25a6cc951f9c1f464359e7fe1ce47f3960fcb032ced3a7e1a84e0a514fa73a12

Sharing

Copy URL Twitter E-mail

General

Target

25a6cc951f9c1f464359e7fe1ce47f3960fcb032ced3a7e1a84e0a514fa73a12
Size

5.1MB
MD5

59ca16102516beadb03fbff6cce59103
SHA1

358e4147ab35eee62712e247855d650560389474
SHA256

25a6cc951f9c1f464359e7fe1ce47f3960fcb032ced3a7e1a84e0a514fa73a12
SHA512

3b35556916d4016e22d89af30a3f868670114fe65d8c2ba59e3c537666b3c7e4e36a0edb37a80ad711b6b6263c1e8b5ccb8790998123bd35a8000043eeffede7
SSDEEP

98304:2GVVMRiGYT319Psum8d+nH2tKnmnHHIQKyqg057mLoPMvluB0w6pf:luW+nWtBnl2gOmLoPMvluB0w6F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25a6cc951f9c1f464359e7fe1ce47f3960fcb032ced3a7e1a84e0a514fa73a12

Files

25a6cc951f9c1f464359e7fe1ce47f3960fcb032ced3a7e1a84e0a514fa73a12
.exe windows:5 windows x86 arch:x86

f13e33cb9dac4a79fadc4f6a463af933

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetConsoleMode
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableA
GetConsoleCP
LCMapStringA
GetStringTypeA
CreateFileA
WriteConsoleW
GetLocaleInfoA
LCMapStringW
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
VirtualFree
MultiByteToWideChar
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
HeapSize
RaiseException
HeapReAlloc
RtlUnwind
GetFileAttributesA
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
HeapAlloc
CreateThread
ExitThread
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
lstrcpyW
FileTimeToSystemTime
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
WaitForSingleObject
ResumeThread
SetThreadPriority
GetModuleHandleA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FormatMessageW
LocalFree
MulDiv
SetLastError
GetModuleHandleW
LocalAlloc
OutputDebugStringW
InterlockedIncrement
InterlockedDecrement
CopyFileW
GetSystemInfo
OutputDebugStringA
WriteFile
CreateFileW
GlobalSize
IsBadWritePtr
GetFileAttributesW
IsBadReadPtr
CreateDirectoryW
lstrcatW
GetTempPathW
GetLongPathNameW
GetShortPathNameW
GetModuleFileNameW
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryW
lstrlenA
WideCharToMultiByte
lstrlenW
CloseHandle
InterlockedExchange
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
GetCurrentThreadId
Sleep
GetPrivateProfileIntW
WritePrivateProfileStringW
GetCurrentDirectoryW
EnterCriticalSection
LeaveCriticalSection
GetLastError
CreateMutexW
FindResourceW
LoadResource
LockResource
SizeofResource
GetConsoleOutputCP

user32

InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextW
DestroyIcon
CopyImage
DrawStateW
RegisterClipboardFormatW
LockWindowUpdate
BringWindowToTop
IsRectEmpty
KillTimer
SetTimer
IsMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
SetRectEmpty
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
LoadCursorW
GetSysColorBrush
UnregisterClassW
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
CharUpperW
DestroyMenu
GetMenuItemInfoW
InflateRect
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetWindowContextHelpId
MapDialogRect
SystemParametersInfoW
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
ReuseDDElParam
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CopyRect
LoadIconW
SendMessageW
EnableWindow
GetSystemMenu
AppendMenuW
EnumChildWindows
UnpackDDElParam
DrawIconEx
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
DrawEdge
DrawFrameControl
DrawFocusRect
SetCursorPos
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerW
MapVirtualKeyExW
CharUpperBuffW
SendDlgItemMessageW
CheckDlgButton
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CopyIcon
WinHelpW
AttachThreadInput
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetWindowRect
LoadImageW
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
InvalidateRect
GetForegroundWindow
GetWindowThreadProcessId
SetFocus
GetKeyState
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
keybd_event
GetDC
ReleaseDC
GetWindowLongW
SetWindowLongW
GetFocus
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
UnhookWindowsHookEx
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
IsClipboardFormatAvailable

gdi32

ExtSelectClipRgn
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
CreateRectRgnIndirect
PatBlt
GetTextMetricsW
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
CombineRgn
GetBkColor
SetRectRgn
GetMapMode
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
MoveToEx
LineTo
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextCharacterExtra
Rectangle
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
GetDIBits
RealizePalette
SelectPalette
EndDoc
EndPage
CreateCompatibleBitmap
DPtoLP
StartPage
StartDocW
SetPixel
GetPixel
StretchBlt
GetDeviceCaps
GetTextExtentPoint32W
GetTextCharacterExtra
CreateDIBSection
SetDIBColorTable
SelectObject
DeleteDC
BitBlt
CreateCompatibleDC
GetObjectW
GetStockObject
CreateFontW
CreatePatternBrush
SetTextAlign

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

EnumPrintersW
DocumentPropertiesW
OpenPrinterW
ord204
ord203
ClosePrinter

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegQueryValueW

shell32

SHGetPathFromIDListW
SHGetFileInfoW
SHAppBarMessage
DragFinish
DragQueryFileW
ShellExecuteW
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoUninitialize
DoDragDrop
CLSIDFromProgID
OleDuplicateData
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CLSIDFromString
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

gdiplus

GdipGetImageHeight
GdipSaveImageToStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdiplusShutdown
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI

sqlite3

sqlite3_bind_blob
sqlite3_column_blob
sqlite3_exec
sqlite3_finalize
sqlite3_column_count
sqlite3_step
sqlite3_prepare
sqlite3_free
sqlite3_mprintf
sqlite3_close
sqlite3_errmsg
sqlite3_column_text
sqlite3_column_bytes
sqlite3_open_v2

libxl

xlCreateXMLBookW

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f13e33cb9dac4a79fadc4f6a463af933

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

sqlite3

libxl

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 300KB - Virtual size: 299KB

.data Size: 24KB - Virtual size: 52KB

.rsrc Size: 3.3MB - Virtual size: 3.3MB

.reloc Size: 156KB - Virtual size: 155KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 300KB - Virtual size: 299KB

.data
Size: 24KB - Virtual size: 52KB

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

.reloc
Size: 156KB - Virtual size: 155KB