b7f5f4c7283066d03978f5764d87c780d2c21e67ed602ec8f8787ca5ac8385da

Sharing

Copy URL Twitter E-mail

General

Target

b7f5f4c7283066d03978f5764d87c780d2c21e67ed602ec8f8787ca5ac8385da
Size

7.4MB
MD5

6f58312d4d59d53cda8ea3923e876744
SHA1

e39e9ab6284cd524a9b80f2e689cb5a7908d7443
SHA256

b7f5f4c7283066d03978f5764d87c780d2c21e67ed602ec8f8787ca5ac8385da
SHA512

ecc2b04f2f8a28de7a2c6328cae901fc9d70fb1560315a8ef0273e01d20a14cff456a6e048bd7518b4cd082023103674c1e67323eb987fe310ae61656aec4fd1
SSDEEP

196608:fxTt+r6dxqbLVDiycQQFNwFLOyomFHKnP:fVtDd8buFNwF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7f5f4c7283066d03978f5764d87c780d2c21e67ed602ec8f8787ca5ac8385da

Files

b7f5f4c7283066d03978f5764d87c780d2c21e67ed602ec8f8787ca5ac8385da
.exe windows:5 windows x86 arch:x86

b45a2aec4081d308e1ec7744ff0ba698

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACloseEvent
WSAResetEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAEventSelect
WSACreateEvent
connect
htons
WSARecv
WSASend
shutdown
WSAAddressToStringW
WSAStringToAddressW
WSAGetOverlappedResult
gethostbyname
getservbyname
inet_ntoa
inet_addr
gethostname
sendto
recvfrom
freeaddrinfo
getaddrinfo
ioctlsocket
listen
recv
htonl
accept
WSACleanup
WSAStartup
WSAIoctl
WSASetLastError
setsockopt
ntohs
getsockopt
getsockname
getpeername
bind
WSAGetLastError
closesocket
socket
send
select
__WSAFDIsSet

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GlobalGetAtomNameW
GlobalFlags
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetVolumeInformationW
DuplicateHandle
lstrcmpiW
lstrcmpW
GetTempFileNameW
FindResourceExW
SearchPathW
GetProfileIntW
SetErrorMode
FileTimeToLocalFileTime
GetFileSizeEx
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetPrivateProfileIntW
GetStringTypeW
GetCPInfo
GetCurrentThread
GlobalDeleteAtom
LoadLibraryExW
EncodePointer
CopyFileW
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
GetSystemTime
GetSystemTimeAsFileTime
LockFileEx
CreateFileMappingA
UnlockFile
HeapCompact
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
LockFile
GetDiskFreeSpaceW
GetFullPathNameW
TryEnterCriticalSection
AreFileApisANSI
ReleaseSemaphore
CreateSemaphoreW
MapViewOfFileEx
CreateIoCompletionPort
SwitchToThread
lstrcmpA
LCMapStringW
GetVersionExW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
HeapCreate
GetCurrentThreadId
GetThreadLocale
SetThreadPriority
GlobalFindAtomW
SetConsoleMode
GlobalAddAtomW
RtlUnwind
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
VirtualQuery
GetDriveTypeW
SetFilePointerEx
GetCommandLineA
GetCommandLineW
HeapQueryInformation
SetStdHandle
ExitProcess
GetACP
GetConsoleMode
IsBadReadPtr
LoadLibraryA
CreateThread
WritePrivateProfileStringW
GetPrivateProfileStringW
GetComputerNameExW
QueryDosDeviceW
GetWindowsDirectoryW
GetLogicalDriveStringsW
GetNativeSystemInfo
GetSystemInfo
VirtualFree
VirtualAlloc
FindNextFileW
FindFirstFileW
GetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
GetFileTime
FindClose
GetFileSize
GlobalFree
GlobalAlloc
CreateFileMappingW
MapViewOfFile
VirtualProtect
FreeResource
SystemTimeToTzSpecificLocalTime
FormatMessageW
LocalFree
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
ReadConsoleW
GetConsoleCP
IsValidLocale
GetModuleHandleA
GetModuleFileNameW
ResumeThread
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
FormatMessageA
SetLastError
PeekNamedPipe
ReadFile
GetStdHandle
GetFileType
WaitForMultipleObjects
GetEnvironmentVariableA
MoveFileExA
QueryPerformanceCounter
GetTickCount
VerifyVersionInfoW
QueryPerformanceFrequency
GetSystemDirectoryW
GetModuleHandleW
GetProcAddress
FreeLibrary
VerSetConditionMask
SleepEx
GetCurrentDirectoryW
InterlockedExchange
SetCurrentDirectoryW
FindResourceW
lstrcpyW
SizeofResource
LoadResource
LockResource
OpenEventW
OpenMutexW
CreateMutexW
LoadLibraryW
CreateEventW
ResetEvent
SetEvent
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
WideCharToMultiByte
DeleteFileW
CreateFileW
OutputDebugStringA
GetLocalTime
SetFilePointer
FlushFileBuffers
WriteFile
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
UnmapViewOfFile
FileTimeToSystemTime
SystemTimeToFileTime
CloseHandle
WaitForSingleObject
OpenProcess
EnumSystemLocalesW
GetTimeZoneInformation
SetConsoleCtrlHandler
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
FlushConsoleInputBuffer
GlobalMemoryStatus
ReadConsoleInputA

