0196d15df4a5ce33eb83d95b2b4c35f2706919906fd490dc1ebf4fcbb99b134d

Sharing

Copy URL Twitter E-mail

General

Target

0196d15df4a5ce33eb83d95b2b4c35f2706919906fd490dc1ebf4fcbb99b134d
Size

2.2MB
MD5

2ddc3254834776fb472859230a9dd3ec
SHA1

8e906c26a99eacbe71fc0386d0df4fcf0aea9f92
SHA256

0196d15df4a5ce33eb83d95b2b4c35f2706919906fd490dc1ebf4fcbb99b134d
SHA512

1c45ef5ef792545ac4569fb291be8ddaca972fb96d14f457a8997564224a56c46c060359388a625b9a6543827bb7dd24d75793c920ed8824b4e99e2f8dbc1ca6
SSDEEP

49152:o/i8uBgzljegid+LBvNzVx+u6p0HjcYETaY6BU0G2y5WF:o/i8uGz58d+FvNRx16pCcYETaY6BU0Gn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0196d15df4a5ce33eb83d95b2b4c35f2706919906fd490dc1ebf4fcbb99b134d

Files

0196d15df4a5ce33eb83d95b2b4c35f2706919906fd490dc1ebf4fcbb99b134d
.exe windows:6 windows x86 arch:x86

10121d87c1279ec9552e2c46ca56354f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsnwprintf_s
__p__commode
__stdio_common_vsnprintf_s
__stdio_common_vsscanf
_set_fmode
__stdio_common_vsprintf_s

api-ms-win-crt-heap-l1-1-0

_msize
_set_new_mode
malloc
_expand
realloc
free
calloc

api-ms-win-crt-convert-l1-1-0

atol
wcstombs_s
atoi
strtol
strtoul
_ultoa_s
_ltoa_s

api-ms-win-crt-runtime-l1-1-0

__p___argv
_initialize_onexit_table
_initialize_narrow_environment
_register_onexit_function
_beginthreadex
_crt_atexit
_cexit
_configure_narrow_argv
terminate
_seh_filter_exe
_set_app_type
_initterm
_initterm_e
exit
_endthread
abort
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo
_resetstkoflw
_controlfp_s
_errno
_beginthread
_get_narrow_winmain_command_line
__p___argc
_exit

api-ms-win-crt-multibyte-l1-1-0

_ismbblead
_ismbcalnum
_mbsicmp
_mbsupr_s
_ismbcdigit
_mbsnbcmp
_mbsicoll
_mbsinc
_mbsnbcpy_s
_mbschr
_mbsspn
_mbsnbcpy
_mbspbrk
_mbscmp
_mbsrchr
_mbsstr
_ismbcalpha
_mbscspn
_mbsdec
_ismbcspace
_ismbcprint
_mbslwr_s
_mbctolower
_mbctoupper
_mbscoll

api-ms-win-crt-math-l1-1-0

sqrt
sin
floor
cos
exp
__setusermatherr
ceil
atan2

api-ms-win-crt-string-l1-1-0

wcsncpy_s
strncpy_s
wcsnlen
strnlen
strlen
wcslen
wcscpy_s
wcscat_s
wcsncmp
strcpy_s
_strnicmp
_strdup
wmemcpy_s
toupper
strcat_s

api-ms-win-crt-time-l1-1-0

strftime
_mktime64
clock
_localtime64_s
_time64

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_setmbcp

api-ms-win-crt-utility-l1-1-0

labs
abs
rand_s
ldiv

api-ms-win-crt-filesystem-l1-1-0

_fullpath
_makepath_s
_splitpath_s

winmm

waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutGetNumDevs
waveInGetNumDevs
PlaySoundA
waveOutWrite
waveInClose
waveInReset
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInOpen
waveOutReset

kernel32

WaitForSingleObject
CreateThread
TerminateThread
ResumeThread
DecodePointer
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
Sleep
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
VirtualAlloc
VirtualFree
IsBadReadPtr
IsBadWritePtr
GetTickCount
CreateDirectoryA
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetDiskFreeSpaceExA
GetFileAttributesA
GetFileSize
ReadFile
RemoveDirectoryA
SetFilePointer
GetVolumeInformationA
LocalAlloc
LocalFree
lstrcpyA
lstrlenA
GetLogicalDriveStringsA
MoveFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
MultiByteToWideChar
WriteFile
SetUnhandledExceptionFilter
ExitProcess
GetSystemInfo
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CancelIo
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemDirectoryA
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
lstrcatA
lstrlenW
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
CopyFileA
LocalSize
GetVersionExA
FreeLibrary
GetVersion
SetEvent
MulDiv
FormatMessageA
OutputDebugStringA
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GetCurrentProcessId
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
lstrcmpA
FileTimeToLocalFileTime
SetThreadPriority
GetCurrentThread
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
ReplaceFileA
SystemTimeToFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
GetFileAttributesExA
GetFileSizeEx
LocalFileTimeToFileTime
SetErrorMode
GetCurrentDirectoryA
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTickCount64
GetTempPathA
GetProfileIntA
SearchPathA
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
CloseHandle
SetLastError
OutputDebugStringW
RaiseException
RtlUnwind
CreateEventA

