db4370c732b02c3c9701df10d9f558c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

db4370c732b02c3c9701df10d9f558c0.exe
Size

2.1MB
MD5

db4370c732b02c3c9701df10d9f558c0
SHA1

cb4dfb62157cc1e83be39cd29c0698326c3ad510
SHA256

08872738ecca44e7d03ab403199601f2aa5844b93ff91c07ff26952edef4ee67
SHA512

51180f029e7f939bf38c5dcf09f2f55a742f4f70f9a07696a5048ce75f814ab4cc37698903549c6e6da18d2fdccc5fda7a86352429e6e62a392fda1820d7d19d
SSDEEP

49152:N5+bswWfK4TYcH/uWRWD7psx3JaJllsi5DRfc2MHPPJlYWVFr/OCLJF28uh8Vd:zLYcfuWRqpkJaJllf5DRfcPJlYIFr/OE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db4370c732b02c3c9701df10d9f558c0.exe

Files

db4370c732b02c3c9701df10d9f558c0.exe
.exe windows:5 windows x86 arch:x86

5086015fb4919802a0aabd7046c6a4b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetFeature
HidD_SetFeature
HidD_GetAttributes
HidD_GetHidGuid

kernel32

LCMapStringW
GetConsoleCP
GetConsoleMode
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
EnterCriticalSection
LeaveCriticalSection
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
WideCharToMultiByte
GetLastError
CreateFileW
GetStringTypeW
CloseHandle
ReadFile
WaitForSingleObject
WriteFile
Sleep
CancelIo
ResetEvent
CreateEventW
GetTickCount
GetPrivateProfileIntW
GetModuleFileNameW
FindFirstFileW
FindNextFileW
FindClose
WritePrivateProfileStringW
GetPrivateProfileStringW
MulDiv
FreeResource
CreateDirectoryW
GlobalSize
RemoveDirectoryW
CreateThread
CreateMutexW
ReleaseMutex
GetFileInformationByHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
HeapQueryInformation
ExitProcess
ExitThread
RaiseException
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
lstrcpyW
IsProcessorFeaturePresent
RtlUnwind
HeapReAlloc
DeleteCriticalSection
MultiByteToWideChar
LocalFree
DecodePointer
EncodePointer
HeapAlloc
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetCurrentDirectoryW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GlobalGetAtomNameW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetThreadLocale
lstrlenA
lstrcmpA
SuspendThread
FormatMessageW
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
FreeLibrary
GetProcAddress
CompareStringW
LoadLibraryW
lstrcmpW
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
SetLastError
GlobalFree
CopyFileW

user32

TranslateAcceleratorW
FrameRect
RegisterClipboardFormatW
LoadImageW
CopyImage
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
NotifyWinEvent
SetWindowRgn
GetSystemMenu
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableW
CharNextW
DeleteMenu
UnregisterClassW
RealChildWindowFromPoint
DestroyMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
GetSysColorBrush
IntersectRect
InflateRect
LoadMenuW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
CharUpperW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMessageW
ValidateRect
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
IsDialogMessageW
CheckDlgButton
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
InsertMenuItemW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
SetWindowPos
GetWindow
GetClassNameW
LoadBitmapW
UpdateWindow
FillRect
DrawStateW
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxW
GetMenuState
GetMenuItemID
InsertMenuW
RemoveMenu
OffsetRect
RedrawWindow
EndPaint
BeginPaint
CopyRect
GetCaretPos
PostQuitMessage
DrawIcon
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffW
PostThreadMessageW
WaitMessage
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsIconic
FindWindowW
KillTimer
UpdateLayeredWindow
GetClientRect
WindowFromPoint
ClientToScreen
ReleaseCapture
GetCapture
IsWindow
SetCapture
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
GetNextDlgTabItem
CreateMenu
IsRectEmpty
DefWindowProcW
GetClassInfoW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
EndDialog
DefFrameProcW
ReleaseDC
GetDC
GetSystemMetrics
SetWindowTextW
GetSubMenu
GetMenuItemCount
GetMenuItemInfoW
GetMenuStringW
AppendMenuW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
LoadCursorW
SetCursor
RegisterDeviceNotificationW
keybd_event
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetCursorPos
IsWindowVisible
InvalidateRect
EnableWindow
GetDlgCtrlID
GetFocus
GetParent
PostMessageW
GetWindowRect
ScreenToClient
SetTimer
LoadIconW
GetWindowLongW
SetWindowLongW
SystemParametersInfoW
PtInRect
SendMessageW
TranslateMessage

gdi32

SetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
SelectPalette
CreateDCW
CreatePen
SetTextColor
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
CreateSolidBrush
CopyMetaFileW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
CreateFontW
DeleteDC
GetDeviceCaps
CreateFontIndirectW
GetObjectW
GetStockObject
DeleteObject
PtInRegion
GetPixel
GetObjectType
CreateEllipticRgn

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHAppBarMessage
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

ole32

CoRevokeClassObject
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoCreateInstance
CoInitializeEx
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal

oleaut32

VariantClear
OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocString
SysStringLen
VariantInit
VariantChangeType
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipFillRectangleI
GdipGetImageHeight
GdipGetImageWidth
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipDrawPath
GdipFillPath
GdipClosePathFigure
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetGenericFontFamilySansSerif
GdipMeasureString
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDrawString
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipGetImageFlags
GdipCreateBitmapFromFile
GdipLoadImageFromStream
GdipCreateFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDrawRectangleI
GdipDeletePen
GdipCreatePen1
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneBitmapAreaI
GdipCloneImage
GdipDisposeImage
GdipFree
GdipAlloc

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5086015fb4919802a0aabd7046c6a4b2

Headers

DLL Characteristics

File Characteristics

Imports

hid

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

setupapi

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 26KB - Virtual size: 60KB

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 190KB - Virtual size: 189KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 26KB - Virtual size: 60KB

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 190KB - Virtual size: 189KB