4bea2517e6ab2713b2bbc12a8101ca8b2ae9355c3657175bb36b595c17a2eec0

Sharing

Copy URL

Twitter E-mail

General

Target

4bea2517e6ab2713b2bbc12a8101ca8b2ae9355c3657175bb36b595c17a2eec0
Size

9.2MB
MD5

8f6683165379ea8be7b42a8cab05783d
SHA1

9a1347cdaa0f0e32145791678b745e95442c3402
SHA256

4bea2517e6ab2713b2bbc12a8101ca8b2ae9355c3657175bb36b595c17a2eec0
SHA512

14ede6935ef87a6060a803b746b90d21e72a3cea3f27e4addc588850401b33947a0a9790f8bc5db9adf4fc20c6cbbc996a4c0483ab9afee0e14bcf35f73ada44
SSDEEP

98304:oIsq7ZHBfo9a+A0PQZM5zd/o9USsgkPAkIHfbH/Wb:6qkkZWBo9Hy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bea2517e6ab2713b2bbc12a8101ca8b2ae9355c3657175bb36b595c17a2eec0

Files

4bea2517e6ab2713b2bbc12a8101ca8b2ae9355c3657175bb36b595c17a2eec0
.exe windows:5 windows x86 arch:x86

a29aac4d3b915834471781375c0cb660

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
LoadLibraryExW
IsBadWritePtr
GetTempFileNameW
MoveFileA
lstrcmpiA
SetFilePointer
FreeResource
CompareStringA
GetFullPathNameA
InterlockedCompareExchange
InitializeCriticalSection
InterlockedExchange
FindResourceA
UnmapViewOfFile
CreateFileMappingA
GetFileSize
MapViewOfFile
GetModuleHandleA
LoadLibraryA
GetTempPathA
GetTempFileNameA
CreateFileA
DeleteFileA
OutputDebugStringA
GetVersionExA
lstrlenA
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
lstrcmpiW
WriteConsoleW
SetStdHandle
FlushFileBuffers
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleHandleW
SizeofResource
SetCurrentDirectoryW
HeapReAlloc
GlobalHandle
InterlockedIncrement
FindResourceW
LockResource
LoadResource
GlobalFree
InterlockedDecrement
GetDriveTypeW
SetErrorMode
HeapFree
GlobalMemoryStatus
GetVersionExW
GetLocaleInfoW
GetSystemDirectoryW
GetProcessHeap
HeapAlloc
FreeLibrary
GetProcAddress
LoadLibraryW
SetLastError
Sleep
GlobalUnlock
GlobalLock
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
GetModuleFileNameW
DecodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileType
LCMapStringW
CompareStringW
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCPInfo
GetOEMCP
IsValidCodePage
WriteFile
GetStdHandle
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
AreFileApisANSI
GetModuleHandleExW
ReadFile
RtlUnwind
GetCommandLineW
GetACP
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
OutputDebugStringW
ExitThread
GetTickCount
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
MultiByteToWideChar
GlobalAlloc
ExitProcess
LocalFree
FormatMessageW
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
DeleteFileW
MoveFileW
CopyFileW
CreateFileW
SetFileAttributesW
GetFileAttributesW
SetEndOfFile
GetLocalTime
GetFullPathNameW
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcessId
GetSystemInfo
CreateSemaphoreW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
CreateThread
SetEnvironmentVariableA