user32

GetDoubleClickTime
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongW
LockWindowUpdate
BringWindowToTop
SetParent
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
WaitMessage
DestroyIcon
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
GetSystemMenu
ReleaseCapture
SetCapture
CharUpperW
IsZoomed
TrackMouseEvent
GetAsyncKeyState
CopyImage
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
IntersectRect
SendDlgItemMessageA
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
DrawFocusRect
SetWindowRgn
DrawFrameControl
DrawEdge
EnumDisplayMonitors
LoadCursorW
SetRectEmpty
GetSysColorBrush
SetLayeredWindowAttributes
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetMessageW
MapVirtualKeyW
GetIconInfo
DrawStateW
GetCursorPos
LoadMenuW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
DestroyCursor
GetWindowRgn
CheckDlgButton
SetDlgItemTextW
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
CopyIcon
ModifyMenuW
GetUpdateRect
RegisterClipboardFormatW
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
IsClipboardFormatAvailable
SubtractRect
CreateMenu
GetComboBoxInfo
HideCaret
InvalidateRect
InvertRect
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
MsgWaitForMultipleObjectsEx
DispatchMessageW
TranslateMessage
PeekMessageW
wsprintfW
GetWindowThreadProcessId
SystemParametersInfoW
ClipCursor
ReleaseDC
GetDC
KillTimer
SetTimer
ShowWindow
LoadIconW
LoadBitmapW
FindWindowExW
FindWindowW
GetWindowRect
GetClientRect
SetForegroundWindow
DrawIcon
GetSystemMetrics
IsIconic
PostMessageW
SendMessageW
RegisterWindowMessageA
EnableWindow
UnregisterClassW
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
GetKeyNameTextW

gdi32

SetRectRgn
DPtoLP
CreateRoundRectRgn
GetRgnBox
RealizePalette
SetPixel
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetMapMode
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPolyFillMode
SetPixelV
GetTextFaceW
GetLayout
SetLayout
SetMapMode
Polyline
Polygon
CreatePolygonRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
CombineRgn
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
CreateRectRgn
CreateSolidBrush
Escape
SetTextAlign
SetTextColor
SetBkMode
SetBkColor
ExcludeClipRect
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
DeleteDC
CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
SetStretchBltMode
CreateDIBSection
GetDIBColorTable
SetDIBColorTable
GetObjectW
CopyMetaFileW
CreateDCW
GetDeviceCaps
BitBlt
CreateBitmap
CreateHatchBrush
CreatePen
CreatePatternBrush
SetROP2

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteValueW
SetSecurityDescriptorDacl
ChangeServiceConfig2W
CloseServiceHandle
OpenSCManagerW
OpenServiceW
ControlService
CreateServiceW
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
DeleteService
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
InitializeSecurityDescriptor
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
StartServiceW

shell32

SHGetFileInfoW
Shell_NotifyIconW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHAppBarMessage
ShellExecuteW
SHGetDesktopFolder

comctl32

InitCommonControlsEx
ImageList_AddMasked

shlwapi

StrChrW
StrPBrkW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeText
GetThemeSysColor
GetWindowTheme
GetThemePartSize

ole32

ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleDuplicateData
CreateStreamOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoInitializeEx
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal

oleaut32

SysFreeString
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysStringLen
SysAllocString
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImagePalette
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipGetImageHeight
GdiplusShutdown

wldap32

ord301
ord147
ord133
ord79
ord142
ord145
ord219
ord46
ord14
ord216
ord208
ord41
ord117
ord26
ord27
ord167
ord127

iphlpapi

GetAdaptersInfo

psapi

GetModuleFileNameExW
GetProcessImageFileNameW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

PlaySoundW
timeGetTime

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

crypt32

CertFindCertificateInStore
CertCloseStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertDuplicateCertificateContext
CertEnumCertificatesInStore

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 811KB - Virtual size: 810KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b45a2aec4081d308e1ec7744ff0ba698

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wldap32

iphlpapi

psapi

version

winmm

oleacc

imm32

crypt32

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 811KB - Virtual size: 810KB

.data Size: 74KB - Virtual size: 112KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 214KB - Virtual size: 213KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 811KB - Virtual size: 810KB

.data
Size: 74KB - Virtual size: 112KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 214KB - Virtual size: 213KB