c5d45a57d255cb333726f093403ab660e1f1aab8dbc5a73c1311a96bd8c6069b

Sharing

Copy URL Twitter E-mail

General

Target

c5d45a57d255cb333726f093403ab660e1f1aab8dbc5a73c1311a96bd8c6069b
Size

5.0MB
MD5

09cee6170b14bcdcfe30cf15212afb85
SHA1

d88247663574160750cc1cb5eb79ed1a65fc0686
SHA256

c5d45a57d255cb333726f093403ab660e1f1aab8dbc5a73c1311a96bd8c6069b
SHA512

3807aa40cf0e868908d65bff048256644dfece1e8135585f010826878587d584ebf4df726131f52549901b5380a9a58ef19169e0f7d99a56b74229e09c341500
SSDEEP

98304:JcLsuPSAop5/4URGRJtFxBr8EnUdDU+AkDuFYBVwsozN0LmSAxp:8q+kGXYEnkuFYBvozCAH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5d45a57d255cb333726f093403ab660e1f1aab8dbc5a73c1311a96bd8c6069b

Files

c5d45a57d255cb333726f093403ab660e1f1aab8dbc5a73c1311a96bd8c6069b
.exe windows:5 windows x86 arch:x86

1734e94aff7aa5fd6bf11679871ceaf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

ConvertThreadToFiber
ConvertFiberToThread
GetModuleHandleExW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetSystemTime
CreateFiber
DeleteFiber
SwitchToFiber
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
VerifyVersionInfoA
LoadLibraryA
GetSystemDirectoryA
FormatMessageA
WaitForMultipleObjects
PeekNamedPipe
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
SleepEx
lstrcmpiW
lstrcpynW
GlobalAlloc
SystemTimeToFileTime
LocalFileTimeToFileTime
FormatMessageW
VerSetConditionMask
VerifyVersionInfoW
MulDiv
GetACP
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceW
GlobalUnlock
GlobalLock
lstrlenW
GetCurrentDirectoryW
GetModuleFileNameA
GetDriveTypeW
GetModuleHandleA
GetExitCodeProcess
GetProcessId
ExitProcess
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
SetFileAttributesW
OpenProcess
GetEnvironmentVariableW
OutputDebugStringA
WritePrivateProfileStringW
GetDiskFreeSpaceExW
ReleaseMutex
GetLocaleInfoW
CreateMutexW
GetUserDefaultUILanguage
CopyFileW
GetFileSize
SwitchToThread
SetEndOfFile
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GetVersionExW
InterlockedIncrement
SetLastError
ReadFile
GetFileAttributesExW
GetFileAttributesW
GetPrivateProfileIntW
GetTickCount
ResetEvent
CreateThread
TerminateThread
SetEvent
lstrcpyW
LocalFree
LocalAlloc
InterlockedDecrement
SetUnhandledExceptionFilter
VirtualQuery
WideCharToMultiByte
GetModuleHandleW
CreateProcessW
GetProcessHeap
GetCurrentProcessId
DeleteCriticalSection
VirtualAllocEx
GetProcAddress
DecodePointer
GetLocalTime
HeapAlloc
RaiseException
CloseHandle
DeleteFileW
OutputDebugStringW
GetLastError
Sleep
GetPrivateProfileStringW
CreateEventW
DuplicateHandle
GetCurrentThreadId
CreateFileW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
EnumSystemLocalesW
IsValidLocale
WaitForSingleObject
FindClose
SetFilePointer
SetErrorMode
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetConsoleCP
SetStdHandle
VirtualAlloc
GetSystemInfo
HeapQueryInformation
SetConsoleCtrlHandler
SetFilePointerEx
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
LCMapStringW
GetCPInfo
QueryPerformanceFrequency
TryEnterCriticalSection
GetStringTypeW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameW
GetProfileIntW
GetTempPathW
InitializeCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
TerminateProcess
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
HeapFree
WriteProcessMemory
SearchPathW
GetWindowsDirectoryW
FindResourceExW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
VirtualProtect
GetCurrentThread
GlobalFlags
UnlockFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
EncodePointer
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
CompareStringW
ResumeThread
SetThreadPriority
GlobalSize
LocalReAlloc
GlobalFree
GlobalHandle
GlobalReAlloc
HeapSize
HeapReAlloc
FindFirstFileW
CreateDirectoryW
MultiByteToWideChar

