c323fb5bbbef1f4d62eaeca2e25297dfc598a7742abc53830b0a27464cf7426d

Sharing

Copy URL Twitter E-mail

General

Target

c323fb5bbbef1f4d62eaeca2e25297dfc598a7742abc53830b0a27464cf7426d
Size

3.5MB
MD5

ae63f046dc98b669258de0cd5009c383
SHA1

f4a90195c8a04f59329a9931262bc53fbece4b3a
SHA256

c323fb5bbbef1f4d62eaeca2e25297dfc598a7742abc53830b0a27464cf7426d
SHA512

933736807c286d7c069025705b3a61dc541df3e3f9d2546ae508eb30b7838a7ad4071c646a432e9d2abfaa1376fe4cc1549d4db88c87fb79b2d14abe98806d99
SSDEEP

98304:UicoOtxmimYHl4nXi9aouxpbh+Zr+h7e0BWP7k2yf/sm7Mcp:CoOtIX1xCZrkEo2yf/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c323fb5bbbef1f4d62eaeca2e25297dfc598a7742abc53830b0a27464cf7426d

Files

c323fb5bbbef1f4d62eaeca2e25297dfc598a7742abc53830b0a27464cf7426d
.exe windows:5 windows x86 arch:x86

62937580f9ff6dbfb975b04b43b61f3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
GetDriveTypeW
DeleteFileA
InterlockedIncrement
HeapAlloc
HeapCreate
InterlockedDecrement
HeapFree
HeapDestroy
ExitProcess
CreateThread
Sleep
GetTickCount
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
MulDiv
MultiByteToWideChar
lstrlenW
LocalFree
FormatMessageA
GlobalAlloc
GlobalSize
CopyFileA
SetThreadPriority
ResumeThread
GetCurrentThreadId
WaitForSingleObject
CreateEventA
lstrcmpW
LoadLibraryW
CompareStringA
FreeLibrary
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetModuleFileNameA
GetCurrentProcessId
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
WaitForMultipleObjects
GlobalReAlloc
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetUserDefaultLCID
GetFileTime
GetTempFileNameA
GetFullPathNameA
FileTimeToSystemTime
GlobalFlags
GetACP
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetThreadLocale
GetCPInfo
GetOEMCP
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
GetFileInformationByHandle
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetWindowsDirectoryA
GetNumberFormatA
GetTempPathA
SetErrorMode
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
GetTimeFormatA
GetDateFormatA
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
HeapReAlloc
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
GetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
LCMapStringW
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
GetLocalTime
TerminateThread
GetExitCodeThread
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
lstrcpynA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
ExpandEnvironmentStringsA
LoadLibraryA
ResetEvent
SetEvent
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
SetFilePointer
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SetEndOfFile
SizeofResource

user32

SetRect
RealChildWindowFromPoint
GetSysColorBrush
IsRectEmpty
DrawIcon
SetTimer
KillTimer
UnregisterClassA
EnumDisplayMonitors
SetLayeredWindowAttributes
DeleteMenu
GetSystemMenu
SetParent
UnionRect
WindowFromPoint
CharUpperA
LoadAcceleratorsW
CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentW
GetMenuDefaultItem
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
GetIconInfo
CopyImage
GetNextDlgGroupItem
DrawIconEx
IsZoomed
DestroyAcceleratorTable
SetClassLongA
DrawStateA
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
LockWindowUpdate
GetDCEx
IsClipboardFormatAvailable
WaitMessage
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
MonitorFromPoint
IsMenu
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
SetMenuDefaultItem
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
MapDialogRect
GetWindowRgn
GetTabbedTextExtentA
GetKeyboardLayoutList
GetClipboardData
CreateIconIndirect
CreateIconFromResourceEx
SendMessageTimeoutA
SetWindowLongW
GetWindowLongW
IsWindowUnicode
ShowCaret
LookupIconIdFromDirectoryEx
LoadBitmapA
GetMenuStringW
GetCursor
mouse_event
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetWindowThreadProcessId
SetCursor
LoadCursorW
DestroyCursor
SetCapture
InvalidateRect
ClientToScreen
IsIconic
SetCursorPos
ReleaseCapture
OffsetRect
InflateRect
ShowWindow
DestroyMenu
ShowOwnedPopups
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
GetWindow
SetFocus
MapVirtualKeyA
GetKeyNameTextA
CopyRect
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
SendMessageA
EnableWindow
wsprintfA
InvalidateRgn
SetWindowContextHelpId
CharNextA
LoadBitmapW
SetWindowRgn
GetWindowRect
GetClientRect
GetDC
ReleaseDC
IsWindowVisible
GetDesktopWindow
LoadCursorA
DefWindowProcA
GetClassInfoA
SystemParametersInfoA
IsWindow
GetFocus
SetWindowPos
UpdateWindow
RedrawWindow
LoadIconW
GetMenu
EnableMenuItem
GetSubMenu
LoadMenuW
GetCursorPos
RegisterWindowMessageA
LoadImageA
PostQuitMessage
GetSystemMetrics
GetMenuItemInfoA
UnpackDDElParam
ReuseDDElParam
SetWindowTextA
LoadMenuA
DestroyIcon
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
IntersectRect
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
EndPaint
BeginPaint
MoveWindow
GetWindowDC
IsDialogMessageA

