5d4580d801b314d68e30883f93cf3f0c5455f999528110df527b28a97d01182c

Sharing

Copy URL Twitter E-mail

General

Target

5d4580d801b314d68e30883f93cf3f0c5455f999528110df527b28a97d01182c
Size

5.9MB
MD5

5e9c03b1c5b3659d5fbb092bb96fc874
SHA1

0f250b707b7f5c4b1dd08dfb6e7e7600b6fde67a
SHA256

5d4580d801b314d68e30883f93cf3f0c5455f999528110df527b28a97d01182c
SHA512

67f85dc4e16b1df13f2282ef7c27f97ad061d5c2b99eab426440ac7eb41d203e9420cdae8fd37c6ce46418d82ca3b2d1b09dd9e7a30ea90b807dff3dfcc9d860
SSDEEP

98304:m/V9hAIXjgcTO2A2QXeT5RYV+Td1ZBDUcM8psRn5iSt/mFLOAkGkzdnEVomFHKnP:m/fa0wLELM8psRn5QFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d4580d801b314d68e30883f93cf3f0c5455f999528110df527b28a97d01182c

Files

5d4580d801b314d68e30883f93cf3f0c5455f999528110df527b28a97d01182c
.exe windows:5 windows x86 arch:x86

8ac1b014990a9e4f541ee53826384f36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iocptcp

TcpCreate
TcpUninit
TcpConnect
TcpSend
TcpSetLinkAttr
TcpListen
TcpDestroy
TcpInit
TcpGetLinkAddr

iocpudp

UdpSendTo
UdpUninit
UdpCreate
UdpInit
UdpDestroy

kernel32

IsProcessorFeaturePresent
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
TryEnterCriticalSection
CreateTimerQueue
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
CreateThread
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCommandLineA
RtlUnwind
VirtualAlloc
ExitThread
HeapQueryInformation
ExitProcess
GetModuleHandleExW
AreFileApisANSI
SetStdHandle
GetStdHandle
UnhandledExceptionFilter
CreateEventW
GetStartupInfoW
CreateSemaphoreW
IsValidCodePage
GetStringTypeW
GetTimeZoneInformation
IsDebuggerPresent
GetConsoleMode
ReadConsoleW
ReleaseSemaphore
InitializeSListHead
UnregisterWaitEx
GetVersionExW
VirtualFree
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTempFileNameA
WriteConsoleW
SetEnvironmentVariableA
GetSystemTime
CreateFileMappingW
GetDiskFreeSpaceW
LockFileEx
GetTempPathW
HeapValidate
HeapCreate
FormatMessageW
UnlockFileEx
FlushViewOfFile
HeapCompact
CreateMutexW
GetFullPathNameW
GetExitCodeThread
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
GetUserDefaultLCID
GetDiskFreeSpaceA
VirtualProtect
SearchPathA
GetConsoleCP
GetProfileIntA
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapDestroy
LeaveCriticalSection
RaiseException
GetLastError
HeapSize
EnterCriticalSection
DecodePointer
DeleteCriticalSection
CloseHandle
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetCurrentThread
GetFileAttributesA
SetLastError
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetCurrentDirectoryA
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
ResumeThread
GetCurrentProcess
Process32First
GetDriveTypeA
Sleep
CreateEventA
TerminateProcess
GetLogicalDriveStringsA
lstrcpyA
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFindAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
GlobalFlags
GlobalAddAtomA
SystemTimeToFileTime
GlobalGetAtomNameA
lstrcmpA
SetThreadPriority
CompareStringA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
GetModuleHandleW
FindResourceW
Process32Next
CreateToolhelp32Snapshot
CopyFileA
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
SizeofResource
LockResource
LoadResource
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
GlobalFree
GlobalAlloc
GetSystemTimes
GetComputerNameA
DeviceIoControl
InterlockedDecrement
InterlockedIncrement
GetDiskFreeSpaceExA
GetModuleFileNameW
GetCurrentProcessId
GetModuleHandleA
GetLocalTime
FormatMessageA
SetUnhandledExceptionFilter
VirtualQuery
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
ReleaseMutex
CreateMutexA
ResetEvent
InitializeCriticalSection
SetEvent
WaitForSingleObject
GetPrivateProfileSectionA
GetPrivateProfileStringA
LocalFree
DeleteFileW
GetFileAttributesExW
FindNextFileW
RemoveDirectoryW
GetFileType
SetFileAttributesA
lstrlenW
MultiByteToWideChar
CreateFileW
GetFileAttributesW
WideCharToMultiByte
GetFileAttributesExA
CreateDirectoryW
SetFilePointerEx
FindFirstFileW
DeleteFileA
DuplicateHandle
GetFileTime
FindNextFileA
MoveFileA
FindClose
lstrcmpiA
FindFirstFileA
GetFileSizeEx
FlushFileBuffers
ReadFile
GetVolumeInformationA
WriteFile
LockFile
UnlockFile
SetEndOfFile
lstrlenA
SetFilePointer
GetFileSize
CreateFileA
GetFullPathNameA

