cf869c6fa1b02b30294c06dd5757831a0ef7036803fd85826f76b21860ed7341

Sharing

Copy URL Twitter E-mail

General

Target

cf869c6fa1b02b30294c06dd5757831a0ef7036803fd85826f76b21860ed7341
Size

3.8MB
MD5

edff087aed0c5653a9d752530d25da3f
SHA1

9eee48dae9b30976acbcc9bb39f4bea423a5239e
SHA256

cf869c6fa1b02b30294c06dd5757831a0ef7036803fd85826f76b21860ed7341
SHA512

32eba64a2f54b746bb08ca0eed6da2bc1cb0c0ee19f8dcb74ddc4d5086fea99f04467978c28c437a1398ed4b0a041839a2fdf386c8085b3828a79da00315e006
SSDEEP

98304:M+azDNI9xilHiEIU2D6fJeVAAGnG69L+:M+4bIeyAA8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf869c6fa1b02b30294c06dd5757831a0ef7036803fd85826f76b21860ed7341

Files

cf869c6fa1b02b30294c06dd5757831a0ef7036803fd85826f76b21860ed7341
.exe windows:5 windows x64 arch:x64

f9cc7a20329519d8caefd67824348e45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetStartupInfoW
CreateFileW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
QueryPerformanceCounter
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
GetSystemInfo
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
InitializeSListHead
IsDebuggerPresent
GetSystemTimeAsFileTime
LocalAlloc
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
GetACP
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
LeaveCriticalSection
EnterCriticalSection
CopyFileA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
ResumeThread
SetThreadPriority
WaitForSingleObject
SetEvent
CloseHandle
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GlobalUnlock
GetModuleHandleExW
GetModuleFileNameW
OutputDebugStringA
GetTickCount
FindResourceA
GlobalFree
FreeResource
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
GetVersionExA
GetCurrentThreadId
GetCurrentThread
DeleteCriticalSection
DecodePointer
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
WinExec
lstrlenA
lstrcatA
lstrcpyA
GetThreadLocale
HeapAlloc
GetNativeSystemInfo
GetProcessHeap
HeapFree
VirtualProtect
VirtualFree
FreeLibrary
GetProcAddress
SetLastError
LoadLibraryA
VirtualAlloc
FormatMessageA

user32

DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
CopyIcon
SetCursorPos
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetWindowRgn
SetClassLongPtrA
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
GetMenuDefaultItem
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
LoadImageW
TrackMouseEvent
CharUpperA
DestroyIcon
GetSysColorBrush
PostThreadMessageA
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoA
CopyImage
WaitMessage
LockWindowUpdate
MapVirtualKeyA
GetKeyNameTextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
LoadIconW
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
GetMessagePos
RegisterWindowMessageA
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
IsDialogMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SetFocus
GetDlgCtrlID
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
WindowFromPoint
DrawIcon
EnableWindow
DestroyCursor
LoadImageA
RedrawWindow
InvalidateRect
GetActiveWindow
GetParent
GetCapture
SetCapture
PtInRect
ReleaseCapture
CopyRect
FrameRect
InflateRect
FillRect
GetSysColor
OffsetRect
DrawTextA
DrawStateA
DrawFocusRect
GetWindowLongA
SetCursor
TabbedTextOutA
DrawTextExA
GrayStringA
SetWindowLongA
LoadCursorA
GetWindowRect
GetDC
ReleaseDC
MessageBeep
LoadCursorW
UnregisterClassA
PostMessageA
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
RegisterClipboardFormatA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
IsWindowEnabled
SetActiveWindow
GetDesktopWindow
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
MessageBoxA
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
UnhookWindowsHookEx
SendDlgItemMessageA
SetRectEmpty
ShowWindow
MoveWindow
CheckDlgButton

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
GetBkColor
GetTextColor
GetRgnBox
GetTextMetricsA
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
MoveToEx
LPtoDP
EnumFontFamiliesExA
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetROP2
SetPolyFillMode
SetTextAlign
SetTextColor
CreateRoundRectRgn
TextOutA
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
DeleteDC
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectA
GetObjectA
Escape
ExtTextOutA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
SelectObject
PtVisible
RectVisible

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegEnumValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

GetCurrentThemeName
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetThemeSysColor

ole32

CreateStreamOnHGlobal
CoInitializeEx
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoDisconnectObject
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CLSIDFromProgID
CLSIDFromString
OleRun
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid

oleaut32

VariantInit
VariantCopy
SysAllocString
VariantChangeType
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
SafeArrayDestroy
LoadTypeLi
VariantClear
VarBstrFromDate
SysAllocStringByteLen
SysFreeString
GetErrorInfo

oledlg

ord8

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 650KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 987KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9cc7a20329519d8caefd67824348e45

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 650KB - Virtual size: 650KB

.data Size: 987KB - Virtual size: 1.0MB

.pdata Size: 90KB - Virtual size: 90KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 78KB - Virtual size: 78KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 650KB - Virtual size: 650KB

.data
Size: 987KB - Virtual size: 1.0MB

.pdata
Size: 90KB - Virtual size: 90KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 78KB - Virtual size: 78KB