gdi32

GetObjectType
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
PatBlt
SetTextColor
SetBkColor
CreateBitmap
SelectObject
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
CreateFontIndirectA
CreateCompatibleBitmap
CreateRoundRectRgn
CreateCompatibleDC
FillRgn
RoundRect
BitBlt
GetTextExtentPoint32A
CreateHatchBrush
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DPtoLP
GetViewportOrgEx
Rectangle
GetTextMetricsA
SetRectRgn
GetLayout
SetLayout
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
CombineRgn
GetMapMode
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
CreateDIBitmap
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetWindowOrgEx
GetTextExtentPoint32W
GetTextExtentPointA
GetTextFaceA
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
GetBkColor
StretchDIBits
CreateFontA
GetCharWidthA
GetTextCharsetInfo
GetObjectA
GetDeviceCaps
ScaleWindowExtEx
GetCurrentPositionEx
BeginPath
CloseFigure
EndPath
StrokeAndFillPath
FillPath
StrokePath
ExtTextOutW
GetBitmapBits
ExtCreateRegion
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
PtInRegion
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
SetPixel
StretchBlt
GetDIBits
SetDIBColorTable
SelectPalette
GetStockObject
CreatePatternBrush
Polygon
Polyline
CreatePolygonRgn
GetCurrentObject
PolyBezierTo
ExtSelectClipRgn
DeleteDC
EnumFontFamiliesA

shell32

DragFinish
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHAppBarMessage
ExtractIconExA
ShellExecuteA
DragQueryFileA

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
VariantClear
LoadTypeLi
SysStringByteLen
VariantCopy
SysAllocStringByteLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VarBstrFromDate
SysAllocString
OleLoadPicturePath
VarUdateFromDate
VariantChangeTypeEx
VarCmp
OleCreateFontIndirect

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_DrawEx
ImageList_Destroy
ImageList_GetImageCount
ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord1
ord8

wldap32

ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord41
ord46
ord22

ws2_32

recv
send
WSAIoctl
setsockopt
select
ntohl
htonl
gethostname
ioctlsocket
listen
WSAGetLastError
__WSAFDIsSet
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
WSASetLastError
WSACleanup
WSAStartup
getsockname

crypt32

CertFreeCertificateContext

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipCreateBitmapFromScan0

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

CryptDestroyHash
CryptImportKey
CryptEncrypt
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyKey
CryptGetHashParam

ole32

OleIsCurrentClipboard
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
RegisterDragDrop
RevokeDragDrop
CoGetClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CLSIDFromString
CoCreateInstance
CoCreateGuid
CoDisconnectObject
OleGetClipboard
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoLockObjectExternal
StgOpenStorageOnILockBytes
CoTaskMemFree
OleLockRunning
OleFlushClipboard

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62937580f9ff6dbfb975b04b43b61f3d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 583KB - Virtual size: 583KB

.data Size: 49KB - Virtual size: 83KB

.rsrc Size: 103KB - Virtual size: 104KB

.reloc Size: 316KB - Virtual size: 316KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 583KB - Virtual size: 583KB

.data
Size: 49KB - Virtual size: 83KB

.rsrc
Size: 103KB - Virtual size: 104KB

.reloc
Size: 316KB - Virtual size: 316KB