92cf720e199cc61df2b641ba12c7ad4b891e04e849666021e0424a2bb6e2cfc3

Sharing

Copy URL

Twitter E-mail

General

Target

92cf720e199cc61df2b641ba12c7ad4b891e04e849666021e0424a2bb6e2cfc3
Size

9.9MB
MD5

0a535a52a6ccaf92eef9d7c6cd7359e3
SHA1

b9055c8e73235c12eeb1784917738678f00b1f21
SHA256

92cf720e199cc61df2b641ba12c7ad4b891e04e849666021e0424a2bb6e2cfc3
SHA512

98695cdbc9d930b9d158883a0f321327578ed3de10000b2e45e2c3fec712f36d45fc88f6286178c9f4b0a7c696463922f74e66280233bba8494883e80e3371f1
SSDEEP

196608:cgJVpbFLVQME2Hx6j1X4rkfxYC3Y87LuapQHTBLf9PDzh7:r5bFiXoi4wfxRY0r6ZH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92cf720e199cc61df2b641ba12c7ad4b891e04e849666021e0424a2bb6e2cfc3

Files

92cf720e199cc61df2b641ba12c7ad4b891e04e849666021e0424a2bb6e2cfc3
.exe windows:4 windows x86 arch:x86

2cb2113b5bed8f8cedc1ed69fd523179

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
FreeLibrary
GetCommandLineA
SetCurrentDirectoryA
GetEnvironmentVariableA
GetLocalTime
SetFileAttributesA
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
CreateDirectoryA
GetUserDefaultLCID
SetFilePointer
GetStartupInfoA
WaitForSingleObject
DeleteFileA
GetFileSize
ReadFile
CreateFileA
WriteFile
GetModuleFileNameA
GetTickCount
GetCommandLineW
LocalFree
Sleep
IsBadReadPtr
ExitProcess
GetModuleHandleA
HeapReAlloc
HeapDestroy
VirtualFree
VirtualAlloc
GetProcessHeap
GlobalSize
lstrcpynA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetTempPathW
lstrcpyn
ReadProcessMemory
Module32Next
Module32First
CreateToolhelp32Snapshot
HeapFree
DeleteCriticalSection
ResumeThread
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetProcAddress
SetLastError
MultiByteToWideChar
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
VirtualQueryEx
IsWow64Process
WideCharToMultiByte
lstrlenW
QueryDosDeviceW
GetCurrentProcess
SetWaitableTimer
CreateWaitableTimerA
GetLastError
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateThread
CloseHandle
CreateIoCompletionPort
GetSystemInfo
TerminateProcess
OpenProcess
CreateProcessA
LoadLibraryA
GetCurrentProcessId
RtlMoveMemory
InitializeCriticalSection
HeapAlloc
HeapCreate
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
LCMapStringW
IsBadWritePtr
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
RaiseException
GetSystemTime
RtlUnwind
GetOEMCP
GetCPInfo
SetErrorMode
GetProcessVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
SetEndOfFile
FlushFileBuffers
MulDiv
InterlockedDecrement
InterlockedIncrement
Process32Next
Process32First
GetVersionExA
GetTempPathA
GetWindowsDirectoryA
lstrcpyA
GetSystemDirectoryA
VerLanguageNameA
lstrlenA
lstrcatA
LockResource
LoadResource
FindResourceA
GetTimeZoneInformation
GetVersion
TerminateThread
SetSystemPowerState
GetACP
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom

