8b38ddc0778835f553a032ffdd2ebc99c414d394c2f86d32839d30dc41466512

Sharing

Copy URL

Twitter E-mail

General

Target

8b38ddc0778835f553a032ffdd2ebc99c414d394c2f86d32839d30dc41466512
Size

2.6MB
MD5

c8459befcc0f0a79d4a234aea8d8152e
SHA1

9411fa83719a7550f3e5b25568bcea4613b206e5
SHA256

8b38ddc0778835f553a032ffdd2ebc99c414d394c2f86d32839d30dc41466512
SHA512

e875405ecd574e0b18fcb0ea46e8207f47b3a27809c0de35934ad7e180b7618a9045272cf8127004dd17c9613a96917a9754ebadc1440b87db2d1b5ca136fa8b
SSDEEP

49152:zsVkJI6KDzinHVKwcGSpuuIK5ObjFmZ1V7QgC7:zsVkwzinHvPSpuuIOOtmZ1VE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b38ddc0778835f553a032ffdd2ebc99c414d394c2f86d32839d30dc41466512

Files

8b38ddc0778835f553a032ffdd2ebc99c414d394c2f86d32839d30dc41466512
.exe windows:5 windows x86 arch:x86

0220614cd0349901d0bcf623cc8cf1cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
ReadFile
SetEndOfFile
GetFileSize
FlushFileBuffers
GetCompressedFileSizeW
GetVersion
IsBadReadPtr
GetWindowsDirectoryW
GetFileTime
SetFilePointer
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
DeviceIoControl
OutputDebugStringW
LoadLibraryW
FreeLibrary
GetTempPathW
GetFileAttributesW
GlobalAlloc
GlobalLock
CreateFileW
WriteFile
GlobalUnlock
GlobalFree
GetSystemDirectoryW
InterlockedDecrement
InterlockedIncrement
WritePrivateProfileStringA
GetDriveTypeA
GetCurrentThreadId
lstrcatA
lstrlenA
lstrcmpiA
lstrcpyA
DeleteCriticalSection
GetTickCount
GetVersionExW
GetModuleFileNameA
GetNativeSystemInfo
GetModuleHandleA
GetProcAddress
GetCurrentProcess
CreateProcessW
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
GetExitCodeProcess
Sleep
CreateDirectoryW
GetPrivateProfileStringW
GetModuleFileNameW
WritePrivateProfileStringW
CreateToolhelp32Snapshot
Process32FirstW
lstrcmpiW
OpenProcess
TerminateProcess
Process32NextW
CloseHandle
GetDriveTypeW
CopyFileW
DeleteFileW
SetCurrentDirectoryW
WaitForSingleObject
InitializeCriticalSection
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
FindNextFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
SetLastError
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetStdHandle
CreatePipe
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FindFirstFileW
GetLastError
FindClose
GetFileInformationByHandle
InterlockedExchange
SetConsoleCtrlHandler
GetStringTypeW
LCMapStringW
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FatalAppExitA
SetHandleCount
PeekNamedPipe
GetFullPathNameA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetCPInfo
IsProcessorFeaturePresent
GetTimeZoneInformation
GetLocaleInfoW
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThread
GetFileAttributesA
CreateProcessA
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
ExitProcess
IsDebuggerPresent
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindFirstFileExW
FindFirstFileExA
DeleteFileA
MoveFileA
CreateThread
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
InitializeCriticalSectionAndSpinCount
LocalFree
FreeResource
GetACP
GetCurrentDirectoryW
GetModuleHandleW
OutputDebugStringA
lstrcpyW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetFileType
DuplicateHandle
DosDateTimeToFileTime
LocalFileTimeToFileTime
MulDiv
GetDateFormatW
GetTimeFormatW
VirtualAlloc
GetSystemInfo
VirtualFree
VirtualQuery
FormatMessageA
LoadLibraryA
GetModuleHandleExA
VirtualProtect
DebugBreak
HeapCreate
HeapCompact
GlobalMemoryStatus
lstrcpynW
CreateFileA
GetLogicalDriveStringsA
DefineDosDeviceA
GetVersionExA
RtlUnwind
DecodePointer
EncodePointer
GetFullPathNameW
ExitThread
ResumeThread
GetLocalTime

