500055b79a9ccc85235b94b2fafd9d329f4f737220fb88dec66c45007b32dcd1

Sharing

Copy URL

Twitter E-mail

General

Target

500055b79a9ccc85235b94b2fafd9d329f4f737220fb88dec66c45007b32dcd1
Size

2.0MB
MD5

eb64c3b75d0d1d51da106e79921e8de8
SHA1

dfe3646f3b834a3388bc3ad28f62e2f4fee3ded4
SHA256

500055b79a9ccc85235b94b2fafd9d329f4f737220fb88dec66c45007b32dcd1
SHA512

b04419724f45a7b207da0d62438279dd898bc979a5bef057e9e149ab235bfd9615e274cadb2a8840f0524a26c33291b15b8e716dc7bf66997aef7671cadc4c2d
SSDEEP

49152:CPOhwR29X1kt2AexQ/GRhTxcNv9LT7yhxC/v:CPAY29Grexm71L0C/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
500055b79a9ccc85235b94b2fafd9d329f4f737220fb88dec66c45007b32dcd1

Files

500055b79a9ccc85235b94b2fafd9d329f4f737220fb88dec66c45007b32dcd1
.exe windows:5 windows x86 arch:x86

732b937f4fb6f54e6674009d625ddaf5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmAssociateContextEx
ImmNotifyIME
ImmDisableIME
ImmGetContext

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

StrToIntA
PathFindFileNameW
PathAppendW
StrDupW
ord12

kernel32

FileTimeToSystemTime
SetLastError
MultiByteToWideChar
WideCharToMultiByte
CreateMutexW
ReleaseMutex
GetVersionExW
GetSystemInfo
lstrcmpiW
QueryDosDeviceW
HeapFree
HeapAlloc
GetProcessHeap
GetACP
GetEnvironmentVariableW
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryExW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
ReadFile
WriteFile
SetFileTime
GetFileTime
GetFileAttributesW
lstrcatW
lstrcpyW
UnmapViewOfFile
CreateFileMappingW
CreateProcessW
GetExitCodeProcess
GetLogicalDriveStringsW
FindNextFileW
FindClose
InterlockedExchangeAdd
CreateDirectoryW
GetFullPathNameW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetFileSizeEx
InterlockedExchange
lstrcmpW
InterlockedIncrement
MulDiv
SetWaitableTimer
CreateWaitableTimerW
FreeResource
QueryPerformanceFrequency
QueryPerformanceCounter
MapViewOfFileEx
TlsSetValue
GetModuleHandleA
DisableThreadLibraryCalls
TlsAlloc
CreateThread
TlsGetValue
VirtualProtect
GetModuleHandleExW
OutputDebugStringA
HeapCreate
HeapDestroy
FlushInstructionCache
VirtualFree
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Thread32Next
Thread32First
SuspendThread
CreateToolhelp32Snapshot
HeapReAlloc
GetThreadContext
SetThreadContext
OpenThread
RtlUnwind
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
GetFileType
HeapSize
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
GetTempFileNameW
lstrlenW
ExpandEnvironmentStringsW
VirtualQuery
DeviceIoControl
GetModuleFileNameW
LocalFree
LocalAlloc
GetFileSize
CreateFileW
SetEndOfFile
SetFilePointer
FreeLibrary
GetCurrentProcess
InterlockedDecrement
GetModuleHandleW
GlobalMemoryStatusEx
ResetEvent
SetEvent
Sleep
CreateEventW
WaitForSingleObject
WaitForMultipleObjects
GetTickCount
GetProcAddress
LoadLibraryW
CloseHandle
OpenProcess
LCMapStringW
GetCurrentThreadId
GetStartupInfoW
GlobalUnlock
GlobalLock
FindResourceW
LoadResource
GlobalFree
GlobalAlloc
LockResource
SizeofResource
GetCurrentProcessId
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
SetErrorMode
InitializeCriticalSectionAndSpinCount
TlsFree
SwitchToThread
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
EncodePointer
GetCPInfo
GetStringTypeW
GetLocaleInfoW
FormatMessageW
CompareStringW
GetSystemTimeAsFileTime

