3578c6c33dcbb0479780189b66d335c0e498e26dd828beee909a80f9f80d25a3

Sharing

Copy URL Twitter E-mail

General

Target

3578c6c33dcbb0479780189b66d335c0e498e26dd828beee909a80f9f80d25a3
Size

492KB
MD5

b831300f4bb085859686090883f3f3c0
SHA1

2be0a805e52f6cd4ef903d8718c8ddf84c6f4a3e
SHA256

3578c6c33dcbb0479780189b66d335c0e498e26dd828beee909a80f9f80d25a3
SHA512

fee7fca4c938429c753d6a97e56c172ff4d89594af7b0188d1eba8c1d24474d5ebab7b7a5962af38065df013ebbf48c9ee6a33b0f358fb24a8b656e5278b35a4
SSDEEP

12288:wnk62i9iFJqU8U7tqnciGVy5SR3deqCabv+5:PPqeEnca5SR3do5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3578c6c33dcbb0479780189b66d335c0e498e26dd828beee909a80f9f80d25a3

Files

3578c6c33dcbb0479780189b66d335c0e498e26dd828beee909a80f9f80d25a3
.exe windows:4 windows x86 arch:x86

1c1ab4fb079ab8a14b30557843f7e8eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitThread
CreateThread
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
UnhandledExceptionFilter
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetErrorMode
GetFileTime
GetFileAttributesW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TerminateProcess
GetStartupInfoW
GetTickCount
GetThreadLocale
InterlockedIncrement
GetPrivateProfileIntW
InterlockedDecrement
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
GetCurrentProcessId
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenA
InterlockedCompareExchange
IsProcessorFeaturePresent
lstrcmpA
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
GetLastError
CreateMutexW
GetSystemDirectoryW
GetTempPathW
FlushInstructionCache
FreeResource
LoadLibraryW
GetModuleFileNameW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileStringW
LocalFree
lstrlenW
GetCurrentProcess
SetProcessWorkingSetSize
GetSystemInfo
CloseHandle
GetModuleHandleW
GetProcAddress
Sleep
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
GetProcessHeap
HeapFree
ResumeThread
FindResourceW
LoadResource
LockResource
SizeofResource
GetCPInfo
WaitForSingleObject

user32

SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
UnregisterClassW
LoadCursorW
GetSysColorBrush
SetCursor
SetWindowContextHelpId
MapDialogRect
DestroyMenu
CharUpperW
CharNextW
GetMessageW
ValidateRect
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
GetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuState
PostThreadMessageW
GetMenuItemID
GetMenuItemCount
GetCapture
DispatchMessageW
TranslateMessage
PeekMessageW
DefWindowProcW
DestroyIcon
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
GetClassLongW
ReleaseCapture
KillTimer
IsWindow
GetSystemMetrics
LoadMenuW
SetMenuDefaultItem
RegisterWindowMessageW
GetDesktopWindow
LoadImageW
GetSubMenu
GetMenuDefaultItem
TrackPopupMenu
GetCursorPos
GetFocus
DrawFrameControl
DrawTextW
OffsetRect
PostQuitMessage
RegisterWindowMessageA
SetForegroundWindow
SetTimer
LoadIconW
SendMessageW
ReleaseDC
CopyRect
GetDC
PostMessageW
SetRect
GetClientRect
GetWindowLongW
PtInRect
SetWindowRgn
ClientToScreen
GetWindowRect
GetParent
SetWindowLongW
InvalidateRect
GetWindow
CallWindowProcW
EnableWindow
SetFocus
UnregisterClassA

gdi32

ExtSelectClipRgn
CreateRectRgnIndirect
GetBkColor
GetMapMode
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetStockObject
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
GetClipBox
GetDeviceCaps
CreateBitmap
GetTextColor
SetTextColor
SetBkMode
CreateSolidBrush
DeleteDC
CreateCompatibleDC
StretchBlt
CreateRoundRectRgn
GetViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW
Shell_NotifyIconW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
UrlUnescapeW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
VariantClear
VariantCopy
SysFreeString
SysAllocString
OleLoadPicture
SysAllocStringLen
VariantChangeType
SysStringLen
OleCreateFontIndirect

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable
HttpQueryInfoW
InternetCloseHandle
InternetGetLastResponseInfoW
InternetOpenW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

rasapi32

RasEnumConnectionsW
RasHangUpW
RasGetProjectionInfoW
RasSetEntryPropertiesW
RasDialW
RasGetErrorStringW
RasGetConnectionStatistics

iphlpapi

CreateIpForwardEntry
GetAdaptersInfo
GetIpForwardTable
DeleteIpForwardEntry

crypt32

CryptUnprotectData
CryptProtectData

ws2_32

inet_addr

Sections

.text
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c1ab4fb079ab8a14b30557843f7e8eb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

version

rasapi32

iphlpapi

crypt32

ws2_32

Sections

.text Size: 268KB - Virtual size: 266KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 128KB - Virtual size: 256KB

.text
Size: 268KB - Virtual size: 266KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 128KB - Virtual size: 256KB