user32

GetAsyncKeyState
EnumDisplaySettingsW
GetDesktopWindow
GetDC
ReleaseDC
ChangeDisplaySettingsW
wsprintfW
GetClientRect
ClientToScreen
GetWindowTextW
wsprintfA
GetActiveWindow
GetLastActivePopup
GetSystemMetrics
SystemParametersInfoW
MessageBoxW
UnregisterDeviceNotification
RegisterDeviceNotificationW
SetWindowPos
GetWindowLongW
SetWindowLongW
SetForegroundWindow
IsIconic
GetMonitorInfoW
MonitorFromWindow
IsZoomed
ScreenToClient
SetWindowRgn
GetWindowRect
DefWindowProcW
DestroyWindow
IsWindow
CreateWindowExW
ShowWindow
PostQuitMessage
DispatchMessageW
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
GetParent
SendMessageW
LoadImageW
RegisterClassW
LoadCursorW
RegisterClassExW
GetClassInfoExW
CallWindowProcW
GetPropW
SetPropW
PostMessageW
AdjustWindowRectEx
GetMenu
CharNextW
MessageBoxA
SetWindowTextW
RedrawWindow
SetTimer
GetCaretBlinkTime
KillTimer
SetCaretPos
CreateCaret
IntersectRect
GetFocus
GetKeyState
SetGestureConfig
InvalidateRect
UpdateLayeredWindow
IsRectEmpty
EndPaint
BeginPaint
GetUpdateRect
SetCapture
ReleaseCapture
PtInRect
IsWindowVisible
GetCursorPos
GetGestureInfo
SetCursor
MoveWindow
MapWindowPoints
SendMessageA
OffsetRect
InflateRect
UnionRect
GetWindowRgn
LoadIconW
LoadStringW
FillRect
DrawTextW
CharPrevW
SetRect
HideCaret
ShowCaret
GetSysColor
GetCaretPos
InvalidateRgn
CreateAcceleratorTableW
GetWindowTextLengthW
PeekMessageA

gdi32

CombineRgn
CreateRectRgnIndirect
GetClipBox
StretchBlt
SelectClipRgn
CreateRectRgn
PtInRegion
EnumFontsW
GetTextMetricsW
CreateDIBSection
SaveDC
RestoreDC
Rectangle
CreateFontIndirectW
CreatePen
CreateRoundRectRgn
GetObjectA
GdiFlush
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
CreateDCW
GetDeviceCaps
DeleteDC
GetObjectW
GetStockObject
SelectPalette
RealizePalette
GetDIBits
SetStretchBltMode
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
RoundRect
SetTextColor
SetBkMode
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
ExtSelectClipRgn
CreateCompatibleDC

advapi32

RegQueryValueExW
OpenSCManagerW
OpenServiceW
StartServiceW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
QueryServiceStatus

shell32

SHCreateDirectoryExW
Shell_NotifyIconW
ShellExecuteW
ShellExecuteExW

ole32

CLSIDFromString
CoCreateGuid
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CLSIDFromProgID
OleLockRunning
CreateStreamOnHGlobal
CoInitializeEx

oleaut32

SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayAccessData
VarBstrCat
SysAllocStringLen
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
VariantInit
VariantClear
SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocString
SafeArrayGetUBound

shlwapi

PathFileExistsA

iphlpapi

GetIfTable
GetAdaptersInfo
NotifyAddrChange

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW

wlanapi

WlanRegisterNotification
WlanCloseHandle
WlanOpenHandle
WlanFreeMemory
WlanEnumInterfaces
WlanGetAvailableNetworkList
WlanConnect
WlanDisconnect
WlanGetSecuritySettings
WlanSetSecuritySettings
WlanSetProfile

ws2_32

WSAGetLastError
WSACreateEvent
WSACloseEvent
WSAResetEvent
gethostbyname
gethostname
inet_ntoa
htonl
inet_addr
WSACleanup
WSAStartup

winhttp

WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpCloseHandle

winmm

timeBeginPeriod
timeSetEvent
timeEndPeriod
timeKillEvent
timeGetDevCaps

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipCreateFontFromLogfontA
GdipGetImageHeight
GdipGetImageWidth
GdipFillPath
GdipSetSmoothingMode
GdipAddPathArcI
GdiplusStartup
GdiplusShutdown
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipClosePathFigure
GdipAlloc
GdipCloneStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipStringFormatGetGenericTypographic
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipCreateFontFromDC
GdipFree
GdipDeleteFont
GdipDrawImageRectI
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreatePen1
GdipDeletePen
GdipCreatePath
GdipDeletePath

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0220614cd0349901d0bcf623cc8cf1cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

iphlpapi

version

wlanapi

ws2_32

winhttp

winmm

comctl32

gdiplus

imm32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 287KB - Virtual size: 287KB

.data Size: 43KB - Virtual size: 66KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 84KB - Virtual size: 84KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 287KB - Virtual size: 287KB

.data
Size: 43KB - Virtual size: 66KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 84KB - Virtual size: 84KB