5014f045dd72bf470af7f4658d55eadd

Sharing

Copy URL Twitter E-mail

General

Target

5014f045dd72bf470af7f4658d55eadd
Size

3.4MB
MD5

5014f045dd72bf470af7f4658d55eadd
SHA1

7f29279192d50f704a6ba8ce98522e9e975e1130
SHA256

bc688fdcf219b7dc1ae3a7a4d5f96bcb2840d38f5e642394433f7761da4aa935
SHA512

14b7f0e1491b6ce12d26e1395271c2f21f38ec2d33dcc60ed792ca73445821b3f21536aaf2e61f6839c1d0d15b0164cdd0359d3af9664e171d7340234c510510
SSDEEP

49152:pCyvJsgcmXyXJDYjXqymtleSND3oj/QTMI2Bryt/J:pPKgVXydYDqymtle4D4jBI2Bet

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5014f045dd72bf470af7f4658d55eadd

Files

5014f045dd72bf470af7f4658d55eadd
.exe windows:5 windows x86 arch:x86

c788ab759a4b99ba7cc35f2eb34d165a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
VirtualProtect
GetProfileIntA
SearchPathA
GetSystemDirectoryW
LoadLibraryW
GetTempPathA
GetTempFileNameA
GetFileTime
GetFileSizeEx
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
FileTimeToLocalFileTime
FindNextFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GlobalGetAtomNameA
GlobalFindAtomA
LoadLibraryA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
WideCharToMultiByte
GlobalAddAtomA
HeapDestroy
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetCurrentProcessId
SetLastError
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
FileTimeToSystemTime
GetTickCount
UnmapViewOfFile
GetFileSize
LocalFileTimeToFileTime
lstrcpyA
ReadFile
GetFileAttributesA
WriteFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
CreateFileA
GetExitCodeThread
ResetEvent
SetThreadPriority
CreateEventA
TerminateThread
SetEvent
GetModuleFileNameA
CreateDirectoryA
EnterCriticalSection
LeaveCriticalSection
FindResourceExA
RemoveDirectoryA
FreeResource
CloseHandle
WaitForSingleObject
CreateProcessA
Sleep
GetModuleHandleA
GetProcAddress
OutputDebugStringA
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
GetLastError
CreateMutexA
SetCurrentDirectoryA
GlobalFree
GetCommandLineW
DeleteCriticalSection

user32

GetMenuState
GetMenuStringA
AppendMenuA
CheckDlgButton
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
wsprintfA
GrayStringA
FillRect
ScreenToClient
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
IsIconic
GetSystemMetrics
DrawIcon
PostMessageA
InvalidateRect
EnableWindow
GetSysColor
RedrawWindow
GetParent
DrawTextA
GetSysColorBrush
LoadCursorA
TabbedTextOutA
DrawTextExA
EndPaint
IsDialogMessageA
SetWindowTextA
GetDlgCtrlID
SetWindowLongA
MoveWindow
ShowWindow
SetFocus
SetWindowPos
GetWindowTextA
GetWindowTextLengthA
CopyRect
SetScrollPos
GetScrollPos
GetWindowRect
GetWindowPlacement
IntersectRect
GetMenu
CallWindowProcA
DefWindowProcA
PtInRect
SetWindowPlacement
UnpackDDElParam
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
UpdateWindow
ShowScrollBar
SetForegroundWindow
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
GetCapture
IsChild
RegisterWindowMessageA
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
PostQuitMessage
IsZoomed
MessageBeep
OffsetRect
SystemParametersInfoA
IsWindowVisible
SendMessageA
GetClientRect
LoadBitmapA
LoadIconA
WinHelpA
EndDialog
GetWindow
UnhookWindowsHookEx
ShowOwnedPopups
GetNextDlgTabItem
GetDlgItem
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetFocus
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SendDlgItemMessageA
SetCursor
CharUpperA
InflateRect
IsRectEmpty
SetWindowRgn
SetTimer
KillTimer
SetCapture
ReleaseCapture
WindowFromPoint
WaitMessage
DeleteMenu
SetRectEmpty
LoadMenuA
PostThreadMessageA
DestroyMenu
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsA
CreateAcceleratorTableA
NotifyWinEvent
CreatePopupMenu
SetParent
SetClassLongA
GetSystemMenu
IsMenu
BringWindowToTop
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatA
DrawStateA
OpenClipboard
CopyImage
DestroyIcon
LoadImageA
SetClipboardData
CloseClipboard
EmptyClipboard
UnregisterClassA
GetMenuItemInfoA
SetRect
InvalidateRgn
TranslateAcceleratorA
InsertMenuItemA
ReuseDDElParam
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
GetNextDlgGroupItem
SubtractRect
CopyIcon
CharUpperBuffA
GetUpdateRect
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
IsClipboardFormatAvailable
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
SetWindowContextHelpId
MapDialogRect
CharNextA
GetMenuItemID

