425b6986bcbf5f72b8ba7cf6fc3e3440622e78d0ccf837bada34e3fef34e78ec

Sharing

Copy URL Twitter E-mail

General

Target

425b6986bcbf5f72b8ba7cf6fc3e3440622e78d0ccf837bada34e3fef34e78ec
Size

10.4MB
MD5

9926b1d73a67e860c16b7d1c7a21dde1
SHA1

da20370fab77a7a8c9d1f935e5d78717c0de8461
SHA256

425b6986bcbf5f72b8ba7cf6fc3e3440622e78d0ccf837bada34e3fef34e78ec
SHA512

95270e2d13ef0b706669cd2a71f70303636b973804c07f54ebdd1e4b9da7b5ea995b21b861dbad9416b2c775bbb135124ca24715a429f8aeb8db5ccebc5c72b0
SSDEEP

196608:e8qrI3lDYjvjMXvYeTUs67ig5YRLPF+IDJ1r7/j7bwIyFOx2E5cs+lzamVqIARz8:e8qw67igAF+IDJ1r7/j7bQX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
425b6986bcbf5f72b8ba7cf6fc3e3440622e78d0ccf837bada34e3fef34e78ec

Files

425b6986bcbf5f72b8ba7cf6fc3e3440622e78d0ccf837bada34e3fef34e78ec
.exe windows:5 windows x86 arch:x86

46728c7517dbc202ad2098e1133b486d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreateEx

rpcrt4

RpcStringFreeW
UuidCreateSequential
UuidToStringW

winmm

timeSetEvent
waveOutGetVolume
timeKillEvent
waveOutSetVolume
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
mixerSetControlDetails
timeGetTime

dsound

ord1
ord3

imm32

ImmAssociateContextEx

unrar

ord3
ord13
ord14
ord15
ord16
ord6
ord2
ord5

kmphash

hash_file
hash_data

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

LockFileEx
GetVersionExA
AreFileApisANSI
GetFileAttributesA
DeleteFileA
GetFileAttributesW
GetTempPathA
GetFullPathNameA
LockFile
GetTickCount
GetSystemTimeAsFileTime
GetThreadPriority
CreateSemaphoreW
lstrcmpW
ReleaseSemaphore
GetSystemInfo
VirtualFree
FormatMessageA
DuplicateHandle
CreateSemaphoreA
IsDBCSLeadByteEx
SetFilePointerEx
GetFileSizeEx
UnlockFile
GetVolumeInformationW
GetSystemDirectoryW
SetFileTime
LocalAlloc
GlobalSize
GlobalFree
CompareStringW
GlobalFindAtomW
FreeResource
lstrcmpA
GetProfileIntW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetStringTypeExW
GetThreadLocale
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
FileTimeToLocalFileTime
FindResourceExW
TlsGetValue
FlushFileBuffers
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
ExitThread
ExitProcess
GetFileType
HeapReAlloc
SetStdHandle
HeapSize
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
HeapDestroy
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetCurrentDirectoryA
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
RaiseException
SetEndOfFile
GetModuleHandleA
GetSystemDirectoryA
CreateMutexA
ReleaseMutex
LoadLibraryA
SuspendThread
GetThreadContext
SetThreadContext
InterlockedCompareExchange
VirtualAlloc
VirtualQuery
HeapAlloc
GetProcessHeap
HeapFree
GetACP
GetPrivateProfileSectionW
VirtualProtect
GetLocaleInfoA
SetFilePointer
GetCurrentThreadId
GetModuleFileNameW
GetVersionExW
GetExitCodeThread
GlobalReAlloc
CreateThread
WaitForMultipleObjects
GlobalGetAtomNameW
GlobalAddAtomW
GlobalDeleteAtom
WriteFile
GetFileSize
ReadFile
ResetEvent
TerminateThread
GetSystemTime
FormatMessageW
LocalFree
GetTempFileNameW
GetFileTime
GetDriveTypeW
OutputDebugStringW
DebugBreak
WaitForSingleObject
SetEvent
OpenMutexW
MultiByteToWideChar
SetThreadPriority
CreateEventW
GetEnvironmentVariableW
ResumeThread
GetLastError
GetCurrentProcess
lstrlenA
lstrcpyW
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
RemoveDirectoryW
GetPrivateProfileSectionA
GetSystemPowerStatus
DeleteFileW
GetFileAttributesExW
SetSystemPowerState
FlushInstructionCache
WritePrivateProfileStringA
GetPrivateProfileStringA
DeviceIoControl
GetModuleFileNameA
CreateFileA
IsDebuggerPresent
GetCurrentThread
WideCharToMultiByte
CreateDirectoryW
IsProcessorFeaturePresent
TerminateProcess
GetUserDefaultLCID
SetUnhandledExceptionFilter
QueryPerformanceFrequency
GetSystemDefaultLangID
GetFullPathNameW
CreateFileW
GetCurrentProcessId
QueryPerformanceCounter
lstrcmpiW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
GetTempPathW
ReadProcessMemory
WriteProcessMemory
LoadLibraryExW
GetProcAddress
FreeLibrary
VirtualAllocEx
VirtualProtectEx
VirtualFreeEx
CreateMutexW
GetDiskFreeSpaceExW
CopyFileW
Sleep
FindFirstFileW
FindNextFileW
FindClose
GetCurrentDirectoryW
OpenProcess
CloseHandle
SetThreadExecutionState
GetLocaleInfoW
MulDiv
GetVersion
SetLastError
lstrcpynW
SetPriorityClass

