03a23c330c83eaa96f6433fafa67b4806267d9c6984871543d97cdeb1ff49f66

Sharing

Copy URL Twitter E-mail

General

Target

03a23c330c83eaa96f6433fafa67b4806267d9c6984871543d97cdeb1ff49f66
Size

14.5MB
MD5

fadc8e9284a5d1f1f75dc5ebce2d2178
SHA1

953498fbbe9f09dbefe6cd2b473973ff6c0163dd
SHA256

03a23c330c83eaa96f6433fafa67b4806267d9c6984871543d97cdeb1ff49f66
SHA512

8bad3180618e62486f2224b72b626afdb8f26615bf9ede908a15d0d8bea5912b26a27853d98de0d1241190d488afff1b2e45156c9849902e8d0ec200662ca0da
SSDEEP

393216:sfqZt6ltcmWLCMP8cWSG5Dfx8RHqCryPFCn/N1TZsC:siq3WL9BqfxZCt/N1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03a23c330c83eaa96f6433fafa67b4806267d9c6984871543d97cdeb1ff49f66

Files

03a23c330c83eaa96f6433fafa67b4806267d9c6984871543d97cdeb1ff49f66
.exe windows:5 windows x86 arch:x86

b69f4d4fbb62fcbc714339695d66898c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStdHandle
GetTimeFormatA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
HeapReAlloc
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
ExitThread
HeapAlloc
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
SetErrorMode
SetHandleCount
GetDateFormatA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
GetFileSizeEx
GetThreadLocale
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
MulDiv
GlobalFree
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
FormatMessageA
DeleteCriticalSection
FileTimeToLocalFileTime
SuspendThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
SetLastError
lstrcmpW
GetModuleHandleW
CreateDirectoryA
GetVersionExA
lstrcmpA
LocalAlloc
LocalFree
CopyFileA
GetCurrentDirectoryA
GetFileAttributesA
FileTimeToSystemTime
GetLocalTime
SystemTimeToFileTime
GetTickCount
GetCurrentProcessId
WaitForSingleObject
InitializeCriticalSection
CreateEventA
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
SetEvent
GetWindowsDirectoryA
CreateProcessA
GetFileSize
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
GetThreadContext
SetThreadContext
ResumeThread
FindFirstFileA
FindNextFileA
FindClose
OutputDebugStringA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
FlushFileBuffers
SetFilePointer
ReadFile
GetLastError
TerminateThread
CreateThread
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleHandleA
FreeResource
GetModuleFileNameA
SetFileAttributesA
DeleteFileA
WritePrivateProfileStringA
lstrlenA
MultiByteToWideChar
CreateFileA
WriteFile
GetCurrentThread
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
Sleep
CloseHandle
ExitProcess
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
RaiseException
FreeLibrary
LoadLibraryA
GetTempPathA
GetProcAddress

user32

IsChild
GetCapture
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
IntersectRect
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SetWindowsHookExA
WinHelpA
GetNextDlgTabItem
GetDlgCtrlID
SetWindowContextHelpId
DefWindowProcA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DestroyWindow
GetAsyncKeyState
PtInRect
GetAncestor
SetWindowTextA
InvalidateRgn
GetParent
MapWindowPoints
SetWindowRgn
PostThreadMessageA
LoadBitmapA
InvalidateRect
PostMessageA
SetTimer
GetClientRect
KillTimer
IsWindowEnabled
EndDialog
ReleaseCapture
UpdateLayeredWindow
SetWindowPos
GetSystemMetrics
LoadIconA
GetWindowRect
CreateWindowExA
DialogBoxIndirectParamA
ShowWindow
FrameRect
InflateRect
FillRect
OffsetRect
GetSysColor
CopyRect
IsWindow
GetDC
ReleaseDC
GetWindow
MonitorFromWindow
SystemParametersInfoA
GetMonitorInfoA
wsprintfA
IsWindowVisible
IsIconic
SetForegroundWindow
CharUpperA
SendDlgItemMessageA
IsDialogMessageA
MoveWindow
SendMessageA
DrawTextA
LoadImageA
ValidateRect
GetCursorPos
GetActiveWindow
GetMessageA
GetDesktopWindow
PostQuitMessage
SetCursor
ShowOwnedPopups
GetWindowThreadProcessId
MessageBoxA
MapDialogRect
EnableWindow
RegisterWindowMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsRectEmpty
DrawIconEx
RegisterClipboardFormatA
CreateDialogIndirectParamA
UnpackDDElParam
ReuseDDElParam
DrawIcon
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
UnregisterClassA
DestroyMenu
GetMenuItemInfoA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
SetCapture
ClientToScreen
SetActiveWindow

