97693b7dbc965d0a465cf03ec1e8f27002b5186109253cbffdb60d1ea77134ea

Sharing

Copy URL Twitter E-mail

General

Target

97693b7dbc965d0a465cf03ec1e8f27002b5186109253cbffdb60d1ea77134ea
Size

844KB
MD5

a00a26882103500b44433942b1af8907
SHA1

e8c9461fc19c6305c465d000bd05fb683face3f6
SHA256

97693b7dbc965d0a465cf03ec1e8f27002b5186109253cbffdb60d1ea77134ea
SHA512

977cdf9c64f3ee6ab20460d31cdca4fbe62ddcc836a2598cd5b3d89b65bfcdaa4373195d2acd69648626ea7be2c5d943e05f3335b989b9f084f9bf80b017cbaf
SSDEEP

12288:mDd+6CbDTQ/LKwWdGmssRAgytTLl2fwH9hrJ83wa5r:0SD0+GfsRRylLl1H9h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97693b7dbc965d0a465cf03ec1e8f27002b5186109253cbffdb60d1ea77134ea

Files

97693b7dbc965d0a465cf03ec1e8f27002b5186109253cbffdb60d1ea77134ea
.exe windows:4 windows x86 arch:x86

02a77ff0a0b798bbec6083309f5edf62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetCurrentProcessId
GetFileType
SetStdHandle
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
GetStartupInfoA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
HeapReAlloc
HeapSize
CreateDirectoryA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
InterlockedExchange
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetDateFormatA
GetTimeFormatA
RtlUnwind
SetErrorMode
GetFileTime
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
UnlockFile
LockFile
MoveFileA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetProfileIntA
SuspendThread
ResumeThread
SetThreadPriority
SetLastError
CopyFileA
MulDiv
GlobalSize
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
FreeResource
FormatMessageA
LocalFree
SetCurrentDirectoryA
CreateThread
GetLocalTime
ResetEvent
SetEvent
GlobalFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
Process32First
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
OpenProcess
DuplicateHandle
GetModuleHandleA
GetProcAddress
CreateEventA
SetEndOfFile
GetSystemDirectoryA
DeleteFileA
MoveFileExA
WinExec
ExitThread
GetCurrentProcess
TerminateProcess
SetFilePointer
WriteFile
FlushFileBuffers
CreateFileA
GetFileSize
ReadFile
GetTickCount
GetLogicalDrives
GetDriveTypeA
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
InterlockedDecrement
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
Sleep
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalUnlock
MultiByteToWideChar
GetModuleFileNameA
GetCommandLineA
GlobalAlloc
GlobalLock
lstrcpyA
GetLastError
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeEnvironmentStringsA

user32

IsRectEmpty
GetMessageA
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetMenuStringA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
IsWindowVisible
GetMenu
DestroyIcon
DrawIcon
LoadIconA
PostQuitMessage
CopyAcceleratorTableA
FillRect
FrameRect
AppendMenuA
SendMessageA
GetWindowRect
GetClientRect
GetMenuItemID
AdjustWindowRectEx
EqualRect
SetScrollInfo
RegisterClassA
GetDlgCtrlID
DefWindowProcA
IntersectRect
GetWindowPlacement
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
IsIconic
CheckMenuItem
GetClassNameA
GetWindow
BringWindowToTop
SetForegroundWindow
ShowWindow
LoadMenuA
GetSubMenu
TrackPopupMenu
wsprintfA
DestroyMenu
CallWindowProcA
InvalidateRgn
CharNextA
MapDialogRect
SetWindowContextHelpId
PostThreadMessageA
OffsetRect
SystemParametersInfoA
GetScrollInfo
UnregisterHotKey
RegisterHotKey
GrayStringA
DrawTextExA
TabbedTextOutA
GetIconInfo
SetRect
CopyRect
GetSystemMetrics
SetWindowPos
SetParent
KillTimer
SetTimer
LockWindowUpdate
GetWindowLongA
SetWindowRgn
GetSysColorBrush
GetClassInfoA
DrawTextA
SetWindowLongA
CopyIcon
GetNextDlgGroupItem
MessageBeep
EnableWindow
ClientToScreen
GetDC
ReleaseDC
InvalidateRect
GetParent
CloseWindow
GetKeyState
SetMenuDefaultItem
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatA
CharUpperA
UnregisterClassA
PostMessageA
IsWindow
FindWindowA
CreatePopupMenu
GetMenuItemCount
GetForegroundWindow
LoadBitmapA
ScreenToClient
UpdateWindow
SetCapture
GetDesktopWindow
WindowFromPoint
GetCursorPos
MessageBoxA
SetCursor
LoadCursorA
ReleaseCapture
PtInRect
InflateRect
RedrawWindow
GetSysColor
GetWindowDC

gdi32

GetTextColor
GetRgnBox
GetBkColor
DPtoLP
GetMapMode
CreatePen
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetWindowExtEx
GetViewportExtEx
GetStockObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
FillPath
EndPath
BeginPath
FrameRgn
CreateRoundRectRgn
GetTextExtentPoint32A
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
CreateFontIndirectA
CreateFontA
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegQueryValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptDestroyKey
CryptDecrypt
CryptDeriveKey
CryptEncrypt
CryptGenKey
CryptGetUserKey
CryptGetProvParam
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
OpenProcessToken
RegSetValueA

shell32

SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHChangeNotify
Shell_NotifyIconA
SHEmptyRecycleBinA
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

ImageList_SetImageCount
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_Create
ImageList_Draw
ImageList_AddMasked
ImageList_GetIcon
ord17
ImageList_Destroy
ImageList_Replace

shlwapi

StrFormatByteSize64A
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathIsDirectoryA
PathFindExtensionA

oledlg

ord8

ole32

CoGetClassObject
StgCreateDocfileOnILockBytes
OleDuplicateData
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
CoCreateInstance
CLSIDFromString
CreateStreamOnHGlobal
CoInitialize
OleRun
CLSIDFromProgID
CoTaskMemFree
CreateILockBytesOnHGlobal
CoTaskMemAlloc
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoDisconnectObject
StgOpenStorageOnILockBytes
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
SysStringLen
SysAllocStringLen
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringByteLen
VariantCopy
VariantChangeType
DispCallFunc
LoadRegTypeLi
OleCreatePictureIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
OleCreateFontIndirect
LoadTypeLi
GetErrorInfo

urlmon

URLDownloadToFileA

gdiplus

GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromFileICM
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

ws2_32

ntohs

psapi

GetProcessMemoryInfo
EnumProcessModules
GetModuleFileNameExA

wininet

DeleteUrlCacheEntry

Sections

.text
Size: 496KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

02a77ff0a0b798bbec6083309f5edf62

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

ws2_32

psapi

wininet

Sections

.text Size: 496KB - Virtual size: 493KB

.rdata Size: 136KB - Virtual size: 132KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 196KB - Virtual size: 196KB

.text
Size: 496KB - Virtual size: 493KB

.rdata
Size: 136KB - Virtual size: 132KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 196KB - Virtual size: 196KB