918f905e1c89fde4c67f05de6c60c243bbe87f6a424c1c4fdf9bc47f85b1fe84

Sharing

Copy URL Twitter E-mail

General

Target

918f905e1c89fde4c67f05de6c60c243bbe87f6a424c1c4fdf9bc47f85b1fe84
Size

10.0MB
MD5

7d93e567abd0aecab6a3fcb8099d6f02
SHA1

1f272deabe35a6f662e88efa0c28eeeeb0ac2bf4
SHA256

918f905e1c89fde4c67f05de6c60c243bbe87f6a424c1c4fdf9bc47f85b1fe84
SHA512

4b4a6a9f853b1f00647c2882fa9cf09a1ca519e410cd9ada4f18ac0b827b579855b8a8d165be6ca0c374487de38d125a21078187212c7efef12846736cd4bf62
SSDEEP

196608:HDzB7KpM7sjX3V0fnSU2ItxzXM2sU2FgKRKx4fEspd4Q3NdjDCkbB3vo+CrnY8ur:HfB7NsjX3qXMHZF4+f9pqQ3NdjDCC1QY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
918f905e1c89fde4c67f05de6c60c243bbe87f6a424c1c4fdf9bc47f85b1fe84

Files

918f905e1c89fde4c67f05de6c60c243bbe87f6a424c1c4fdf9bc47f85b1fe84
.exe windows:5 windows x86 arch:x86

76aca532905343cc13d6a717c5ae41b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
WideCharToMultiByte
CloseHandle
Process32FirstW
GlobalAlloc
Process32NextW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
GetCurrentThread
QueryPerformanceCounter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
FormatMessageW
FreeLibrary
LoadLibraryW
VirtualAlloc
VirtualFree
VirtualProtect
HeapAlloc
HeapFree
GetProcessHeap
LoadLibraryA
IsBadReadPtr
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
GetFileInformationByHandle
GetStdHandle
GetCurrentProcessId
GetCurrentDirectoryW
CreateToolhelp32Snapshot
SetFileAttributesW
FindClose
GetModuleHandleA
FindFirstFileW
FindNextFileW
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
GlobalLock
GlobalUnlock
lstrlenW
GetACP
ExitProcess
MulDiv
SystemTimeToFileTime
LocalFileTimeToFileTime
LocalFree
DecodePointer
RaiseException
GetLocalTime
lstrcpynW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
EncodePointer
GetThreadTimes
FreeLibraryAndExitThread
LoadLibraryExW
GetVersionExW
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
GetModuleHandleExW
GetFileType
GetStringTypeW
LCMapStringW
HeapReAlloc
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
HeapSize
WriteConsoleW
GetCurrentThreadId
GetFileAttributesW
CreateFileW
WriteFile
MultiByteToWideChar
GetModuleHandleW
DeleteFileW
lstrcatW
OutputDebugStringW
GetTempPathW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
GetLastError
FreeResource
CreateMutexW
GetCommandLineW
SizeofResource
CreateDirectoryW
OutputDebugStringA

user32

RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
SetPropW
GetPropW
LoadCursorW
SetCursor
InflateRect
SetWindowRgn
MessageBoxW
UpdateLayeredWindow
MoveWindow
GetWindowRgn
CharPrevW
DrawTextW
FillRect
SetRect
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
HideCaret
ShowCaret
GetCaretPos
ClientToScreen
IsWindowEnabled
EqualRect
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
wsprintfA
DrawTextA
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
GetKeyboardLayout
CallWindowProcW
MapVirtualKeyExW
GetWindow
MapWindowPoints
ScreenToClient
SetCaretPos
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetWindowRect
GetClientRect
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
KillTimer
ReleaseCapture
SetCapture
GetKeyState
GetFocus
GetActiveWindow
SetFocus
CharNextW
IsZoomed
IsIconic
DestroyWindow
IsWindow
CreateWindowExW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
CharUpperW
SetForegroundWindow
FindWindowW
ShowWindow
PostMessageW
SetTimer
SetWindowLongW
GetWindowLongW
wsprintfW
PostQuitMessage
DefWindowProcW
GetMonitorInfoW
MonitorFromWindow
GetKeyNameTextW
LoadImageW
IsWindowVisible
GetForegroundWindow
AttachThreadInput
GetParent
SetWindowPos
GetWindowThreadProcessId
PtInRect
IsRectEmpty
OffsetRect
UnionRect
GetSysColor
IntersectRect

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW
DragQueryFileW
SHGetPathFromIDListW

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
DoDragDrop
RegisterDragDrop
OleLockRunning
CoInitialize
CoUninitialize
CoCreateInstance

urlmon

URLDownloadToFileW

iphlpapi

GetAdaptersInfo

shlwapi

PathFileExistsW
PathIsRootW
PathRemoveBackslashW
PathRemoveFileSpecW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

gethostbyname
gethostname
WSAStartup

gdi32

CreateDIBSection
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
PtInRegion
SetTextColor
GetObjectA
TextOutW
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
GdiFlush
CreatePatternBrush
GetTextExtentPointA
GetBitmapBits
SetBitmapBits
SetStretchBltMode
RestoreDC
CreateRectRgn
SetWindowOrgEx
CreateRoundRectRgn
GetObjectW
GetTextMetricsW
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SelectObject
StretchBlt
BitBlt
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
AddFontMemResourceEx
RemoveFontMemResourceEx
Rectangle

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantInit
VariantClear

gdiplus

GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipFillPath
GdipCreateSolidFill
GdipCreateLineBrushFromRect
GdipSetLinePresetBlend
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipDrawLineI
GdipDrawPath
GdipFillRectangleI
GdipDrawImageRectRectI
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawRectangleI

comctl32

ord17
InitCommonControlsEx
_TrackMouseEvent

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 602KB - Virtual size: 601KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18.3MB - Virtual size: 18.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76aca532905343cc13d6a717c5ae41b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

urlmon

iphlpapi

shlwapi

version

ws2_32

gdi32

oleaut32

gdiplus

comctl32

imm32

Sections

.text Size: 602KB - Virtual size: 601KB

.rdata Size: 187KB - Virtual size: 187KB

.data Size: 14KB - Virtual size: 21KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 18.3MB - Virtual size: 18.3MB

.reloc Size: 42KB - Virtual size: 42KB

.text
Size: 602KB - Virtual size: 601KB

.rdata
Size: 187KB - Virtual size: 187KB

.data
Size: 14KB - Virtual size: 21KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 18.3MB - Virtual size: 18.3MB

.reloc
Size: 42KB - Virtual size: 42KB