895a036c71b64e3d915b8c5e2f2b3eb8a33b85275fce2513e8d4687cbfd3ed93

Sharing

Copy URL Twitter E-mail

General

Target

895a036c71b64e3d915b8c5e2f2b3eb8a33b85275fce2513e8d4687cbfd3ed93
Size

1.9MB
MD5

3ebe869423b9c1a0907543a2c6c5e833
SHA1

9cc723e6d54b5aefdee34f1c3b7ae81ff1b666ea
SHA256

895a036c71b64e3d915b8c5e2f2b3eb8a33b85275fce2513e8d4687cbfd3ed93
SHA512

a822ae64386c62299e53b7e027c374b449f28c15e2ffbb7d25121afbb54d7d2650d3f1b43c2632634f35e8ea33a7265485362e99d38f80bc5984c22d14d1e8f5
SSDEEP

49152:zpKvb5OcJnssEL52iVVi7GvK5+LW+sZQbAN3zD0GKPplwPuOkeuSwiPSCmDS+5uX:z45OcDEL52iVVi7GC5+LW+TbANcGKPpK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
895a036c71b64e3d915b8c5e2f2b3eb8a33b85275fce2513e8d4687cbfd3ed93

Files

895a036c71b64e3d915b8c5e2f2b3eb8a33b85275fce2513e8d4687cbfd3ed93
.exe windows:5 windows x86 arch:x86

15d133bccaf33b4ee0b44de4e8b50db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetConsoleCP
GetTimeZoneInformation
CompareStringW
LCMapStringW
GetStringTypeW
IsValidCodePage
GetLocaleInfoW
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
SizeofResource
HeapQueryInformation
GetSystemTimeAsFileTime
CreateThread
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
HeapFree
HeapAlloc
WriteConsoleW
HeapSetInformation
GetCommandLineA
RaiseException
DecodePointer
EncodePointer
RtlUnwind
FindResourceExW
GetUserDefaultLCID
GetNumberFormatA
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
SetErrorMode
SearchPathA
GetProfileIntA
GetTickCount
GetTempPathA
GetTempFileNameA
Sleep
GetOEMCP
GetCPInfo
GetACP
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
IsValidLocale
EnumSystemLocalesA
GetStartupInfoW
GetConsoleMode
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpiA
GetFileAttributesA
InitializeCriticalSectionAndSpinCount
DeleteFileA
GlobalFlags
FileTimeToSystemTime
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
lstrcpyA
GetCurrentDirectoryA
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
LoadLibraryW
FindResourceA
FreeResource
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
ActivateActCtx
LoadLibraryA
DeactivateActCtx
InterlockedExchange
lstrcmpA
GetModuleHandleW
GetProcAddress
FreeLibrary
GetLastError
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
CreateFileA
GetFileSize
CloseHandle
VirtualAlloc
ReadFile
VirtualFree
VirtualProtect
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SetEnvironmentVariableA

user32

CharUpperBuffA
UnregisterClassA
GetNextDlgGroupItem
InvalidateRgn
CharNextA
FrameRect
GetDoubleClickTime
CopyIcon
GetIconInfo
SetCursorPos
SetRect
GetMenuDefaultItem
SetMenuDefaultItem
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
RegisterClipboardFormatA
EnumChildWindows
LockWindowUpdate
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
DestroyIcon
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
SetClassLongA
SetParent
CreatePopupMenu
CreateAcceleratorTableA
LoadAcceleratorsW
DestroyAcceleratorTable
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
PostThreadMessageA
WaitMessage
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
CharUpperA
NotifyWinEvent
LoadCursorW
WindowFromPoint
DeleteMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsMenu
ReleaseCapture
MonitorFromPoint
UpdateLayeredWindow
LoadCursorA
EnableScrollBar
SetCapture
KillTimer
SetTimer
InvalidateRect
ClientToScreen
UnionRect
IntersectRect
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
IsCharLowerA
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
DestroyMenu
GetMenuItemInfoA
CopyRect
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetRectEmpty
RegisterWindowMessageA
DrawIconEx
GetSysColorBrush
MapWindowPoints
GetWindowRect
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
FillRect
GetSysColor
InflateRect
IsRectEmpty
DrawStateA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetKeyNameTextA
MapVirtualKeyExA
IsClipboardFormatAvailable
GetWindowRgn
DestroyCursor
CreateMenu
HideCaret
InvertRect
SubtractRect
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
BeginDeferWindowPos
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
SystemParametersInfoA
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
EnableWindow
GetCursorPos
GetSystemMetrics
LoadIconW
SetForegroundWindow
GetClientRect
IsIconic
GetSystemMenu
PostMessageA
SendMessageA
LoadMenuW
GetSubMenu
AppendMenuA
DrawIcon
MessageBoxA
GetAsyncKeyState

gdi32

ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreateRoundRectRgn
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
OffsetRgn
GetRgnBox
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
SetRectRgn
GetMapMode
DPtoLP
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
EnumFontFamiliesExA
SetPixelV
GetTextFaceA
SetTextAlign
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
GetLayout
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
DeleteObject
GetDeviceCaps
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDIBSection
CreateCompatibleBitmap
SetBkColor
SetTextColor
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
RoundRect
CreatePen
GetTextExtentPoint32A
ExtTextOutA
PatBlt
Polygon
Ellipse
Polyline
GetTextColor
GetBkColor
CombineRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateSolidBrush
CreateBitmap
CreateDCA
CopyMetaFileA
SetLayout

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA
Shell_NotifyIconA
SHAppBarMessage
DragQueryFileA
DragFinish
SHBrowseForFolderA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoInitializeEx
OleGetClipboard
OleLockRunning
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
IsAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemFree
OleTranslateAccelerator
CoGetClassObject
OleDestroyMenuDescriptor

oleaut32

SysFreeString
OleCreateFontIndirect
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen

oledlg

ord8

urlmon

URLDownloadToFileA

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageRectI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 379KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15d133bccaf33b4ee0b44de4e8b50db5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 284KB - Virtual size: 284KB

.data Size: 26KB - Virtual size: 55KB

.rsrc Size: 379KB - Virtual size: 380KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 284KB - Virtual size: 284KB

.data
Size: 26KB - Virtual size: 55KB

.rsrc
Size: 379KB - Virtual size: 380KB