7fce979d1cbbc3e16168857fb0e3b624e4908fa1e8d540a872d03421410bca9f

Sharing

Copy URL

Twitter E-mail

General

Target

7fce979d1cbbc3e16168857fb0e3b624e4908fa1e8d540a872d03421410bca9f
Size

2.5MB
MD5

b1e0615e32aba77c22f976a3fbe49b84
SHA1

e105d68c683e6864f6e7e4b1f99c521e078022b4
SHA256

7fce979d1cbbc3e16168857fb0e3b624e4908fa1e8d540a872d03421410bca9f
SHA512

ecb8bed2ff123babfae7bb9053da4120cc90b5d35e228592836edf765bf2ccc46241b9671ffaa01cff3293f1869690210c8b58a40af366db36a9e7251d5afb9f
SSDEEP

49152:ab4+0XD5mqZYCfh7BWJE0Slbe3eYYlBQQyo0bSPyOGLt4oPf+ksU4W0/JWum:a1zCfhFWtSlbeOYYlBJyo0bVOGLtr+kY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fce979d1cbbc3e16168857fb0e3b624e4908fa1e8d540a872d03421410bca9f

Files

7fce979d1cbbc3e16168857fb0e3b624e4908fa1e8d540a872d03421410bca9f
.exe windows:6 windows x86 arch:x86

85eea362d55aa2354ab42f1fcfee5ebb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
FindFirstFileExA
GetEnvironmentStringsW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
VirtualQuery
GetSystemInfo
RtlUnwind
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
GetConsoleCP
FindNextFileA
GetCommandLineW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
GetUserDefaultLCID
GetTempFileNameA
SearchPathA
IsValidCodePage
GetProfileIntA
GetTempPathA
VerifyVersionInfoA
GetWindowsDirectoryA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
FindResourceExW
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetLocaleInfoW
GetVersionExA
FileTimeToSystemTime
lstrcmpA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetThreadPriority
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
CopyFileA
GlobalFree
GlobalSize
SetLastError
lstrcpyA
lstrcmpiA
lstrcpynA
GlobalAlloc
GetCurrentProcessId
VerSetConditionMask
SystemTimeToFileTime
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
GetFileAttributesA
CreateDirectoryA
IsDBCSLeadByte
MulDiv
FindResourceA
FreeResource
LoadLibraryA
lstrlenA
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleA
GetTickCount
GetFileSize
GetACP
BuildCommDCBA
FormatMessageA
WaitCommEvent
SetCommTimeouts
SetCommState
SetCommMask
PurgeComm
GetCommState
GetCommMask
ClearCommError
WaitForMultipleObjects
LocalFree
ResumeThread
SuspendThread
GetExitCodeThread
TerminateThread
GetOverlappedResult
WriteFile
ReadFile
CreateFileA
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringA
FindResourceW
WinExec
SizeofResource
LockResource
LoadResource
GetModuleFileNameA
VirtualFree
VirtualAlloc
GetLocalTime
Sleep
CreateEventA
SetEvent
LeaveCriticalSection
EnterCriticalSection
DecodePointer
InitializeCriticalSection
CloseHandle
GetCurrentDirectoryA
GetPrivateProfileStringA
CreateThread
WaitForSingleObject
ResetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
GetCommandLineA

user32

MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
RealChildWindowFromPoint
GetDesktopWindow
SetRectEmpty
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
CopyImage
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
SystemParametersInfoA
GetMenuItemInfoA
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
GetSysColorBrush
GetWindowThreadProcessId
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
CopyRect
RemovePropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
UpdateWindow
SetMenu
GetCapture
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
DestroyIcon
GetMessageTime
GetMessagePos
PeekMessageA
RegisterWindowMessageA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
MapVirtualKeyExA
GetKeyNameTextA
GetKeyboardLayout
SetForegroundWindow
GetGUIThreadInfo
InvalidateRgn
CreateAcceleratorTableA
IsWindowEnabled
CloseClipboard
GetWindowTextA
SetWindowTextA
EqualRect
SetRect
FillRect
DrawTextW
DrawTextA
CharPrevA
MonitorFromPoint
GetWindowRgn
MoveWindow
UpdateLayeredWindow
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
SetClipboardData
EmptyClipboard
DrawStateA
CreateCaret
TrackPopupMenu
AppendMenuA
DrawEdge
DrawFrameControl
SendMessageA
ShowWindow
EnableMenuItem
DestroyMenu
CreatePopupMenu
AdjustWindowRectEx
GetPropA
SetPropA
GetMenu
GetSystemMetrics
EnableWindow
GetClassInfoExA
RegisterClassExA
RegisterClassA
CallWindowProcA
DefWindowProcA
wsprintfA
GetMonitorInfoA
MonitorFromWindow
CharUpperA
TrackMouseEvent
LoadImageW
ShowOwnedPopups
DeleteMenu
GetNextDlgGroupItem
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
InvertRect
LoadImageA
GetWindow
GetParent
PtInRect
LoadCursorW
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetParent
GetClassInfoA
KillTimer
PostQuitMessage
IsIconic
IsZoomed
SetTimer
SetWindowRgn
GetClientRect
WaitMessage
GetWindowRect
MessageBoxA
ScreenToClient
GetWindowLongA
SetWindowLongA
SetCursor
InflateRect
UnionRect
OffsetRect
LoadCursorA
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
CreateWindowExA
IsWindow
DestroyWindow
SetWindowPos
IsWindowVisible
CharNextA
SetFocus
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
GetCursorPos
MapWindowPoints
GetSysColor
IntersectRect
IsRectEmpty
OpenClipboard
CopyIcon
FrameRect
DrawIcon
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
DestroyCursor
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
CopyAcceleratorTableA
DestroyAcceleratorTable
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
IsCharLowerA
GetWindowTextLengthA

gdi32

PtInRegion
CreateDIBSection
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsA
GetClipBox
GetTextExtentPoint32A
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
MoveToEx
TextOutA
GdiFlush
CreatePatternBrush
GetTextExtentPointA
GetBitmapBits
SetBitmapBits
CopyMetaFileA
CreateDCA
CreateBitmap
CreateHatchBrush
Escape
ExcludeClipRect
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
CreateRectRgn
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
LPtoDP
GetRgnBox
OffsetRgn
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetWindowOrgEx
GetTextMetricsA
GetObjectA
PlayEnhMetaFile
GetEnhMetaFileHeader
CloseEnhMetaFile
SelectObject
SaveDC
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
DeleteDC
CreatePen
CreateFontIndirectA
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
CreateEnhMetaFileA
CreateRoundRectRgn

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragFinish
SHAppBarMessage
SHBrowseForFolderA
DragQueryFileA

comctl32

_TrackMouseEvent
InitCommonControlsEx
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA
PathFindExtensionA

uxtheme

GetWindowTheme
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
CoLockObjectExternal
OleGetClipboard
CoInitializeEx
CoDisconnectObject
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
DoDragDrop
RegisterDragDrop
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
SysFreeString
VariantCopy
VarBstrFromDate
SysAllocStringByteLen
VariantClear
SysAllocStringLen
VariantInit
SysAllocString

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipDrawRectangleI
GdipFillRectangleI
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

ws2_32

gethostbyname
WSAStartup
gethostname

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 425KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85eea362d55aa2354ab42f1fcfee5ebb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

imm32

winmm

ws2_32

oleacc

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 425KB - Virtual size: 425KB

.data Size: 26KB - Virtual size: 44KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 169KB - Virtual size: 169KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 425KB - Virtual size: 425KB

.data
Size: 26KB - Virtual size: 44KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 169KB - Virtual size: 169KB