8c29b84f9e11b88316c319529da2b9be4138ba44bfff3ecd02cdf2d6a6849b7f

Sharing

Copy URL Twitter E-mail

General

Target

8c29b84f9e11b88316c319529da2b9be4138ba44bfff3ecd02cdf2d6a6849b7f
Size

3.5MB
MD5

63617d40560e4a3867513425f09db717
SHA1

d54b7f51876c074ee76da688a151775afc6a3c71
SHA256

8c29b84f9e11b88316c319529da2b9be4138ba44bfff3ecd02cdf2d6a6849b7f
SHA512

74f13b447842bf3bf17bdbbc7979d7df76953cb6edf7e28566b797b421ebc4a80d1524f452569b1ea3dad8cdb6a277ec716180b7308d040f91091a3395e56b62
SSDEEP

49152:1v6BX8ICBEvUcLL2aex4NyL55B05JNWhCGmbmqZsY3XUOTl0:1Cp8IWkUv3L50N8Antl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c29b84f9e11b88316c319529da2b9be4138ba44bfff3ecd02cdf2d6a6849b7f

Files

8c29b84f9e11b88316c319529da2b9be4138ba44bfff3ecd02cdf2d6a6849b7f
.exe windows:5 windows x86 arch:x86

0f038bb0c573a955479cb381934183da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapQueryInformation
HeapFree
HeapCreate
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
LCMapStringW
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetTimeZoneInformation
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetHandleCount
IsValidCodePage
SetStdHandle
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
GetSystemTimeAsFileTime
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapValidate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
InitializeCriticalSectionAndSpinCount
FindResourceExW
SearchPathA
GetFileAttributesExA
GetFileSizeEx
GetUserDefaultLCID
GetFileTime
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetProfileIntA
VirtualProtect
lstrcmpiA
GetFullPathNameA
HeapSize
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetHandleInformation
lstrcpyA
GetACP
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
InterlockedIncrement
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
FileTimeToSystemTime
GetAtomNameA
GetTickCount
SetEvent
WaitForSingleObject
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedExchange
GetModuleHandleW
lstrcmpA
GetLocaleInfoA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
ResumeThread
SetThreadPriority
CompareStringA
LoadLibraryW
ActivateActCtx
DeactivateActCtx
GetModuleHandleA
GetVersionExA
FindResourceA
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
MulDiv
GlobalFree
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
GetLastError
SetLastError
MultiByteToWideChar
lstrlenA
HeapReAlloc
HeapAlloc
GetVolumeInformationA
IsProcessorFeaturePresent
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetFileAttributesA
WriteFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
ReadFile
Sleep
GetCurrentThread
Process32First
GetFileSize
CreateFileA
GetThreadContext
ExitProcess
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
IsBadReadPtr
FindResourceW

user32

CloseClipboard
EmptyClipboard
PtInRect
OffsetRect
CopyIcon
IsRectEmpty
CharUpperBuffA
WaitMessage
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
LoadAcceleratorsW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
RealChildWindowFromPoint
GetClipboardFormatNameA
LoadImageA
DestroyIcon
UnpackDDElParam
ReuseDDElParam
DestroyMenu
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GetSystemMetrics
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
LoadMenuW
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
GetSysColorBrush
RegisterClipboardFormatA
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
TabbedTextOutA
GetCursorPos
IsWindowEnabled
GetWindowThreadProcessId
SetCursor
PostQuitMessage
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
LoadCursorW
LoadCursorA
PostThreadMessageA
MapDialogRect
EnableWindow
NotifyWinEvent
GetForegroundWindow
SetForegroundWindow
HideCaret
OpenClipboard
SetClipboardData
SetParent
GetLastActivePopup
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
GetDesktopWindow
SetCapture
GetActiveWindow
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRect
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
PostMessageA
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconW
LoadIconA
SendDlgItemMessageA
MonitorFromWindow
GetMonitorInfoA
GetClientRect
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetWindowRect
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetParent
GetWindow
GetCapture
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DestroyWindow
SendMessageA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetDC
wsprintfA
LoadImageW
SetClassLongA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
IsWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
SetCursorPos
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
DrawIconEx
CopyImage
GetIconInfo
UnregisterClassA
MapVirtualKeyA
GetKeyNameTextA
CopyAcceleratorTableA
UpdateLayeredWindow
MonitorFromPoint
MessageBeep
GetAsyncKeyState
WindowFromPoint
CharUpperA

gdi32

SetTextColor
EnumFontsW
DeleteObject
SetBkColor
GetObjectA
CreateBitmap
GetStockObject
GetDeviceCaps
CreateDCA
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
ExtTextOutA
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateFontIndirectA
CreateFontA
CreateCompatibleBitmap
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
SetRectRgn
GetTextColor
CombineRgn
OffsetRgn
GetRgnBox
PtVisible
RectVisible
Polyline
Ellipse
Polygon
Rectangle
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextMetricsA
GetViewportOrgEx
GetCharWidthA
Escape
GetBoundsRect
SetPixelV
DeleteDC
StretchDIBits
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetLayout
SetLayout
ExtSelectClipRgn
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBitmap
CreateDIBSection
GetSystemPaletteEntries
SetDIBColorTable
PtInRegion
EnumFontFamiliesExA
GetBkColor
RealizePalette
SelectObject
CreateCompatibleDC
GetTextFaceA
CopyMetaFileA

shell32

SHGetFileInfoA
SHBrowseForFolderA
SHAppBarMessage
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA
DragQueryFileA
DragFinish

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDisposeImage
GdipFree
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM

winmm

PlaySoundA

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegEnumKeyExA
RegEnumValueA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetThreadToken
RevertToSelf
OpenThreadToken

ole32

DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
OleDuplicateData

oleaut32

VariantInit
SysAllocStringLen
VariantChangeType
SysStringLen
VarBstrFromDate
SysAllocString
VariantClear
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 654KB - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f038bb0c573a955479cb381934183da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

gdiplus

winmm

oleacc

imm32

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 387KB - Virtual size: 386KB

.data Size: 654KB - Virtual size: 685KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 231KB - Virtual size: 230KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 387KB - Virtual size: 386KB

.data
Size: 654KB - Virtual size: 685KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 231KB - Virtual size: 230KB