0ad926a39a74234514275af3af8d834d9b18074a123034867f97faead21cebf3

Sharing

Copy URL Twitter E-mail

General

Target

0ad926a39a74234514275af3af8d834d9b18074a123034867f97faead21cebf3
Size

3.6MB
MD5

016daab1aa87ca4ac023cf6fab6e847d
SHA1

c578b84af47e8f2cf9a9a842c28dce3322851a26
SHA256

0ad926a39a74234514275af3af8d834d9b18074a123034867f97faead21cebf3
SHA512

52cf5ba99df4efe70f3d7c2e595f712682fa36fac8dfd8a95d709dd84ee54542fa0c4a1fb7b4f2d932f41200cf709307e1fe48f002b4a96c3a4c84da3a541a06
SSDEEP

98304:fl5vPPC5lVxwcGpoICExTpEvs5HXV+onSDxL:d5n63VxoPXV+oSlL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ad926a39a74234514275af3af8d834d9b18074a123034867f97faead21cebf3

Files

0ad926a39a74234514275af3af8d834d9b18074a123034867f97faead21cebf3
.exe windows:6 windows x86 arch:x86

35d7a06f09ced7bcfabfbde28445475e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
QueryPerformanceFrequency
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
SetCurrentDirectoryW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
EnumSystemLocalesW
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
FindResourceExW
Sleep
SearchPathW
GetProfileIntW
GetTickCount
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
LocalUnlock
LocalLock
GetCurrentDirectoryW
SetErrorMode
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
VirtualProtect
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToFileTime
GetAtomNameW
GlobalGetAtomNameW
GetTempPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
CompareStringA
lstrcmpA
GetVersionExW
GetCurrentThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
MultiByteToWideChar
VerifyVersionInfoW
VerSetConditionMask
InitializeCriticalSectionAndSpinCount
lstrcpyW
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GlobalFree
GetWindowsDirectoryW
TerminateProcess
OpenProcess
GetLastError
CreateMutexW
WaitForSingleObject
CreateProcessW
GetCurrentProcessId
WideCharToMultiByte
GetModuleHandleW
WritePrivateProfileStringW
GetModuleFileNameW
GetDiskFreeSpaceExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetVersion
CloseHandle
GetCurrentProcess
SizeofResource
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
GetModuleHandleExW
WriteConsoleW

user32

IsRectEmpty
DrawFocusRect
SetWindowRgn
DrawFrameControl
DrawEdge
TrackMouseEvent
ShowOwnedPopups
TranslateMessage
GetMessageW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
CharUpperW
GetMenuItemInfoW
DestroyMenu
IntersectRect
LoadMenuW
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
EqualRect
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
ToUnicodeEx
GetKeyboardLayout
GetAsyncKeyState
MonitorFromPoint
EnableWindow
SendMessageW
GetWindowRect
InvalidateRect
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
GetSysColorBrush
MapWindowPoints
SetLayeredWindowAttributes
GetClassInfoW
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
IsZoomed
SetCapture
ReleaseCapture
SetTimer
KillTimer
DeleteMenu
MessageBeep
WindowFromPoint
DefWindowProcW
OffsetRect
SetRectEmpty
NotifyWinEvent
SetCursorPos
SetRect
SetParent
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
SetClassLongW
CopyImage
RealChildWindowFromPoint
DrawIconEx
LoadBitmapW
GetClientRect
GetClassNameW
IsChild
GetWindowLongW
SetWindowLongW
SetWindowPos
GetWindow
GetCursorPos
ScreenToClient
PtInRect
GetParent
DestroyIcon
LoadImageW
CopyRect
DrawStateW
LoadIconW
GetSystemMenu
AppendMenuW
IsIconic
GetSystemMetrics
DrawIcon
GetDC
GetDesktopWindow
PostMessageW
wsprintfW
SetForegroundWindow
GetSysColor
LoadCursorW
ShowWindow
FrameRect
PostThreadMessageW
InflateRect
RedrawWindow
CopyIcon
SetCursor
LoadStringW
UpdateWindow
SendNotifyMessageW
UnregisterClassW
SendDlgItemMessageA
UnionRect
GetDoubleClickTime
SetMenuDefaultItem
ModifyMenuW
IsCharLowerW
MapVirtualKeyExW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
CharUpperBuffW
UpdateLayeredWindow
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetUpdateRect
SubtractRect
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetComboBoxInfo
DestroyCursor
EnumChildWindows
GetWindowRgn
GetDCEx
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetKeyNameTextW
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
GetNextDlgGroupItem
InvalidateRgn
CharNextW
GetTabbedTextExtentW
IsClipboardFormatAvailable
WaitMessage
GetDialogBaseUnits

gdi32

CreatePatternBrush
CreateRectRgnIndirect
DeleteObject
EnumFontFamiliesW
GetDeviceCaps
GetTextCharsetInfo
CopyMetaFileW
CreateDCW
SetBkColor
SetTextColor
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
CreateDIBitmap
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
PatBlt
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
CreateDIBSection
GetCurrentObject
GetCharWidthW
GetRgnBox
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
SetPixel
SetDIBColorTable
LPtoDP
OffsetRgn
EnumFontFamiliesExW
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
CreateFontW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
SetPixelV
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
AddFontResourceExW
RemoveFontResourceW
DeleteDC
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
Rectangle
GetMapMode
CreatePalette
SetDIBitsToDevice
StretchDIBits
RoundRect
CreatePen
CreateSolidBrush
RealizePalette
BitBlt
StretchBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
ExtTextOutW
GetDIBits
GetObjectW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
GetJobW
OpenPrinterW

advapi32

RegEnumKeyExW
GetTokenInformation
AllocateAndInitializeSid
SetFileSecurityW
GetFileSecurityW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueW
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
FreeSid
EqualSid

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder
SHAddToRecentDocs
ShellExecuteExW
DragFinish
DragQueryFileW
SHAppBarMessage
ExtractIconW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathIsFileSpecW
PathIsRootW
PathIsNetworkPathW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
StrFormatKBSizeW

uxtheme

IsAppThemed
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
GetThemePartSize

ole32

OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
OleRun
CoFreeUnusedLibraries
OleSetMenuDescriptor
OleGetClipboard
CoRegisterMessageFilter
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
CoInitializeEx
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
PropVariantCopy
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleCreateLinkToFile
OleCreateFromFile
CoDisconnectObject
StringFromGUID2
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
StringFromCLSID
OleUninitialize
OleInitialize
CoTaskMemFree
CreateStreamOnHGlobal
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
CoRegisterClassObject
CoRevokeClassObject
OleQueryCreateFromData
OleQueryLinkFromData
DoDragDrop
CoCreateGuid

oleaut32

LoadRegTypeLi
LoadTypeLi
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
OleCreateFontIndirect
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
RegisterTypeLi
SysReAllocStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocString
SysFreeString
SafeArrayGetUBound
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDrawImageRectI
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipDeleteGraphics
GdipCreateFromHDC
GdipBitmapLockBits
GdipCreateBitmapFromFileICM
GdipGetImageHeight

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 565KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35d7a06f09ced7bcfabfbde28445475e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 565KB - Virtual size: 564KB

.data Size: 32KB - Virtual size: 52KB

.rsrc Size: 424KB - Virtual size: 423KB

.reloc Size: 204KB - Virtual size: 204KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 565KB - Virtual size: 564KB

.data
Size: 32KB - Virtual size: 52KB

.rsrc
Size: 424KB - Virtual size: 423KB

.reloc
Size: 204KB - Virtual size: 204KB