bac6671ed58f270974306b33e5d39ec21ae4f911f4560919ba90eba1f03dd405

Sharing

Copy URL Twitter E-mail

General

Target

bac6671ed58f270974306b33e5d39ec21ae4f911f4560919ba90eba1f03dd405
Size

1.9MB
MD5

17c1d7da2659abe9c3b81574104c3f63
SHA1

e5f4bb72a2c5f0266f75953dfc3d5fd069b90b3e
SHA256

bac6671ed58f270974306b33e5d39ec21ae4f911f4560919ba90eba1f03dd405
SHA512

f7a8b2cc8433aac074d73961802e183296964e7eb514d74d824ffb0a5d38abd7718cbf682dce9b8830d45b564ed0548111dfcf6b0f72300e22b98f4f6829137a
SSDEEP

49152:0DvhFvcjndpCN4vUItNuaquLjMqhzXE25N4ee4DAe:0DZFcfCN4sIt4aqu3MqVXE25N4ee4DAe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bac6671ed58f270974306b33e5d39ec21ae4f911f4560919ba90eba1f03dd405

Files

bac6671ed58f270974306b33e5d39ec21ae4f911f4560919ba90eba1f03dd405
.exe windows:6 windows x86 arch:x86

3fd2e3d4590933ad96ee6a2e1ea17463

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA

kernel32

CloseHandle
DecodePointer
GetLastError
RaiseException
HeapAlloc
HeapReAlloc
HeapFree
SetLastError
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetModuleHandleW
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
LocalAlloc
LocalReAlloc
LocalFree
GetCurrentProcessId
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
GlobalSize
MulDiv
FormatMessageA
CopyFileA
MultiByteToWideChar
SetThreadPriority
ResumeThread
CompareStringA
lstrcmpA
HeapSize
FileTimeToSystemTime
EncodePointer
GetSystemDirectoryW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
FindClose
FindFirstFileA
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
GetVolumeInformationA
DuplicateHandle
lstrcmpiA
GlobalFlags
GetUserDefaultUILanguage
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetACP
GetCurrentDirectoryA
FindResourceExW
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetProfileIntA
SearchPathA
GetTempFileNameA
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
VirtualQuery
HeapQueryInformation
GetCommandLineA
GetCommandLineW
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
GetConsoleOutputCP
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
WriteConsoleW
GetProcessHeap
CancelIo
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualFree
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ExpandEnvironmentStringsA
CreateDirectoryA
GetFileAttributesA
ReadFile
GetCurrentProcess
TerminateThread
CreateProcessA
GetTickCount
GetWindowsDirectoryA
lstrcpyA
lstrcatA
lstrlenA
VirtualProtect
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadReadPtr
GetCurrentThreadId
GetDiskFreeSpaceExA
GetModuleFileNameW
GetModuleFileNameA
GetVersionExA
GetLocalTime
GetSystemInfo
GlobalMemoryStatusEx
ExitProcess
OpenEventA
GetDriveTypeA
GlobalGetAtomNameA

user32

DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
FillRect
DestroyMenu
GetMenuItemInfoA
InflateRect
SystemParametersInfoA
CopyImage
SetRectEmpty
OffsetRect
PostQuitMessage
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
IntersectRect
TrackMouseEvent
InvalidateRect
LoadImageW
ShowOwnedPopups
SetCursor
DeleteMenu
SetTimer
KillTimer
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
SetClassLongA
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendDlgItemMessageA
GetWindowRgn
DestroyCursor
RealChildWindowFromPoint
LoadIconW
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetWindowTextLengthA
GetWindowTextA
LoadCursorA
GetSysColorBrush
GetSysColor
GetDC
GetSystemMetrics
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
UnhookWindowsHookEx
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
DrawTextA
GetDesktopWindow
ClientToScreen
CharUpperA
DestroyIcon
IsDialogMessageA
SetWindowTextA
GetScrollInfo
CreateMenu
SetScrollInfo
GetInputState
PostThreadMessageA
GetMessageA
GetUserObjectInformationA
GetThreadDesktop
CloseDesktop
SetThreadDesktop
OpenInputDesktop
OpenDesktopA
ExitWindowsEx
wsprintfA
ReleaseDC

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
IsAccelerator

oleaut32

VariantInit
SysAllocString
VariantClear
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
LoadTypeLi
SysAllocStringByteLen
SysFreeString
VarBstrFromDate

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindFileNameA

uxtheme

GetThemePartSize
DrawThemeBackground
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
IsAppThemed
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsThemeBackgroundPartiallyTransparent

ws2_32

socket
setsockopt
send
gethostbyname
recv
htons
connect
WSAStartup
WSACleanup
WSAIoctl
getsockname
gethostname
select
closesocket

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipDrawImageRectI
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdipCreateBitmapFromScan0
GdipBitmapLockBits

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
GetClipBox
GetViewportOrgEx
GetWindowOrgEx
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
SetPixelV
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
DeleteDC
GetTextFaceA
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
BitBlt
DeleteObject
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Exports

Exports

login

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fd2e3d4590933ad96ee6a2e1ea17463

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

msimg32

shlwapi

uxtheme

ws2_32

gdiplus

oleacc

imm32

winmm

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 300KB - Virtual size: 300KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 130KB - Virtual size: 130KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 300KB - Virtual size: 300KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 130KB - Virtual size: 130KB