExecuteW
DragFinish
DragQueryFileW
SHGetMalloc

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFileExistsW

uxtheme

DrawThemeText
GetThemeSysColor
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemePartSize

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoInitializeEx
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate

gdiplus

GdipGetImagePaletteSize
GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 666KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec86b66ff35cb25b70bde51fadbeba8a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 666KB - Virtual size: 666KB

.data Size: 28KB - Virtual size: 146KB

.pdata Size: 88KB - Virtual size: 88KB

.gfids Size: 105KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 60KB - Virtual size: 59KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 666KB - Virtual size: 666KB

.data
Size: 28KB - Virtual size: 146KB

.pdata
Size: 88KB - Virtual size: 88KB

.gfids
Size: 105KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 60KB - Virtual size: 59KB