cfd103df093822fe5902ece5b66529a36b623194a2d20de59044de681f7aad01

Sharing

Copy URL

Twitter E-mail

General

Target

cfd103df093822fe5902ece5b66529a36b623194a2d20de59044de681f7aad01
Size

7.2MB
MD5

451762762dbb8be0aee5212732ccf8bf
SHA1

46f0c08e2967463b82341107ae7940686541ab11
SHA256

cfd103df093822fe5902ece5b66529a36b623194a2d20de59044de681f7aad01
SHA512

3dddaed738ff79cea4f2ab81dd3ea77367096fba1a5aed7559432d6329d98885ab3fac9e870ebda09a16d9e5c1cb02756df2706e05a620793cfbb41045097f1a
SSDEEP

196608:ipw6wZ6cF89bi9lYaFqxhb4vHOYE5F8OVAFLOyomFHKnPQ:tWF4vuYERVAF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfd103df093822fe5902ece5b66529a36b623194a2d20de59044de681f7aad01

Files

cfd103df093822fe5902ece5b66529a36b623194a2d20de59044de681f7aad01
.exe windows:6 windows x86 arch:x86

ac963c3c8b4b62f59181e2f0c6fe4cb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
FileTimeToLocalFileTime
SetThreadPriority
CreateEventW
ResetEvent
WideCharToMultiByte
MultiByteToWideChar
CopyFileW
GetModuleFileNameW
VirtualQuery
GetVersionExW
CreateProcessW
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
WaitForSingleObject
CreatePipe
SetLastError
ReadFile
GetFileAttributesExW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCommandLineW
GetUserDefaultLCID
LoadLibraryW
FreeLibrary
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
FreeResource
InitializeCriticalSection
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalAlloc
CreateThread
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
IsDebuggerPresent
GetPrivateProfileStringW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTempPathW
GetTickCount
ExitProcess
CreateWaitableTimerW
SetWaitableTimer
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
SetFilePointerEx
GetConsoleMode
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualAlloc
GetSystemInfo
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetModuleHandleExW
GetCommandLineA
GetTimeZoneInformation
RtlUnwind
OutputDebugStringW
GetStartupInfoW
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetTempFileNameW
FindResourceExW
Sleep
GetProfileIntW
SearchPathW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
VirtualProtect
VerifyVersionInfoW
VerSetConditionMask
GlobalGetAtomNameW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetThreadLocale
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CreateFileW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
lstrcpyW
CompareStringW
GlobalFindAtomW
LoadLibraryA
EncodePointer
FormatMessageW
LocalFree
GetCurrentProcessId
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
GetCurrentThread
OutputDebugStringA
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
ResumeThread
SetEvent
FileTimeToSystemTime
GetLastError
RaiseException
DecodePointer

user32

DrawIconEx
UnregisterClassW
ShowWindow
TranslateMessage
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
GetWindowLongW
SetWindowLongW
FindWindowW
SetWindowTextW
MessageBoxA
GetSystemMetrics
GetDC
GetWindowDC
ReleaseDC
GetClientRect
GetWindowRect
LoadStringW
SendMessageW
DefWindowProcW
RegisterClassW
GetClassInfoW
CreateWindowExW
LoadCursorW
LoadIconW
LoadImageW
CopyImage
MoveWindow
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetActiveWindow
SetForegroundWindow
GetDesktopWindow
GetParent
GetWindowThreadProcessId
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
IsWindowVisible
GetActiveWindow
ValidateRect
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
PostQuitMessage
EnableWindow
IsWindowEnabled
GetLastActivePopup
RegisterClipboardFormatW
SetWindowContextHelpId
GetWindow
MapDialogRect
RedrawWindow
MessageBeep
OffsetRect
SystemParametersInfoW
GetDlgItem
CheckDlgButton
GetDlgCtrlID
SetFocus
GetWindowTextW
GetWindowTextLengthW
IsDialogMessageW
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
RemoveMenu
UnhookWindowsHookEx
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
RegisterWindowMessageW
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetCapture
GetMenu
SetMenu
UpdateWindow
GetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
AdjustWindowRectEx
MapWindowPoints
CopyRect
EqualRect
PtInRect
GetClassLongW
GetClassNameW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
InflateRect
MonitorFromPoint
RealChildWindowFromPoint
GetSysColorBrush
CharUpperW
SetTimer
KillTimer
InvalidateRect
PostThreadMessageW
CharNextW
SetCapture
ReleaseCapture
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
GetNextDlgTabItem
BringWindowToTop
LoadAcceleratorsW
LoadMenuW
InsertMenuItemW
SetRectEmpty
UnpackDDElParam
ReuseDDElParam
SetParent
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
TrackMouseEvent
GetAsyncKeyState
GetSystemMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
ModifyMenuW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
EnumChildWindows
LockWindowUpdate
SetClassLongW
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
DrawEdge
DrawFrameControl
DrawFocusRect
UnionRect
GetIconInfo
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
MonitorFromWindow
GetMonitorInfoW
GetKeyState
wsprintfW
PostMessageW
IsWindow
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
CreateMenu
CreatePopupMenu
DestroyMenu
GetSubMenu
InsertMenuW
AppendMenuW
DeleteMenu
TrackPopupMenu
GetCursorPos
SetWindowPos
IsIconic
IsZoomed
SetRect
IntersectRect
IsRectEmpty
DestroyIcon

