5406036590a984cc1168a575c918b223a8eaafc25ca54eba60cf293d9bf2c0be

Sharing

Copy URL

Twitter E-mail

General

Target

5406036590a984cc1168a575c918b223a8eaafc25ca54eba60cf293d9bf2c0be
Size

6.1MB
MD5

63c67d664927cdb7e163bdb439cb242d
SHA1

9143e2b4bd33f53149f02acd9287f0508e4c0a08
SHA256

5406036590a984cc1168a575c918b223a8eaafc25ca54eba60cf293d9bf2c0be
SHA512

e25074ad31ad88654aa47ac8293fac94bb069f926d362bfd664027c1e76e8106151bf09b3a12cb2f31252097705d357d0db1b6a792a435ac9cddbba2f689d5a0
SSDEEP

49152:edwNM1El1BqxJ2wad9QFEDrdggFIt2sj3yXdaqy50QOsCkHfuxJX+nDfbttKIw57:edwknJ0/T1ePWEwjkE/bcI6aMwQIuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5406036590a984cc1168a575c918b223a8eaafc25ca54eba60cf293d9bf2c0be

Files

5406036590a984cc1168a575c918b223a8eaafc25ca54eba60cf293d9bf2c0be
.exe windows:6 windows x86 arch:x86

9d28eb56996caaa96b4405ed948ea230

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
RaiseException
LCMapStringEx
GetStringTypeW
RtlUnwind
GetModuleHandleExW
HeapValidate
GetSystemInfo
GetStdHandle
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
VirtualAlloc
VirtualQuery
IsValidCodePage
QueryPerformanceFrequency
HeapQueryInformation
GetFileType
WriteConsoleW
SetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
FindNextFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetTimeZoneInformation
CreateFileW
GetTempFileNameA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetTickCount64
FileTimeToSystemTime
GetCPInfo
GetOEMCP
GetTempPathA
VirtualProtect
GetProfileIntA
GetACP
lstrcmpiA
GetHandleInformation
DuplicateHandle
GetVolumeInformationA
UnlockFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetFileSize
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
SetErrorMode
GlobalFree
GlobalUnlock
FreeResource
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
WideCharToMultiByte
LoadLibraryW
FindResourceW
GetModuleFileNameW
OutputDebugStringA
WaitForSingleObject
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FindResourceExW
GetWindowsDirectoryA
SetEndOfFile
GetUserDefaultLCID
SystemTimeToFileTime
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SetFilePointer
SetFileTime
CreateDirectoryA
GetProcessHeap
ExitProcess
DeleteCriticalSection
GetProcAddress
GetThreadContext
DecodePointer
HeapAlloc
LoadResource
CloseHandle
HeapReAlloc
Process32Next
DeleteFileA
LockResource
LoadLibraryA
GetCurrentThread
CreateFileA
GetLastError
Sleep
MultiByteToWideChar
CreateToolhelp32Snapshot
HeapSize
GetModuleHandleA
FindResourceA
InitializeCriticalSectionEx
LeaveCriticalSection
WriteFile
EnterCriticalSection
SetLastError
HeapFree
Process32First
SizeofResource
SearchPathA
ReadFile

user32

TrackMouseEvent
CharUpperA
GetAsyncKeyState
ReleaseCapture
MessageBeep
SetCursorPos
SetRect
UnionRect
DestroyMenu
GetDoubleClickTime
GetIconInfo
CopyIcon
DestroyAcceleratorTable
SetClassLongA
RealChildWindowFromPoint
LoadAcceleratorsW
WaitMessage
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
CopyAcceleratorTableA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
CreateAcceleratorTableA
UpdateLayeredWindow
GetKeyNameTextA
SubtractRect
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
DestroyCursor
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
NotifyWinEvent
SetParent
WindowFromPoint
ClientToScreen
HideCaret
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
ReleaseDC
GetWindowDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
PostThreadMessageA
MonitorFromPoint
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
UnhookWindowsHookEx
GetTopWindow
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
GetClassNameA
EnumDisplayMonitors
GetMonitorInfoA
SystemParametersInfoA
LoadCursorW
LoadCursorA
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoA
DefWindowProcA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetFocus
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
IsMenu
GetWindow
SetWindowPos
MapDialogRect
TabbedTextOutA
PostMessageA
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
SetCursor
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
FillRect
GetSysColorBrush
GetSysColor
GetSystemMetrics
RegisterWindowMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
PostQuitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
UnregisterClassA
GetDC
wsprintfA
CopyImage
LoadImageW
LoadImageA
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
IntersectRect
GetClipboardFormatNameA
UnpackDDElParam
InvertRect
FrameRect
DrawFocusRect
DrawStateA
IsDialogMessageA
GrayStringA

gdi32

GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
ExtTextOutA
CopyMetaFileA
DeleteDC
EnumFontsW
CreateDCA
GetDeviceCaps
CreateBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetStockObject
GetObjectA
SetBkColor
SetTextColor
BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectA
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
DeleteObject
GetBoundsRect
GetBkColor
FrameRgn
ExtFloodFill
FillRgn
OffsetRgn
PatBlt
EnumFontFamiliesExA
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBSection
SetDIBColorTable
GetSystemPaletteEntries

msimg32

AlphaBlend
TransparentBlt

shlwapi

StrFormatKBSizeA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA

uxtheme

GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeText
IsAppThemed
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipDeleteGraphics
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA

ole32

OleLockRunning
RegisterDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoUninitialize
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CoCreateGuid
RevokeDragDrop
CoCreateInstance
CoInitialize
StringFromCLSID
CoTaskMemAlloc
CoInitializeEx
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree

oleaut32

SysAllocStringByteLen
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadTypeLi
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysStringLen
SysFreeString
VarBstrFromDate
SysAllocStringLen

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 483KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d28eb56996caaa96b4405ed948ea230

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

shlwapi

uxtheme

gdiplus

oleacc

imm32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 483KB - Virtual size: 482KB

.data Size: 21KB - Virtual size: 49KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 190KB - Virtual size: 189KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 483KB - Virtual size: 482KB

.data
Size: 21KB - Virtual size: 49KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 190KB - Virtual size: 189KB