2ac5a4fffe8f24c3f65088ad54342aae54cad906612ab53c4fee6b564abfcc63

Sharing

Copy URL Twitter E-mail

General

Target

2ac5a4fffe8f24c3f65088ad54342aae54cad906612ab53c4fee6b564abfcc63
Size

22.5MB
MD5

77486e9e039c1bbffaf31b569c8f451f
SHA1

6fd5f2c8257cbe8b6fa6bef09e11877528b77786
SHA256

2ac5a4fffe8f24c3f65088ad54342aae54cad906612ab53c4fee6b564abfcc63
SHA512

440d57500528223018dcd448778e686e4eaf13e7782761b78c9497d36c3fe48b5a8466bb08af86fa1ca924866b747854f7fbd2a802f3c3be00a9b34eb10169a8
SSDEEP

393216:MP5xEPyMmu65z5XuqsZWpUd95CXcjUUBfkm4Wi5zYWq2YXV17qIDesyY1N/bo:MP5xEqMmFrLs4ad95OoUQfkm4WgswYFa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac5a4fffe8f24c3f65088ad54342aae54cad906612ab53c4fee6b564abfcc63

Files

2ac5a4fffe8f24c3f65088ad54342aae54cad906612ab53c4fee6b564abfcc63
.exe windows:4 windows x86 arch:x86

a766069487b15778f716ecca453154cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
SetErrorMode
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
GetFullPathNameA
GetFileAttributesA
HeapAlloc
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapFree
RaiseException
ExitThread
GetTimeZoneInformation
TlsGetValue
GetACP
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
GlobalReAlloc
GetProfileStringA
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcpynA
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
MulDiv
SetLastError
GetThreadLocale
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
LockResource
FindResourceA
LoadResource
CreateEventA
SuspendThread
ResumeThread
SetEvent
WaitForSingleObject
GlobalLock
GlobalDeleteAtom
lstrcmpiA
GetCurrentThreadId
lstrcmpA
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LCMapStringA
GetFileTime
GetVolumeInformationA
FindFirstFileA
FindNextFileA
Process32First
OpenMutexA
Process32Next
GetCurrentDirectoryA
GetPrivateProfileStringA
CreateProcessA
SetUnhandledExceptionFilter
GlobalAlloc
GlobalFree
TerminateThread
CreateThread
GetTickCount
CreateToolhelp32Snapshot
GetShortPathNameA
GetEnvironmentVariableA
lstrcatA
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetModuleFileNameA
WinExec
GetVersionExA
SetFilePointer
GetSystemDirectoryA
CreateFileA
GetFileSize
ReadFile
CloseHandle
FreeLibrary
ReadProcessMemory
CreateFileMappingA
GetCurrentDirectoryW
MultiByteToWideChar
DuplicateHandle
Sleep
IsBadReadPtr
VirtualFree
GetModuleHandleA
VirtualAlloc
VirtualProtect
WriteProcessMemory
LoadLibraryA
GetProcAddress
lstrcpyA
GetCurrentProcess
TerminateProcess
ExitProcess

user32

DestroyMenu
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
GetDesktopWindow
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
SetCursor
PostQuitMessage
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
LoadIconA
GetClientRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
MessageBoxA
OpenDesktopA
EnumDesktopWindows
IsIconic
GetSystemMetrics
DrawIcon
EnableWindow
KillTimer
OpenClipboard
GetDC
SetTimer
InvalidateRect
EnumWindows
GetSysColorBrush
PtInRect
SetWindowPos
GetClassNameA
IsWindowVisible
GetWindowTextA
DefDlgProcA
IsWindowUnicode
PostMessageA
LoadCursorA
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
CharNextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
MapDialogRect
SetWindowContextHelpId
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
CheckMenuItem
ScreenToClient
SetFocus
OffsetRect
AdjustWindowRectEx
GetSysColor

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetBkMode
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DPtoLP
LPtoDP
GetMapMode
PatBlt
SelectObject
RestoreDC
SaveDC
DeleteDC
GetStockObject
GetDeviceCaps
GetTextColor
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
GetBkColor

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA

shell32

ShellExecuteA
ShellExecuteExA
SHChangeNotify

comctl32

ord17

oledlg

ord8

ole32

CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysAllocString
SysFreeString
VariantChangeType
SysAllocStringLen
VariantCopy
SysAllocStringByteLen
VarDateFromStr
SysStringLen
VariantTimeToSystemTime
VariantClear

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

iphlpapi

GetIfTable
SetIfEntry
GetAdaptersInfo

Sections

0
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

3
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

6
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

7
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a766069487b15778f716ecca453154cb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

iphlpapi

Sections

0 Size: 204KB - Virtual size: 204KB

1 Size: 4KB - Virtual size: 4KB

2 Size: 40KB - Virtual size: 40KB

3 Size: 52KB - Virtual size: 52KB

4 Size: 4KB - Virtual size: 4KB

5 Size: 20KB - Virtual size: 20KB

6 Size: 304KB - Virtual size: 304KB

7 Size: 72KB - Virtual size: 72KB

8 Size: 4KB - Virtual size: 4KB

9 Size: 32KB - Virtual size: 32KB

0
Size: 204KB - Virtual size: 204KB

1
Size: 4KB - Virtual size: 4KB

2
Size: 40KB - Virtual size: 40KB

3
Size: 52KB - Virtual size: 52KB

4
Size: 4KB - Virtual size: 4KB

5
Size: 20KB - Virtual size: 20KB

6
Size: 304KB - Virtual size: 304KB

7
Size: 72KB - Virtual size: 72KB

8
Size: 4KB - Virtual size: 4KB

9
Size: 32KB - Virtual size: 32KB