9506d57390846244b83c83dc886c43dd7b6572eb8ba025e2002614c5ceee44c1

Sharing

Copy URL Twitter E-mail

General

Target

9506d57390846244b83c83dc886c43dd7b6572eb8ba025e2002614c5ceee44c1
Size

1.8MB
MD5

15939014312200ccd1551edf589a2b3b
SHA1

ea0fb7962c3cc12418a1088f69f5067a778275c9
SHA256

9506d57390846244b83c83dc886c43dd7b6572eb8ba025e2002614c5ceee44c1
SHA512

cb6ca6b97054f6b7cfd7835b555c78722565f83d6534a6eb33aa87b8e52d93061df622c6be88b3f076460fe80921357869e5b3ec26741ea30caf2e363c4558b8
SSDEEP

49152:Bwme2r1Y6bpe9wlEjRB1sSXdPh3+oFV8YIo2/G7VrClgkmqc4g6pQJp0Bt:BnRY6leKEjRBVXdPh3+on8c2/YVrCGBE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9506d57390846244b83c83dc886c43dd7b6572eb8ba025e2002614c5ceee44c1

Files

9506d57390846244b83c83dc886c43dd7b6572eb8ba025e2002614c5ceee44c1
.exe windows:5 windows x86

38f96bd37192d39ebd3f52b11b70a823

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GlobalReAlloc
GetThreadLocale
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetACP
lstrcpyA
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
GetStringTypeExA
lstrcmpiA
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
GetFileAttributesExA
LocalFileTimeToFileTime
GetFileSizeEx
GetWindowsDirectoryA
GetNumberFormatA
GetTempPathA
GetProfileIntA
SearchPathA
SetErrorMode
VirtualProtect
FindResourceExW
HeapFree
EncodePointer
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
IsProcessorFeaturePresent
HeapCreate
TlsGetValue
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
GetFileAttributesA
GetUserDefaultLCID
GetTickCount
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleHandleW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetModuleHandleA
FreeLibrary
CompareStringA
LoadLibraryW
lstrcmpW
FreeResource
GetCurrentThreadId
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
SetLastError
MultiByteToWideChar
lstrlenA
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
CreateToolhelp32Snapshot
GetModuleFileNameA
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
OpenProcess
Process32First
InterlockedDecrement
InterlockedIncrement
CloseHandle
CreateMutexA
GetLastError
DeleteFileA
LockResource
MoveFileA
SizeofResource
Sleep
WideCharToMultiByte
LoadResource
FindResourceW
GlobalHandle
FindResourceA
GetProcessHeap

user32

InflateRect
LoadMenuW
SetWindowRgn
SetTimer
KillTimer
SetCapture
WindowFromPoint
NotifyWinEvent
GetAsyncKeyState
CharUpperA
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
GetMenuItemInfoA
SetMenuDefaultItem
GetMenuDefaultItem
GetDCEx
LockWindowUpdate
GetKeyNameTextA
MapVirtualKeyA
LoadAcceleratorsW
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageA
WaitMessage
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
DestroyAcceleratorTable
CreateAcceleratorTableA
SetClassLongA
EnumChildWindows
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
DrawIcon
CreateMenu
GetTabbedTextExtentW
UnregisterClassA
InvertRect
DrawFocusRect
HideCaret
GetIconInfo
DrawIconEx
DrawEdge
DrawFrameControl
SetCursorPos
FrameRect
CopyIcon
CharUpperBuffA
IsCharLowerA
MapVirtualKeyExA
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
SubtractRect
GetDoubleClickTime
GetWindowRgn
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
SystemParametersInfoA
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetLayeredWindowAttributes
SetWindowLongA
SetWindowPos
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
IsWindow
ScreenToClient
ClientToScreen
GetWindowRect
PtInRect
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetClassNameA
InvalidateRect
GetClientRect
DrawStateA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
GetWindow
GetWindowLongA
SetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
MessageBeep
RedrawWindow
RegisterClipboardFormatA
GetMessageA
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
SetCursor
ReleaseCapture
LoadAcceleratorsA
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
BringWindowToTop
TranslateAcceleratorA
IsZoomed
GetSystemMetrics
MapWindowPoints
GetSystemMenu
DeleteMenu
OffsetRect
SetRectEmpty
IsRectEmpty
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EnumDisplayMonitors
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorW
LoadCursorA
DestroyCursor
GetMenu
SetRect
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
FillRect
wsprintfA
LoadBitmapW
UpdateWindow
EnableWindow
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
IsWindowVisible
GetMonitorInfoA
SetParent

gdi32

CreateFontIndirectA
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
LineTo
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetStockObject
SetPixelV
GetBoundsRect
FrameRgn
FillRgn
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetObjectA
CreateSolidBrush
DeleteObject
CreateBitmap
CreateDCA
Ellipse
GetDeviceCaps
PtInRegion
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
Polygon
Polyline
CreatePolygonRgn
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetWindowOrgEx
GetTextExtentPoint32W
GetTextExtentPointA
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
LPtoDP
CreateEllipticRgn
SetPixel
StretchBlt
RealizePalette
GetDIBits
SetDIBColorTable
OffsetRgn
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
CreateDIBSection
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
CreateRectRgnIndirect
CreateDIBitmap
MoveToEx
SetTextAlign
EndDoc
AbortDoc
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
GetTextMetricsA
GetTextExtentPoint32A
GetCharWidthA
CreateFontA
StretchDIBits
CreateCompatibleBitmap
GetViewportOrgEx
DPtoLP
Rectangle
PatBlt
StartPage
EndPage
SetAbortProc
CopyMetaFileA

advapi32

RegCreateKeyExA
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegOpenKeyExW
RegEnumKeyExA
OpenProcessToken
LookupPrivilegeValueA
RegEnumKeyA
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA

shell32

SHAppBarMessage
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFolderPathA
ShellExecuteA
DragFinish
DragQueryFileA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation

ole32

OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
DoDragDrop
OleLockRunning
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
CoInitializeEx
CoInitializeSecurity
CoCreateInstance

oleaut32

VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantClear
VariantInit
SysFreeString
SysAllocStringByteLen
VariantChangeType
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen

msimg32

AlphaBlend
TransparentBlt

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathAppendA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

oledlg

ord8

gdiplus

GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImageGraphicsContext
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI

wininet

InternetCloseHandle
InternetOpenA
InternetReadFile
InternetOpenUrlA
HttpQueryInfoA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38f96bd37192d39ebd3f52b11b70a823

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

wininet

oleacc

imm32

winmm

winspool.drv

comdlg32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 297KB - Virtual size: 297KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 94KB - Virtual size: 94KB

.reloc Size: 169KB - Virtual size: 169KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 297KB - Virtual size: 297KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 94KB - Virtual size: 94KB

.reloc
Size: 169KB - Virtual size: 169KB