cddc09d36c76c090fd61b9e5eaf61e76ac891977cdb836beb5118ebaffeffdae

Sharing

Copy URL Twitter E-mail

General

Target

cddc09d36c76c090fd61b9e5eaf61e76ac891977cdb836beb5118ebaffeffdae
Size

5.5MB
MD5

b621259e6531f555890fbbbdaf38b763
SHA1

a643eb9bc22caea7bc9ba259b524ea84bde17b7e
SHA256

cddc09d36c76c090fd61b9e5eaf61e76ac891977cdb836beb5118ebaffeffdae
SHA512

cf14cab9e7d9d0dc9bcb211d97c827138de0f0c1e431b8e64818793fb80de2b090aa15a2343c49dfb59c105f4c31387a4eddb536a68040f99fafaaaa8de3ebff
SSDEEP

49152:Z0GtcjGh2RngUUxG7hRnyLBIkeHXc03x9eMpgma667kzdk5C/4fHkB/OSmucryE2:iOcCh+2dr9iSnoAibBw+cat1bCBQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cddc09d36c76c090fd61b9e5eaf61e76ac891977cdb836beb5118ebaffeffdae

Files

cddc09d36c76c090fd61b9e5eaf61e76ac891977cdb836beb5118ebaffeffdae
.exe windows:6 windows x86 arch:x86

c10c9b9482a9040649b80ed9cfd6e1b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
LCMapStringEx
GetStringTypeW
RtlUnwind
GetModuleHandleExW
ExitProcess
HeapValidate
GetSystemInfo
GetStdHandle
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
IsValidCodePage
QueryPerformanceFrequency
HeapQueryInformation
GetFileType
WriteConsoleW
SetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
FindNextFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetTimeZoneInformation
OutputDebugStringW
GetWindowsDirectoryA
FindResourceExW
GetUserDefaultLCID
GetTempFileNameA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SearchPathA
GetTickCount64
FileTimeToSystemTime
GetTempPathA
GetProfileIntA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetThreadLocale
lstrcmpiA
GetHandleInformation
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetAtomNameA
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
SetErrorMode
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
WaitForSingleObject
WideCharToMultiByte
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
FindResourceW
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SystemTimeToFileTime
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SetFilePointer
SetFileTime
CreateDirectoryA
GetFileSize
GetProcAddress
GetThreadContext
LoadResource
CloseHandle
Process32Next
DeleteFileA
LockResource
LoadLibraryA
GetCurrentThread
CreateFileA
HeapFree
Sleep
CreateToolhelp32Snapshot
GetModuleHandleA
FindResourceA
WriteFile
Process32First
SizeofResource
ReadFile
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
MultiByteToWideChar
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SetLastError
TlsSetValue
CreateFileW

user32

DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
SetMenuItemBitmaps
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
TabbedTextOutA
EndDialog
CreateDialogIndirectParamA
NotifyWinEvent
MapDialogRect
LoadCursorW
LoadCursorA
SetParent
GetDesktopWindow
WindowFromPoint
ClientToScreen
HideCaret
SetWindowContextHelpId
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
InvalidateRgn
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
ReleaseDC
GetWindowDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
PostThreadMessageA
PostMessageA
GrayStringA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
UnhookWindowsHookEx
GetWindow
GetTopWindow
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetActiveWindow
TrackPopupMenu
SetMenu
InvertRect
GetMenuCheckMarkDimensions
UnregisterClassA
GetDC
wsprintfA
PeekMessageA
GetMenu
GetCapture
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
SetLayeredWindowAttributes
SetRectEmpty
SystemParametersInfoA
EnumDisplayMonitors
GetClipboardFormatNameA
UnpackDDElParam
IntersectRect
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageA
LoadImageW
CopyImage
DrawStateA
GetClassInfoExA
GetClassInfoA
DrawFocusRect
FrameRect
PostQuitMessage
IsMenu
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
GetClassNameA
DestroyCursor
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
RegisterWindowMessageA
GetSystemMetrics
GetSysColor
GetSysColorBrush
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
SetCursor
SendMessageA
EnableWindow
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
MapVirtualKeyExA
IsCharLowerA
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
SubtractRect
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
GetKeyNameTextA
CopyAcceleratorTableA
CharNextA
UpdateLayeredWindow
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
WaitMessage
LoadAcceleratorsW
RealChildWindowFromPoint
SetClassLongA
DestroyAcceleratorTable
CopyIcon
GetIconInfo
GetDoubleClickTime
DestroyMenu
UnionRect
SetRect
SetCursorPos
MessageBeep
ReleaseCapture
GetAsyncKeyState
CharUpperA
TrackMouseEvent
MonitorFromPoint

gdi32

CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetMapMode
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
SetRectRgn
GetTextMetricsA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBSection
SetDIBColorTable
GetSystemPaletteEntries
BitBlt
ExtTextOutA
SetTextColor
SetBkColor
GetObjectA
GetStockObject
DeleteObject
GetDeviceCaps
CreateDCA
CopyMetaFileA
EnumFontsW
StretchBlt
EnumFontFamiliesExA
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHBrowseForFolderA
SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
StrFormatKBSizeA

uxtheme

GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor

ole32

CoRegisterMessageFilter
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CreateILockBytesOnHGlobal
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeEx
CreateStreamOnHGlobal
StringFromGUID2
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoRevokeClassObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
LoadTypeLi
SysAllocStringByteLen
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocStringLen
VarBstrFromDate
SystemTimeToVariantTime

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c10c9b9482a9040649b80ed9cfd6e1b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 504KB - Virtual size: 503KB

.data Size: 23KB - Virtual size: 51KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 198KB - Virtual size: 197KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 504KB - Virtual size: 503KB

.data
Size: 23KB - Virtual size: 51KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 198KB - Virtual size: 197KB