user32

LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetSystemMenu
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MapVirtualKeyA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
IntersectRect
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
CreateAcceleratorTableA
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
FillRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DestroyCursor
IsIconic
PostQuitMessage
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
wsprintfA
GetSystemMetrics
CharUpperA
DispatchMessageA
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
SetRect
LockWindowUpdate
SetClassLongA
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
FrameRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
ShowOwnedPopups
PeekMessageA
TranslateMessage
GetMessageA
MessageBoxA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
UnhookWindowsHookEx
SendMessageA
EnableWindow
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
SetParent
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
GetWindowRgn
DrawIcon
DrawTextA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
GetWindowTextA
GetWindowTextLengthA
DestroyIcon
GetDlgCtrlID
GetFocus
SetWindowTextA
GetWindowRect
ClientToScreen
PtInRect
GetDesktopWindow
GetClassNameA
GetWindow
RealChildWindowFromPoint
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
RegisterWindowMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
PatBlt
IntersectClipRect
DPtoLP
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
GetPaletteEntries
LineTo
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
DeleteDC
CopyMetaFileA
CreateDCA
GetDeviceCaps
DeleteObject
CreateBitmap
SetBkColor
SetTextColor
GetObjectA
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
SetRectRgn
ExcludeClipRect

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
SetServiceStatus
RegisterServiceCtrlHandlerA
QueryServiceConfig2A
QueryServiceConfigA
OpenSCManagerA
QueryServiceStatus
CloseServiceHandle
OpenServiceA
FreeSid
AllocateAndInitializeSid
SetNamedSecurityInfoA
SetEntriesInAclA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
StartServiceCtrlDispatcherA
RegDeleteKeyA

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFileExistsA
PathFileExistsW
SHGetValueA
SHSetValueA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData

ole32

DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
CoInitialize
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree

oleaut32

SafeArrayGetElement
SysFreeString
SafeArrayGetUBound
VariantClear
SysAllocStringByteLen
LoadTypeLi
SysStringLen
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantCopy
VariantChangeType
VarBstrFromDate
SafeArrayDestroy
SafeArrayGetLBound
SysAllocString

gdiplus

GdipCreateFromHDC
GdipSetInterpolationMode
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipDrawImageI
GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ws2_32

htons
htonl
ntohs
ntohl

iphlpapi

GetAdaptersInfo

psapi

GetProcessMemoryInfo

wininet

HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetCrackUrlA
InternetConnectA
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetReadFile

pdh

PdhCloseQuery
PdhGetFormattedCounterValue
PdhOpenQueryA
PdhAddCounterA
PdhCollectQueryData

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 680KB - Virtual size: 679KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ac1b014990a9e4f541ee53826384f36

Headers

DLL Characteristics

File Characteristics

Imports

iocptcp

iocpudp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

version

ws2_32

iphlpapi

psapi

wininet

pdh

setupapi

oleacc

imm32

winmm

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 680KB - Virtual size: 679KB

.data Size: 204KB - Virtual size: 248KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 249KB - Virtual size: 249KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 680KB - Virtual size: 679KB

.data
Size: 204KB - Virtual size: 248KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 249KB - Virtual size: 249KB