user32

SetRectEmpty
GetClassLongW
SetCaretPos
LoadImageW
LoadBitmapW
GetIconInfo
ToAscii
GetCaretBlinkTime
GetKeyboardState
GetSysColor
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
GetAncestor
RegisterWindowMessageW
EnumThreadWindows
CreateAcceleratorTableW
DestroyAcceleratorTable
GetFocus
GetAsyncKeyState
ValidateRect
SetFocus
SetParent
KillTimer
BeginPaint
EndPaint
DestroyWindow
GetKeyState
ScreenToClient
TrackMouseEvent
SetCapture
ReleaseCapture
GetMessageW
PeekMessageW
AdjustWindowRectEx
ShowWindowAsync
FillRect
PostQuitMessage
PostMessageW
EqualRect
EnumChildWindows
OffsetRect
RedrawWindow
ClientToScreen
IntersectRect
GetWindowDC
SetCursor
IsZoomed
GetPropW
SetWindowRgn
InvalidateRgn
OpenClipboard
InvalidateRect
GetDCEx
GetCursorPos
CreateWindowExW
RegisterClassExW
LoadCursorW
RemovePropW
SetPropW
GetClassInfoExW
GetWindowTextLengthW
GetWindow
GetWindowRect
MonitorFromWindow
SetWindowTextW
GetMonitorInfoW
CopyRect
MapWindowPoints
GetClassNameW
GetClientRect
GetDlgItem
EnableWindow
GetWindowTextW
LoadStringW
MessageBoxW
SetWindowPos
ShowWindow
IsWindow
AttachThreadInput
SystemParametersInfoW
SetForegroundWindow
IsIconic
GetDC
ReleaseDC
GetWindowThreadProcessId
GetSystemMetrics
WindowFromPoint
GetForegroundWindow
GetDesktopWindow
GetParent
GetWindowLongW
DefWindowProcW
CallWindowProcW
SendMessageW
SetTimer
MoveWindow
IsRectEmpty
SetWindowLongW
UnregisterClassW
IsChild
MsgWaitForMultipleObjects
UpdateLayeredWindow
UnionRect
PtInRect
SetRect
TranslateMessage
CharNextW
IsWindowVisible
DispatchMessageW
DrawIconEx

gdi32

CreateFontIndirectW
CreateDCW
GetDIBits
CreateDIBSection
CreateRoundRectRgn
PtInRegion
EnumFontsW
GetClipBox
SetTextColor
CreateSolidBrush
SetGraphicsMode
SetWorldTransform
CreateRectRgnIndirect
CreatePolygonRgn
SetViewportOrgEx
GetRgnBox
GetStockObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetObjectW
SetBkColor
DeleteObject
ExtTextOutW

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
SHGetFolderPathW

ole32

CoTaskMemRealloc
CreateStreamOnHGlobal
OleLockRunning
CLSIDFromString
OleInitialize
CLSIDFromProgID
StringFromGUID2
CoCreateInstance
CoGetClassObject
OleUninitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
DispCallFunc
SysStringLen
SysAllocStringLen
VarUI4FromStr
VariantInit
SysAllocString
VariantClear
SysFreeString

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

urlmon

CoInternetCreateSecurityManager
CoInternetCreateZoneManager

gdiplus

GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipAddPathString
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathRectangleI
GdipCombineRegionRegion
GdipGetBrushType
GdipSetLineTransform
GdipSetTextureTransform
GdipCloneBitmapArea
GdipCreateSolidFill
GdipGetFontStyle
GdipSetStringFormatTrimming
GdipTransformRegion
GdipFillPath
GdipGetPathWorldBounds
GdipGetImageWidth
GdipFree
GdipCreateHBITMAPFromBitmap
GdipMultiplyWorldTransform
GdipGraphicsClear
GdipSetPenDashStyle
GdipDrawLine
GdipDrawRectangle
GdipSetPixelOffsetMode
GdipScaleWorldTransform
GdipSetClipRectI
GdipClosePathFigure
GdipGetSmoothingMode
GdipDrawArcI
GdipCreateImageAttributes
GdipSetClipRegion
GdipDrawPath
GdipDrawString
GdipSetImageAttributesWrapMode
GdipGetClipBoundsI
GdipCreateFromHDC
GdipFillEllipse
GdipBeginContainer2
GdipCreateTexture
GdipGetTextureTransform
GdipGetMatrixElements
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipGetCellAscent
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipCloneBrush
GdipMeasureString
GdipDeleteRegion
GdipGetImageGraphicsContext
GdipFillRectangleI
ord1
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDeleteFont
GdipGetFontSize
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipCloneImage
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipSetCompositingMode

winmm

timeGetTime

psapi

GetMappedFileNameW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

732b937f4fb6f54e6674009d625ddaf5

Headers

DLL Characteristics

File Characteristics

Imports

imm32

version

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

urlmon

gdiplus

winmm

psapi

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 293KB - Virtual size: 292KB

.data Size: 17KB - Virtual size: 26KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 142KB - Virtual size: 141KB

.reloc Size: 142KB - Virtual size: 144KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 293KB - Virtual size: 292KB

.data
Size: 17KB - Virtual size: 26KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 142KB - Virtual size: 141KB

.reloc
Size: 142KB - Virtual size: 144KB