ole32

CoInitializeSecurity
StringFromGUID2
OleUninitialize
OleInitialize
OleFlushClipboard
OleIsCurrentClipboard
ReleaseStgMedium
OleDuplicateData
RegisterDragDrop
CoLockObjectExternal
CoSetProxyBlanket
OleGetClipboard
CLSIDFromProgID
CoLoadLibrary
CoFreeLibrary
CoFreeUnusedLibraries
GetRunningObjectTable
CreateItemMoniker
CreateBindCtx
MkParseDisplayName
CoInitialize
CoUninitialize
CoTaskMemRealloc
OleLoadFromStream
CoTaskMemAlloc
OleSaveToStream
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromString
RevokeDragDrop
CoInitializeEx
CreateILockBytesOnHGlobal
CoRegisterMessageFilter

user32

SendDlgItemMessageA
WinHelpW
SetWindowsHookExW
CallNextHookEx
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
TrackPopupMenu
GetScrollPos
GetClassInfoW
RegisterClassW
SystemParametersInfoA
GetWindowPlacement
GetMenuState
GetMenuStringW
GetMenu
CharLowerBuffW
AdjustWindowRectEx
GetWindowRgn
GetScrollInfo
EnumWindows
GetClassNameW
GetQueueStatus
MsgWaitForMultipleObjects
wsprintfA
IntersectRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetClassInfoExW
DrawEdge
DialogBoxIndirectParamW
ValidateRect
GetUpdateRect
EndDialog
SetClassLongW
GetWindowTextLengthW
GetWindowTextW
SetFocus
SetDlgItemTextW
IsDlgButtonChecked
GetMessageTime
MessageBeep
GetMessagePos
SetRectEmpty
DestroyIcon
GetSysColor
CreateWindowExW
PostQuitMessage
MonitorFromPoint
GetCursor
wsprintfW
GetClassLongW
GetCapture
SetRect
EndPaint
BeginPaint
SetActiveWindow
GetDlgCtrlID
TranslateMessage
DispatchMessageW
ClientToScreen
GetWindow
GetDlgItemTextW
CallWindowProcW
LoadBitmapA
LoadIconA
LoadStringW
LoadStringA
LoadImageA
MessageBoxW
MessageBoxA
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
FindWindowExW
CreateAcceleratorTableW
UnregisterHotKey
RegisterHotKey
DestroyAcceleratorTable
SendMessageCallbackW
DestroyWindow
CharNextW
PeekMessageW
SendDlgItemMessageW
UpdateWindow
LoadIconW
RegisterWindowMessageW
GetWindowModuleFileNameW
GetWindowThreadProcessId
RegisterClassExW
IsMenu
CreateDialogParamW
EnumDisplayMonitors
GetAsyncKeyState
GetDC
GetMenuBarInfo
MonitorFromWindow
GetMonitorInfoW
GetCursorPos
ExitWindowsEx
RegisterClipboardFormatW
DefWindowProcW
PostThreadMessageW
GetForegroundWindow
SetForegroundWindow
WindowFromPoint
IsChild
GetDesktopWindow
RedrawWindow
GetDCEx
IsWindowVisible
ReleaseDC
GetWindowDC
ScreenToClient
SetWindowRgn
IsIconic
LoadMenuW
RemoveMenu
InsertMenuW