user32

SetTimer
EnumDisplaySettingsExW
GetClientRect
InvalidateRect
ReleaseDC
SendMessageW
GetFocus
SetCursorPos
FillRect
BeginPaint
EndPaint
GetSystemMetrics
ClientToScreen
ScreenToClient
GetAsyncKeyState
CharNextW
UnregisterClassW
SetWindowLongW
GetWindowLongW
CreateWindowExW
DestroyWindow
SetWindowTextW
GetWindowTextW
GetDC
AdjustWindowRectEx
ValidateRect
LoadImageW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
SetDlgItemTextW
SetCursor
GetCursor
CreateIconIndirect
DestroyIcon
FindWindowW
DialogBoxIndirectParamW
GetMessageW
PeekMessageW
IsIconic
EnumDisplayDevicesW
GetWindowPlacement
GetCursorPos
GetActiveWindow
AdjustWindowRect
EndDialog
ChangeDisplaySettingsExW
CallWindowProcW
RegisterWindowMessageW
DefWindowProcW
ReleaseCapture
CreateAcceleratorTableW
GetDesktopWindow
DestroyAcceleratorTable
GetSysColor
RegisterClassExW
LoadCursorW
GetClassInfoExW
GetClassNameW
IsWindow
GetDlgItem
GetParent
IsChild
GetWindow
SetFocus
SetCapture
GetKeyState
MessageBoxW
WaitForInputIdle
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetWindowRect
IsDialogMessageW
TranslateMessage
DispatchMessageW
LoadIconW
GetPropW
SetPropW
RemovePropW
PostQuitMessage
SetActiveWindow
IsWindowEnabled
SetClassLongW
GetMenu
SetMenu
PostMessageW
UpdateWindow
MonitorFromPoint
GetMonitorInfoW
SystemParametersInfoW
CreateDialogParamW
CreateDialogIndirectParamW
DialogBoxParamW
ShowScrollBar
CreateMenu
DestroyMenu
GetMenuItemCount
InsertMenuItemW
RemoveMenu
CheckMenuItem
GetMenuState
CreatePopupMenu
TrackPopupMenu
EnableWindow
RedrawWindow
ShowWindow
InvalidateRgn
SetWindowPos
MoveWindow
GetWindowTextLengthW

gdi32

SetTextColor
BitBlt
CreateSolidBrush
CreateCompatibleDC
DeleteDC
CreateFontIndirectW
DeleteObject
SetBkMode
GetTextExtentPoint32W
SelectObject
TextOutW
GetTextMetricsW
EnumFontFamiliesExW
GdiFlush
CreateDIBSection
AddFontResourceExW
AddFontMemResourceEx
SetStretchBltMode
StretchBlt
CreateBitmap
GetDeviceCaps
GetStockObject
CreateCompatibleBitmap
GetObjectW
CreateFontW
ExtTextOutW
MoveToEx
ExtTextOutA
SetMapMode
SetTextAlign
CreateFontIndirectA
GetFontLanguageInfo
SetBkColor
GetCharacterPlacementW
GetCharacterPlacementA
GetGlyphOutlineA
GetTextMetricsA
GetObjectA
GetGlyphOutlineW

advapi32

RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
GetUserNameA
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
RegOpenKeyA

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetFolderPathW
DragFinish
DragQueryFileW
ShellExecuteExW

ole32

CoTaskMemRealloc
CoUninitialize
CoInitialize
CoSetProxyBlanket
OleUninitialize
OleInitialize
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CreateStreamOnHGlobal
CLSIDFromString
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantCopy
VariantChangeType
DispCallFunc
VarUI4FromStr

winmm

mmioSetInfo
mmioGetInfo
mmioClose
mmioSeek
timeGetTime
mciSendStringW
mciGetErrorStringW
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
mmioAscend
mmioRead
mmioDescend
mmioOpenW
mmioAdvance

comctl32

CreateStatusWindowW
InitCommonControlsEx

dsound

ord3
ord1

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

imm32

ImmAssociateContext

d3d9

Direct3DCreate9

comdlg32

GetOpenFileNameW
GetSaveFileNameW

ws2_32

WSACleanup
closesocket

Sections

.text
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 678KB - Virtual size: 677KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 290KB - Virtual size: 67.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a29aac4d3b915834471781375c0cb660

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

comctl32

dsound

wininet

version

imm32

d3d9

comdlg32

ws2_32

Sections

.text Size: 6.6MB - Virtual size: 6.6MB

.rdata Size: 678KB - Virtual size: 677KB

.data Size: 290KB - Virtual size: 67.5MB

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 347KB - Virtual size: 347KB

.text
Size: 6.6MB - Virtual size: 6.6MB

.rdata
Size: 678KB - Virtual size: 677KB

.data
Size: 290KB - Virtual size: 67.5MB

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 347KB - Virtual size: 347KB