user32

SystemParametersInfoA
UpdateWindow
GetDlgItem
GetCursorPos
FindWindowExA
PtInRect
GetParent
EnableWindow
IsWindowEnabled
GetForegroundWindow
GetActiveWindow
SetActiveWindow
ExitWindowsEx
SetWindowTextA
PostMessageA
SetCursor
GetLastActivePopup
SetWindowsHookExA
ValidateRect
CallNextHookEx
GetKeyState
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
TabbedTextOutA
DrawTextA
GrayStringA
UnhookWindowsHookEx
CreateDialogIndirectParamA
EndDialog
GetDlgCtrlID
GetMenuItemCount
SendDlgItemMessageA
IsDialogMessageA
SetWindowPos
SetFocus
GetWindowPlacement
RegisterWindowMessageA
GetMessagePos
DefWindowProcA
RemovePropA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
UnregisterClassA
PostThreadMessageA
DestroyMenu
SetWindowLongA
ShowWindow
SetTimer
MsgWaitForMultipleObjects
DestroyIcon
GetDC
FillRect
DrawIconEx
ReleaseDC
PostQuitMessage
DestroyWindow
SetForegroundWindow
GetWindowLongA
LoadImageA
SendMessageA
KillTimer
CallWindowProcA
EnumWindows
GetWindowThreadProcessId
GetClassNameA
GetWindowTextLengthA
IsWindow
GetWindowTextA
GetWindowRect
GetWindow
EnumChildWindows
PeekMessageW
TranslateMessage
DispatchMessageW
EnumDisplaySettingsA
IsIconic
IsWindowVisible
PrintWindow
GetClientRect
ClientToScreen
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
SendMessageW
GetSystemMetrics
GetDesktopWindow
PeekMessageA
GetMessageA
DispatchMessageA
wsprintfA
MessageBoxA
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetMessageTime

gdi32

GetClipBox
ScaleWindowExtEx
SetWindowExtEx
GetStockObject
SetStretchBltMode
SetDIBitsToDevice
GetDIBits
GetPixel
GdiFlush
BitBlt
GetObjectA
CreateDIBSection
DeleteObject
DeleteDC
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
PtVisible
RectVisible
SetPixelV
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
StretchBlt
Escape
ExtTextOutA
TextOutA

advapi32

RegOpenKeyExA
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA

iphlpapi

GetExtendedTcpTable
GetAdaptersInfo

shlwapi

PathFileExistsA

ws2_32

send
recv
select
WSAStartup
closesocket
gethostname
WSACleanup
ntohs
WSASocketA
getsockname
htons
inet_addr
bind
listen
WSARecv
WSASend
connect
getpeername
inet_ntoa

shell32

CommandLineToArgvW
SHGetSpecialFolderPathA
ShellExecuteA
SHGetFileInfoA
SHGetSpecialFolderPathW

ole32

CoUninitialize
CLSIDFromString
OleRun
CoCreateInstance
CLSIDFromProgID
CoInitialize
OleIsCurrentClipboard
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
CreateStreamOnHGlobal
OleUninitialize
OleFlushClipboard

wininet

InternetCanonicalizeUrlA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
InternetSetOptionA
HttpSendRequestA
InternetCrackUrlA

wsock32

ord1142
ord1141

psapi

GetProcessImageFileNameW

gdiplus

GdipDrawImageRectRect
GdipFillRectangle
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipSaveImageToStream
GdipLoadImageFromFile
GdipCreateBitmapFromStream
GdipDisposeImage
GdiplusStartup
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateBitmapFromScan0

oledlg

ord8

oleaut32

VarR8FromCy
VarR8FromBool
VariantChangeType
SafeArrayDestroy
LHashValOfNameSys
RegisterTypeLi
VariantCopy
SafeArrayCreate
SysAllocString
VariantClear
LoadTypeLi

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

rasapi32

RasGetConnectStatusA
RasHangUpA

msvcrt

strncpy

Sections

.text
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 944KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cb2113b5bed8f8cedc1ed69fd523179

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

iphlpapi

shlwapi

ws2_32

shell32

ole32

wininet

wsock32

psapi

gdiplus

oledlg

oleaut32

winspool.drv

comctl32

version

rasapi32

msvcrt

Sections

.text Size: 9.0MB - Virtual size: 9.0MB

.sedata Size: 944KB - Virtual size: 944KB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 9.0MB - Virtual size: 9.0MB

.sedata
Size: 944KB - Virtual size: 944KB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB