3b5d280d33d16bdcf59c35ef70bc9e714bc1f3e3647f36eb390a52d6b511e668

Sharing

Copy URL Twitter E-mail

General

Target

3b5d280d33d16bdcf59c35ef70bc9e714bc1f3e3647f36eb390a52d6b511e668
Size

1.3MB
MD5

5159e925f398a117a32236c53a800dd8
SHA1

dd05129283aab5cbbb18f0235405a987342fbbe2
SHA256

3b5d280d33d16bdcf59c35ef70bc9e714bc1f3e3647f36eb390a52d6b511e668
SHA512

f8d3504904ac9655df12adda9ae90975f571039309e31f30d575e9b67d7b9c9acde212c193d03d55edba83da5bcbe0908d5e669064fa0f192b72651e197e8275
SSDEEP

24576:S8FioA+wiAFZQfPTvvuMlZ8HW+aREo4iPz6yZLr07YyKdxFywhZ:StMf7yaPV+YlR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b5d280d33d16bdcf59c35ef70bc9e714bc1f3e3647f36eb390a52d6b511e668

Files

3b5d280d33d16bdcf59c35ef70bc9e714bc1f3e3647f36eb390a52d6b511e668
.exe windows:4 windows x86 arch:x86

731fc786b974408dfd092d6944b86993

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
HeapDestroy
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
GetExitCodeProcess
CreateProcessA
SetStdHandle
GetVersionExA
HeapReAlloc
HeapSize
GetACP
RaiseException
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
TerminateProcess
ExitProcess
SetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryA
HeapAlloc
HeapFree
RtlUnwind
GetCurrentDirectoryA
SetErrorMode
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
GetDiskFreeSpaceA
GetProfileIntA
SearchPathA
GetTempPathA
GetTempFileNameA
GetPrivateProfileIntA
GlobalAlloc
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
FormatMessageA
LocalFree
GetModuleFileNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GlobalFree
lstrcpynA
GlobalLock
GlobalUnlock
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetVersion
CreateMutexA
ReleaseMutex
GetTickCount
GetProfileStringA
FindFirstFileA
FindNextFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
DeviceIoControl
lstrcatA
GetEnvironmentVariableA
GetPrivateProfileSectionA
_lopen
_lread
_llseek
_lclose
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcmpA
lstrcpyA
TerminateThread
CloseHandle
CreateThread
ReadFile
ClearCommError
WriteFile
WaitForSingleObject
GetOverlappedResult
CreateFileA
SetCommTimeouts
CreateEventA
GetCommState
SetCommState
SetupComm
lstrlenA
GetLastError
GetStringTypeW
_lwrite
OpenFile
_lcreat
SetEvent
Sleep

user32

GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckRadioButton
LoadIconA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
WindowFromPoint
UnhookWindowsHookEx
DestroyIcon
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetForegroundWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
SetTimer
LoadBitmapA
IsWindowVisible
MessageBeep
CreatePopupMenu
AppendMenuA
CheckMenuItem
GetAsyncKeyState
FindWindowA
GetLastActivePopup
SetForegroundWindow
IsIconic
ShowCursor
GetCursorPos
SetCursorPos
GetWindow
GetDC
UpdateWindow
ClipCursor
ScreenToClient
MessageBoxA
PostMessageA
wsprintfA
GetDCEx
ReleaseDC
LockWindowUpdate
ClientToScreen
SetRectEmpty
SetCursor
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetMenuStringA
InsertMenuA
GetClassNameA
GetSystemMenu
DeleteMenu
SetParent
LoadCursorA
SystemParametersInfoA
InvalidateRect
ReleaseCapture
GetMessagePos
PtInRect
GetClientRect
SetCapture
EnableWindow
SetRect
IsWindow
RedrawWindow
CopyRect
GetSysColorBrush
FillRect
GetTabbedTextExtentA
PostThreadMessageA
GetNextDlgGroupItem
CopyAcceleratorTableA
SetPropA
CharNextA
GetSystemMetrics
DrawFrameControl
InflateRect
OffsetRect
DrawEdge
DrawFocusRect
GetWindowRect
GetParent
SendMessageA
GetSysColor
UnionRect
LoadStringA
IsZoomed
DestroyCursor
RemoveMenu
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
wvsprintfA
CharUpperA
IsRectEmpty
InvertRect
GetMessageA
TranslateMessage
ValidateRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
DestroyMenu
GetDesktopWindow
TranslateAcceleratorA
LoadAcceleratorsA
KillTimer
EndDialog
GetActiveWindow
GetPropA
CreateDialogIndirectParamA
IsWindowEnabled

gdi32

CreatePenIndirect
RoundRect
CreateDCA
EndDoc
EndPage
RestoreDC
TextOutA
SaveDC
StartPage
StartDocA
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
GetROP2
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
ExtTextOutA
Escape
GetMapMode
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
GetTextMetricsA
LPtoDP
GetViewportOrgEx
AbortDoc
SetAbortProc
StretchDIBits
GetCharWidthA
CreateFontA
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetTextFaceA
GetWindowOrgEx
Arc
Polyline
CreatePolygonRgn
PtInRegion
GetStockObject
GetObjectA
SetStretchBltMode
StretchBlt
DeleteDC
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
Ellipse
BitBlt
SelectObject
PatBlt
CreateSolidBrush
CreateFontIndirectA
GetDeviceCaps
RealizePalette
CreatePen
GetTextExtentPoint32A
CreatePalette
GetTextExtentPointA
Rectangle

comdlg32

PrintDlgA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseColorA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegCloseKey
SetFileSecurityA
RegDeleteValueA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
ExtractIconA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
StringFromCLSID
CoTaskMemFree
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
CoDisconnectObject

olepro32

ord253

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringLen
VariantCopy
VariantClear
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
LoadTypeLi

Sections

.text
Size: 896KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gtide
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gidata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

731fc786b974408dfd092d6944b86993

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 896KB - Virtual size: 896KB

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 36KB - Virtual size: 133KB

_BSS Size: 4KB - Virtual size: 4KB

.rsrc Size: 136KB - Virtual size: 136KB

.gtide Size: 72KB - Virtual size: 72KB

.gdata Size: 12KB - Virtual size: 12KB

.gidata Size: 16KB - Virtual size: 16KB

.text
Size: 896KB - Virtual size: 896KB

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 36KB - Virtual size: 133KB

_BSS
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 136KB - Virtual size: 136KB

.gtide
Size: 72KB - Virtual size: 72KB

.gdata
Size: 12KB - Virtual size: 12KB

.gidata
Size: 16KB - Virtual size: 16KB