GetSubMenu
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
EnableMenuItem
AppendMenuW
DeleteMenu
CreatePopupMenu
LoadBitmapW
UnionRect
OffsetRect
InflateRect
PtInRect
IsRectEmpty
GetWindowLongW
SetWindowLongW
EmptyClipboard
SetClipboardData
CloseClipboard
SetLayeredWindowAttributes
OpenClipboard
GetFocus
FrameRect
GetDlgItem
GetSysColorBrush
CopyRect
FindWindowW
IsWindow
ShowWindow
SetWindowPos
ChangeDisplaySettingsW
EnumDisplayDevicesA
GetSystemMetrics
GetMessageW
IsWindowEnabled
CheckMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
LockWindowUpdate
UnregisterClassW
DrawFocusRect
WaitMessage
SetWindowContextHelpId
SystemParametersInfoW
FillRect
GetActiveWindow
SendMessageW
EnableWindow
GrayStringW
CharUpperW
ShowOwnedPopups
SetParent
GetSystemMenu
MapDialogRect
IsClipboardFormatAvailable
UnpackDDElParam
ReuseDDElParam
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
CreateDialogIndirectParamW
GetNextDlgTabItem
MoveWindow
DrawTextExW
DrawTextW
TabbedTextOutW
LoadImageW
ReleaseCapture
GetKeyState
SetCursor
MapWindowPoints
GetParent
SetCapture
KillTimer
SetTimer
InvalidateRect
GetClientRect
GetWindowRect
PostMessageW
LoadCursorW
EqualRect
UnregisterClassA
SetWindowTextW
IsDialogMessageW
CheckRadioButton
CheckDlgButton
SetMenu

gdi32

SetRectRgn
OffsetRgn
CreateBitmap
CreatePolygonRgn
GetPixel
AddFontResourceW
TranslateCharsetInfo
SetMapMode
GetTextMetricsW
EndPath
AbortPath
GetPath
BeginPath
CloseFigure
PatBlt
GetTextColor
CancelDC
EnumFontFamiliesW
CreateDCW
CopyMetaFileW
GetClipBox
SaveDC
RestoreDC
GetDIBits
IntersectClipRect
SetColorAdjustment
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetStretchBltMode
ExtSelectClipRgn
CreatePatternBrush
CreateHatchBrush
GetMapMode
DPtoLP
GetBkColor
GetCharWidthW
StretchDIBits
GetRgnBox
EqualRgn
CombineRgn
GetCurrentObject
SetBkColor
GetRegionData
FillRgn
FrameRgn
SetPixel
ExcludeClipRect
SetViewportOrgEx
AddFontResourceExW
CreateFontW
GetColorAdjustment
SetBrushOrgEx
GetDeviceCaps
CreateICW
PtInRegion
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
CreateFontIndirectW
CreatePen
Rectangle
LineTo
MoveToEx
SetTextColor
SetBkMode
CreateSolidBrush
Escape
ExtTextOutW
GetKerningPairsW
TextOutW
RectVisible
EnumFontFamiliesExW
GetStockObject
PtVisible
CreateDIBSection
DeleteObject
BitBlt
GetObjectW
CreateCompatibleBitmap
StretchBlt
SetDIBColorTable
SelectObject
DeleteDC
CreateCompatibleDC