user32

IsWindow
GetMenuItemID
TrackPopupMenu
SetMenuDefaultItem
GetMenuStringA
InsertMenuA
RemoveMenu
UnhookWindowsHookEx
SetFocus
SetScrollPos
GetScrollPos
GetWindowTextA
GetWindowTextLengthA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
RegisterWindowMessageA
PeekMessageA
GetMessagePos
GetMessageTime
CallWindowProcA
RegisterClassA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgItem
GetCapture
GetMenu
SetMenu
SetActiveWindow
GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
ScrollWindow
SetScrollRange
GetScrollRange
SetPropA
GetPropA
RemovePropA
AdjustWindowRectEx
MapWindowPoints
EqualRect
SetWindowLongA
GetClassLongA
GetClassNameA
GetTopWindow
GetLastActivePopup
SetWindowsHookExA
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
MoveWindow
SetDlgItemTextA
CheckDlgButton
SendDlgItemMessageA
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
DrawTextExA
GrayStringA
TabbedTextOutA
FillRect
GetWindowThreadProcessId
LoadBitmapA
DrawIcon
SetWindowRgn
IsRectEmpty
GetKeyNameTextA
MapVirtualKeyA
GetMenuItemInfoA
IsZoomed
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
CreatePopupMenu
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
TrackMouseEvent
LoadImageW
LoadAcceleratorsW
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
UnionRect
SetParent
GetMenuDefaultItem
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
SetCursorPos
RegisterClipboardFormatA
LockWindowUpdate
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
SetRect
LoadIconA
EnableWindow
UnregisterClassA
SendMessageA
DispatchMessageA
TranslateMessage
DrawFocusRect
GetSysColor
WindowFromPoint
ClientToScreen
DrawIconEx
CheckMenuRadioItem
SetClassLongA
IntersectRect
ShowScrollBar
DrawTextA
GetMenuState
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
LoadIconW
FindWindowA
SetForegroundWindow
ShowWindow
AppendMenuA
CheckMenuItem
GetSystemMenu
MessageBeep
RedrawWindow
DrawEdge
SystemParametersInfoA
EnumDisplayMonitors
GetDesktopWindow
GetSystemMetrics
LoadCursorW
GetWindow
ScreenToClient
GetCursorPos
MessageBoxA
UpdateWindow
DeleteMenu
GetMenuItemCount
EnableMenuItem
LoadMenuW
GetFocus
CharNextA
GetDlgCtrlID
IsWindowVisible
SetWindowPos
wsprintfA
CopyIcon
LoadCursorA
PtInRect
SetRectEmpty
GetCursor
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetKeyState
GetClassInfoA
DefWindowProcA
DrawFrameControl
GetIconInfo
LoadImageA
DestroyIcon
DestroyCursor
GetParent
GetWindowLongA
OffsetRect
InflateRect
CopyRect
CharUpperA
FrameRect
SetCursor
GetWindowRect
GetClientRect
InvalidateRect
ReleaseDC
GetDC
DrawStateA
TrackPopupMenuEx
GetSubMenu
DestroyMenu
LoadMenuA
GetActiveWindow
GetNextDlgTabItem
GetWindowDC
PostMessageA
GetMessageA

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
MoveToEx
SetTextAlign
SetROP2
OffsetWindowOrgEx
GetLayout
SetLayout
SetMapMode
SelectPalette
ExtSelectClipRgn
ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
GetDeviceCaps
CreateDCA
CopyMetaFileA
RoundRect
CreatePen
ScaleWindowExtEx
SetPolyFillMode
TextOutA
SetBkMode
CreateSolidBrush
ExtTextOutA
CreateDIBSection
StretchDIBits
CreatePolygonRgn
StretchBlt
Rectangle
PtInRegion
PlgBlt
FillRgn
CreateFontIndirectA
GetObjectA
SetTextColor
SetPixel
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
LPtoDP
Ellipse
GetPixel
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt
SelectClipRgn
CreateEllipticRgn
SetBkColor
SelectObject
GetStockObject
GetTextExtentPoint32A
GetTextFaceA
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
OffsetRgn
CreateRoundRectRgn
Polyline
Polygon
SetDIBColorTable
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExA
GetRgnBox
GetTextColor
GetBkColor
GetCharWidthA
CreateFontA
GetTextMetricsA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegEnumKeyExA

shell32

SHGetDesktopFolder
ShellExecuteA
SHGetFileInfoA
ord71
ExtractIconA
Shell_NotifyIconA
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ImageList_AddMasked
_TrackMouseEvent

shlwapi

SHAutoComplete
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetWindowTheme
GetThemeSysColor
OpenThemeData

ole32

RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
RevokeDragDrop
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoUninitialize
CreateStreamOnHGlobal

oleaut32

SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString

oledlg

ord8

ws2_32

gethostbyname
socket
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAIoctl
WSARecv
WSACleanup
WSASocketA
WSAWaitForMultipleEvents
gethostname
ioctlsocket
select
send
recv
htons
setsockopt
listen
bind
accept
WSASend
connect
inet_ntoa
getpeername
closesocket
WSAStartup
WSACloseEvent
WSAGetLastError

pdh

PdhCloseQuery
PdhAddCounterA
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhOpenQueryA

avifil32

AVIStreamWrite
AVIStreamRelease
AVIFileCreateStreamA
AVIFileInit
AVIFileExit
AVIFileRelease
AVIFileOpenA
AVIStreamSetFormat

msvfw32

DrawDibDraw
DrawDibClose
DrawDibOpen
ICCompressorFree
ICSeqCompressFrameEnd
ICSeqCompressFrameStart
ICDecompress
ICSendMessage
ICClose
ICOpen

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10121d87c1279ec9552e2c46ca56354f

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

pdh

avifil32

msvfw32

gdiplus

oleacc

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 344KB - Virtual size: 343KB

.data Size: 22KB - Virtual size: 38KB

.rsrc Size: 98KB - Virtual size: 98KB

.reloc Size: 149KB - Virtual size: 148KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 344KB - Virtual size: 343KB

.data
Size: 22KB - Virtual size: 38KB

.rsrc
Size: 98KB - Virtual size: 98KB

.reloc
Size: 149KB - Virtual size: 148KB