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
SelectClipRgn
CreateRectRgn
GetPixel
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CreateEllipticRgn
Ellipse
OffsetRgn
GetRgnBox
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
GetTextExtentPoint32A
SetDIBColorTable
GetDIBits
RealizePalette
SetPixel
CreateDIBSection
CreatePolygonRgn
Polyline
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
CombineRgn
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileA
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
Rectangle
CreateSolidBrush
BitBlt
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetDCOrgEx
CreateCompatibleBitmap
LPtoDP
StretchBlt
GetObjectA
CreateFontA
PatBlt
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegEnumKeyExA
RegSetValueExA

shell32

ShellExecuteA
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteExA
SHCreateDirectoryExA
SHGetFileInfoA
SHGetPathFromIDListA

comctl32

ImageList_GetIconSize
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoInitializeEx
CoCreateInstance
OleDestroyMenuDescriptor

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocString
OleCreateFontIndirect

gdiplus

GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown

winmm

PlaySoundA
sndPlaySoundA
timeGetTime

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetSetOptionA
InternetQueryOptionA
InternetOpenA
InternetOpenUrlA

msvcp90

??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z

msvcr90

_endthreadex
setlocale
fread
_findclose
_findfirst64
mbstowcs
feof
strcat_s
strcpy_s
_mbscmp
fputs
ftell
fseek
remove
realloc
fflush
_mbsstr
fclose
fopen
atol
_beginthreadex
atoi
malloc
_purecall
_mbschr
_mbsinc
strnlen
sprintf_s
memmove_s
_vsnprintf
free
calloc
abort
_vscprintf
vsprintf_s
memcpy_s
_mbsicmp
fwrite
_mbsnbcpy_s
wcslen
wcscpy_s
strlen
_CxxThrowException
_resetstkoflw
_errno
labs
memset
_snprintf_s
_strdup
memcmp
_vsnprintf_s
_snscanf_s
strncpy_s
_mbsdec
_splitpath_s
_makepath_s
_mktime64
_fullpath
_ltoa_s
_msize
_expand
_ismbblead
_mbsnbcmp
_ismbcspace
_mbsicoll
memcpy
toupper
_mbsrchr
_mbscspn
abs
clock
_mbsspn
wcsncpy_s
_ultoa_s
strtoul
strtol
_ismbcdigit
_mbslwr_s
_mbsupr_s
wcscat_s
_endthread
_beginthread
floor
exp
cos
sin
sqrt
ceil
atan2
_stricmp
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
__CxxFrameHandler3
wcsnlen
_setmbcp

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c788ab759a4b99ba7cc35f2eb34d165a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

winmm

wininet

msvcp90

msvcr90

imm32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 273KB - Virtual size: 272KB

.data Size: 18KB - Virtual size: 40KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 144KB - Virtual size: 143KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 273KB - Virtual size: 272KB

.data
Size: 18KB - Virtual size: 40KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 144KB - Virtual size: 143KB