msimg32

GradientFill
AlphaBlend

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumValueA
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyA
RegEnumKeyW
RegSetValueA
RegSetValueW
RegQueryValueW
RegQueryValueA
RegOpenKeyW
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExA
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerW
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteValueA
OpenProcessToken
RegDeleteKeyA
RegCreateKeyExA
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW

shell32

SHChangeNotify
Shell_NotifyIconW
ord680
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
DragQueryFileW
DragAcceptFiles
ShellExecuteExW
ExtractIconExW
SHGetSpecialFolderLocation
SHFileOperationW
ShellExecuteW

comctl32

InitCommonControlsEx
_TrackMouseEvent
DestroyPropertySheetPage
CreatePropertySheetPageW
PropertySheetW

shlwapi

PathCombineW
PathFindExtensionW
PathAppendW
PathAddBackslashW
PathRemoveBackslashW
PathRemoveFileSpecW
PathStripPathW
PathFindFileNameW
PathIsDirectoryW
PathRenameExtensionW
PathFileExistsW
PathRemoveExtensionW
PathStripToRootW
PathCanonicalizeW
PathIsRootW
PathIsUNCW
UrlUnescapeW
PathAddExtensionW

oledlg

OleUIBusyW

oleaut32

OleLoadPicture
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayGetElemsize
OleCreateFontIndirect
LoadRegTypeLi
DispCallFunc
VariantCopy
SysAllocStringLen
VarBstrCmp
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData
SystemTimeToVariantTime
OleCreatePropertyFrame
SysStringByteLen
SafeArrayDestroy
SysAllocStringByteLen
VarUI4FromStr
SysAllocString
VariantClear
VariantInit
SysFreeString
SysStringLen

uxtheme

OpenThemeData
DrawThemeBackground

ws2_32

send
WSAAsyncSelect
sendto
connect
WSASetLastError
select
accept
gethostbyname
recv
inet_addr
socket
setsockopt
bind
recvfrom
WSACleanup
closesocket
WSAGetLastError
htons
WSAStartup
htonl

wininet

InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetConnectW
HttpQueryInfoW
HttpQueryInfoA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpSendRequestW
HttpOpenRequestW
InternetReadFile

Sections

.text
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text.un
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 487KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_l
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_i
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_f
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_l
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_p
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_r
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46728c7517dbc202ad2098e1133b486d

Headers

DLL Characteristics

File Characteristics

Imports

ddraw

rpcrt4

winmm

dsound

imm32

unrar

kmphash

version

kernel32

ole32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

oleaut32

uxtheme

ws2_32

wininet

Sections

.text Size: 6.4MB - Virtual size: 6.4MB

.text.un Size: 50KB - Virtual size: 50KB

_TEXT64 Size: 1KB - Virtual size: 1KB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 487KB - Virtual size: 4.3MB

.rodata Size: 512B - Virtual size: 120B

.debug_l Size: 1KB - Virtual size: 1KB

.debug_i Size: 5KB - Virtual size: 4KB

.debug_a Size: 1KB - Virtual size: 1KB

.debug_a Size: 512B - Virtual size: 160B

.debug_f Size: 512B - Virtual size: 224B

.debug_l Size: 3KB - Virtual size: 3KB

.debug_p Size: 512B - Virtual size: 126B

.debug_r Size: 512B - Virtual size: 416B

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.text
Size: 6.4MB - Virtual size: 6.4MB

.text.un
Size: 50KB - Virtual size: 50KB

_TEXT64
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 487KB - Virtual size: 4.3MB

.rodata
Size: 512B - Virtual size: 120B

.debug_l
Size: 1KB - Virtual size: 1KB

.debug_i
Size: 5KB - Virtual size: 4KB

.debug_a
Size: 1KB - Virtual size: 1KB

.debug_a
Size: 512B - Virtual size: 160B

.debug_f
Size: 512B - Virtual size: 224B

.debug_l
Size: 3KB - Virtual size: 3KB

.debug_p
Size: 512B - Virtual size: 126B

.debug_r
Size: 512B - Virtual size: 416B

.rsrc
Size: 1.9MB - Virtual size: 1.9MB