gdi32

SetMapMode
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetTextExtentPoint32A
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
CreatePatternBrush
GetMapMode
GetDeviceCaps
CreateRectRgnIndirect
GetClipBox
CreateBitmap
GetObjectW
GetTextMetricsA
CreateRoundRectRgn
CreateDIBSection
MoveToEx
LineTo
CreatePen
SetBkColor
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetBkMode
SelectObject
Polygon
CreateSolidBrush
DeleteObject
GetStockObject
GetObjectA
CreateFontIndirectA
DeleteDC
SetTextColor

msimg32

GradientFill

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteValueA
IsTextUnicode
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
FreeSid
CheckTokenMembership
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
AllocateAndInitializeSid
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegEnumKeyExA

shell32

ShellExecuteA
DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFileInfoA
Shell_NotifyIconA
SHGetSpecialFolderPathA

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathRenameExtensionA
PathFindFileNameA
PathAppendA
SHDeleteKeyA
UrlUnescapeA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecA

oledlg

ord8

ole32

CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemFree
CLSIDFromString
CoUninitialize
CLSIDFromProgID

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayCreate
VariantCopy
SafeArrayGetUBound
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetQueryOptionA
InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
InternetOpenUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA

gdiplus

GdipAddPathArcI
GdipAddPathEllipseI
GdipCreatePath
GdipAlloc
GdipFree
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeletePath
GdipFillPath
GdipSetSmoothingMode
GdipCreateFromHDC
GdipFillEllipseI
GdipSetSolidFillColor
GdipDeleteStringFormat
GdipDeleteFont
GdipCreateLineBrush
GdipDeletePen
GdipDrawPath
GdipSetPenLineJoin
GdipClosePathFigure
GdipAddPathStringI
GdipSetInterpolationMode
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipCreateFont
GdipDrawImageRectRect
GdipDeleteBrush
GdipCloneBrush
GdipCreateSolidFill
GdipAddPathRectangleI
GdipGetImageHeight
GdipGetImageWidth
GdipDrawRectangleI
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipDisposeImageAttributes
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipCreateImageAttributes
GdipImageSelectActiveFrame
GdipSetPenEndCap
GdipSetPenStartCap
GdipDrawArcI
GdipSetPenColor
GdipCreatePen2
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipMeasureString
GdipSetStringFormatFlags
GdipDrawLine
GdipCreateTexture
GdipCreateLineBrushI
GdipDrawEllipseI
GdipFillRectangleI
GdiplusStartup
GdipCreatePen1

imm32

ImmAssociateContext

ws2_32

closesocket
__WSAFDIsSet
select
WSAGetLastError
ioctlsocket
send
recv
WSAEventSelect
WSASocketA
recvfrom
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
ntohs
gethostname
htonl
connect
inet_addr
htons
WSACreateEvent
WSACleanup
sendto
WSAStartup
socket

Sections

.text
Size: 559KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data30
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13.6MB - Virtual size: 13.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b69f4d4fbb62fcbc714339695d66898c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

imm32

ws2_32

Sections

.text Size: 559KB - Virtual size: 559KB

.rdata Size: 116KB - Virtual size: 116KB

.data Size: 14KB - Virtual size: 39KB

.data30 Size: 209KB - Virtual size: 209KB

.reloc Size: 32KB - Virtual size: 31KB

.rsrc Size: 13.6MB - Virtual size: 13.6MB

.text
Size: 559KB - Virtual size: 559KB

.rdata
Size: 116KB - Virtual size: 116KB

.data
Size: 14KB - Virtual size: 39KB

.data30
Size: 209KB - Virtual size: 209KB

.reloc
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 13.6MB - Virtual size: 13.6MB