fb13a37fee1166a41cc56ff9b5b4969b86b3bbebd04a6e29f22eec40271acb0d

Sharing

Copy URL

Twitter E-mail

General

Target

fb13a37fee1166a41cc56ff9b5b4969b86b3bbebd04a6e29f22eec40271acb0d
Size

2.5MB
MD5

45e33f0cc829f2b29a94bca7d4cfe409
SHA1

24906be653d1b7c2d049c6d0317912cc7d89eac2
SHA256

fb13a37fee1166a41cc56ff9b5b4969b86b3bbebd04a6e29f22eec40271acb0d
SHA512

d560b8185da8de99c270503838f340ca72c8a1cab4f5fa7dc0ef3bc22e5d0dd63e8f1e171fe2c8755a787777325e42cf944d80d67dd97b8bcc5e19beda73444c
SSDEEP

49152:hfajYdJBZO8Vt99U0kJanecCF1ks3rOL5CvKHEw/23HWZjzJHALjcucisuxU04ba:hfc8JO8Vt99UVJanecO1ks3SL5rHl23j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb13a37fee1166a41cc56ff9b5b4969b86b3bbebd04a6e29f22eec40271acb0d

Files

fb13a37fee1166a41cc56ff9b5b4969b86b3bbebd04a6e29f22eec40271acb0d
.exe windows:5 windows x86 arch:x86

b2a511d8a1354d93f04354001912db2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetTempFileNameA
GlobalHandle
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
InitializeCriticalSectionAndSpinCount
GetACP
GetCPInfo
GetOEMCP
GetTickCount
GetProfileIntA
SearchPathA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
VirtualProtect
GetWindowsDirectoryA
GetNumberFormatA
GetUserDefaultLCID
FindResourceExW
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetStdHandle
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
TlsFree
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsProcessorFeaturePresent
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
CompareStringW
GetTimeZoneInformation
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
WaitForSingleObject
ResumeThread
SetThreadPriority
FreeResource
GlobalAddAtomA
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
lstrcmpA
GetModuleHandleW
GetVersionExA
lstrcpyA
FreeLibrary
LoadLibraryW
ActivateActCtx
DeactivateActCtx
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetLastError
SetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
DecodePointer
EncodePointer
InterlockedIncrement
LocalReAlloc
TlsSetValue
FreeEnvironmentStringsW
TlsAlloc
LocalFileTimeToFileTime
GetCurrentDirectoryA
ReadFile
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
SetFilePointer
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
MultiByteToWideChar
Sleep
OpenProcess
WriteFile
GetCurrentThread
Process32First
InterlockedDecrement
lstrlenA
FindResourceA
CreateFileA
GetThreadContext
ExitProcess
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
GetTempPathA
FindResourceW

user32

LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
WaitMessage
DestroyIcon
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
DestroyMenu
IsMenu
GetMenuItemInfoA
SetMenuDefaultItem
GetMenuDefaultItem
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageA
LoadImageW
GetIconInfo
CopyIcon
GetDoubleClickTime
GetNextDlgGroupItem
GetUpdateRect
UnregisterClassA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
PostThreadMessageA
IsClipboardFormatAvailable
FrameRect
RegisterClipboardFormatA
CharUpperBuffA
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
InvertRect
HideCaret
DrawIcon
DestroyCursor
GetWindowRgn
IsZoomed
IsIconic
RealChildWindowFromPoint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetKeyboardState
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowLongA
GetClassNameA
InvalidateRect
UpdateWindow
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
ValidateRect
GetWindow
MapDialogRect
SetWindowPos
RegisterWindowMessageA
DrawIconEx
RedrawWindow
IsWindowVisible
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
FillRect
OffsetRect
InflateRect
IsRectEmpty
DrawStateA
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
IsWindow
ScreenToClient
ClientToScreen
GetWindowRect
PtInRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
PostMessageA
PostQuitMessage
GetSysColorBrush
LoadCursorA
GetClassInfoA
DefWindowProcA
MapWindowPoints
GetClientRect
LoadCursorW
SetLayeredWindowAttributes
GetSysColor
GetSystemMetrics
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
EnableWindow
LoadIconW
wsprintfA
GetKeyboardLayout
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
CharUpperA
MessageBeep
ReleaseCapture
SetCapture
KillTimer
SetTimer
GetSystemMenu
LoadMenuW
DeleteMenu
IntersectRect
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
CreateWindowExA
SetParent
IsChild

gdi32

CopyMetaFileA
CreateDCA
CreateBitmap
CreateDIBitmap
Rectangle
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetStockObject
CreatePen
CreateSolidBrush
CreatePatternBrush
CreateFontIndirectA
GetObjectA
CreateCompatibleBitmap
CreateRectRgnIndirect
CreateCompatibleDC
BitBlt
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
DeleteObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
CreateHatchBrush
CreateRectRgn
CreateEllipticRgn
CreatePolygonRgn
CombineRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
PatBlt
ExtTextOutA
GetTextExtentPoint32A
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
TextOutA
SetTextColor
ScaleViewportExtEx
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
MoveToEx
SetTextAlign
SelectPalette
GetObjectType
CreateDIBSection
CreateRoundRectRgn
OffsetRgn
GetRgnBox
SetRectRgn
DPtoLP
SetPixel
SetDIBColorTable
RealizePalette
StretchBlt
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
SetPixelV
GetTextFaceA
SetMapMode
SetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
SetROP2
GetDeviceCaps

advapi32

RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

DragQueryFileA
DragFinish
SHAppBarMessage
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA

ole32

DoDragDrop
CoInitializeEx
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
VarBstrFromDate

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipDrawImageI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 963KB - Virtual size: 962KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2a511d8a1354d93f04354001912db2f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 272KB - Virtual size: 272KB

.data Size: 26KB - Virtual size: 55KB

.rsrc Size: 963KB - Virtual size: 962KB

.reloc Size: 169KB - Virtual size: 168KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 272KB - Virtual size: 272KB

.data
Size: 26KB - Virtual size: 55KB

.rsrc
Size: 963KB - Virtual size: 962KB

.reloc
Size: 169KB - Virtual size: 168KB