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
SetMapMode
SetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
LineTo
IntersectClipRect
GetViewportExtEx
GetObjectType
GetLayout
GetClipBox
ExcludeClipRect
Escape
CreateDIBSection
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetPixel
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
CombineRgn
GetTextExtentPoint32W
CreatePen
SetPixel
CreateDCW
CopyMetaFileW
SetDIBColorTable
GetObjectW
SetPixelV
GetTextFaceW
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
LPtoDP
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
GetMapMode
OffsetRgn
CreateRoundRectRgn
PatBlt
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreatePalette
DeleteObject
GetDeviceCaps
GetDIBits
GetStockObject
GetSystemPaletteEntries
RealizePalette
SelectObject
SelectPalette
StretchBlt
CreateFontIndirectW

advapi32

RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
SHGetDesktopFolder

ole32

CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
DoDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoGetClassObject
RegisterDragDrop
CreateStreamOnHGlobal
CLSIDFromProgID
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CoInitialize
IIDFromString
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoLockObjectExternal
OleRun
CoUninitialize
RevokeDragDrop

oleaut32

OleCreateFontIndirect
RegisterTypeLi
VarBstrFromDate
SystemTimeToVariantTime
SafeArrayDestroy
SysStringLen
SysAllocStringLen
LoadTypeLi
LHashValOfNameSys
VarCmp
VariantChangeType
VariantCopyInd
VariantClear
VariantCopy
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
VariantTimeToSystemTime
SafeArrayGetElemsize
SafeArrayGetDim
SysFreeString
SysAllocString

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

cryptopptoolx86

cryptopp_string_GetText
cryptopp_string_SetData
cryptopp_string_new
Cryptopp_GetBinMdN
cryptopp_string_delete

xcgui

XRes_GetColor
XAdListView_Item_SetImageEx
XShapePic_SetImage
XShapeText_GetText
XShapeText_SetText
XImage_SetDrawType
XImage_LoadMemory
XInitXCGUI
XC_LoadResourceZipMem
XC_LoadLayoutZipMem
XWidget_GetName
XWidget_GetID
XWidget_SetID
XWnd_Show
XObj_SetTypeEx
XWnd_AdjustLayout
XWnd_Redraw
XC_GetObjectByName
XRunXCGUI
XExitXCGUI
XBkM_SetBkInfo
XBkM_AddImage
XBkM_Clear
_XWnd_RegEvent
_XWnd_RemoveEvent
_XEle_RegEvent
XWnd_GetHWND
_XEle_RemoveEvent
XAdListView_Item_SetTextEx
XRes_GetImage
XBtn_Create
XBtn_IsCheck
XBtn_SetCheck
XBtn_SetTypeEx
XBtn_SetGroupID
XBtn_GetGroupID
XEdit_Create
XEdit_SetText
XEdit_GetText
XEdit_GetLength
XEle_Create
XEle_IsEnable
XEle_Move
XEle_GetWndClientRect
XEle_EnableTopmost
XEle_Redraw
XEle_AddBkBorder
XEle_AddBkFill
XEle_AddBkImage
XEle_ClearBkInfo
XEle_GetBkManagerEx
XEle_GetStateFlags
XEle_DrawEle
XEle_AdjustLayout
XLayout_Create
XLayout_IsEnableLayout
XListView_Create
XListView_BindAdapter
XListView_GetAdapter
XListView_SetItemTemplateXML
XListView_GetTemplateObject
XListView_SetColumnSpace
XImage_EnableAutoDestroy
XAdListView_Item_GetTextEx
XAdListView_Group_DeleteAllChildItem
XAdListView_DeleteAllItem
XWidget_GetParent
XListView_SetRowSpace
XListView_SetItemSize
XListView_SetGroupHeight
XListView_ClearItemBkInfo
XListView_RefreshData
XListView_DeleteAllItem
XSView_Create
XAdListView_Item_AddItemTextEx
XAdListView_Item_AddColumn
XAdListView_Group_AddItemText
XAdListView_Group_AddColumn
XWidget_Show
XAdListView_Create
XWnd_Create

msimg32

AlphaBlend
TransparentBlt

uxtheme

DrawThemeText
GetWindowTheme
DrawThemeBackground
OpenThemeData
DrawThemeParentBackground
CloseThemeData
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetThemeSysColor

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI
GdipCreateFromHDC

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac963c3c8b4b62f59181e2f0c6fe4cb7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

cryptopptoolx86

xcgui

msimg32

uxtheme

oledlg

gdiplus

oleacc

imm32

winmm

winspool.drv

shlwapi

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 420KB - Virtual size: 420KB

.data Size: 33KB - Virtual size: 52KB

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.reloc Size: 172KB - Virtual size: 171KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 420KB - Virtual size: 420KB

.data
Size: 33KB - Virtual size: 52KB

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

.reloc
Size: 172KB - Virtual size: 171KB