user32

PostMessageW
ScreenToClient
UnregisterClassW
EnableWindow
OffsetRect
PtInRect
ReleaseCapture
GetSysColor
InvalidateRect
TranslateMessage
GetClientRect
IsZoomed
GetFocus
SetCapture
GetParent
GetSystemMetrics
LoadCursorW
RegisterClassW
GetClassInfoExW
CallWindowProcW
AdjustWindowRectEx
GetMenu
InflateRect
SetCursor
FillRect
InvalidateRgn
CreateAcceleratorTableW
GetCaretBlinkTime
GetGUIThreadInfo
ClientToScreen
SetParent
MonitorFromPoint
UpdateLayeredWindow
GetWindowRgn
DrawTextW
SetRect
CharPrevW
CreateCaret
ShowCaret
HideCaret
GetCaretPos
SetCaretPos
CreatePopupMenu
AppendMenuW
EnableMenuItem
DestroyMenu
IsWindowEnabled
EqualRect
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
wsprintfA
DrawTextA
MapVirtualKeyExW
GetKeyboardLayout
GetKeyNameTextW
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
KillTimer
PostQuitMessage
LoadMenuW
SetTimer
MonitorFromWindow
GetMonitorInfoW
SetWindowRgn
GetKeyState
CharNextW
ReleaseDC
MapWindowPoints
IntersectRect
IsWindowVisible
UnionRect
IsRectEmpty
GetUpdateRect
EndPaint
BeginPaint
SetFocus
GetWindow
GetActiveWindow
MoveWindow
GetWindowRect
SetWindowPos
SendMessageW
GetWindowPlacement
TrackPopupMenu
GetSubMenu
BringWindowToTop
LoadImageW
GetCursorPos
FindWindowW
SetForegroundWindow
GetPropW
RegisterClassExW
IsIconic
SetWindowLongW
GetWindowLongW
UpdateWindow
ShowWindow
CreateWindowExW
DestroyWindow
DefWindowProcW
RegisterWindowMessageW
PostThreadMessageW
SetWindowsHookExW
UnhookWindowsHookEx
IsWindow
SetPropW
GetMessageW
CallNextHookEx
GetDC
PeekMessageW
DispatchMessageW
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
ValidateRect
GetSysColorBrush
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessagePos
GetMessageTime
GetClassInfoW
IsMenu
IsChild
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
GetCapture
SetMenu
SetActiveWindow
GetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
RemovePropW
CopyRect
GetClassLongW
GetClassNameW
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
CheckDlgButton
IsDialogMessageW
DestroyIcon
CharUpperW
GetDesktopWindow
RealChildWindowFromPoint
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
GetMenuItemInfoW
SystemParametersInfoW
CopyImage
SendDlgItemMessageA
SetRectEmpty
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
ShowOwnedPopups
DeleteMenu
GetNextDlgGroupItem
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
InvertRect
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
DrawIcon
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
IsCharLowerW
ToUnicodeEx
GetKeyboardState
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
DestroyCursor
MessageBeep

gdi32

CopyMetaFileW
CreateDCW
CreateBitmap
CreateHatchBrush
RealizePalette
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
CreatePatternBrush
GdiFlush
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
SetTextColor
SetBkMode
LineTo
MoveToEx
CreatePenIndirect
CreateSolidBrush
SetStretchBltMode
StretchBlt
Escape
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
PtInRegion
CreateRectRgn
CreateDIBSection
GetPixel
PlayEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
GetEnhMetaFileHeader
CreateDIBitmap
GetTextMetricsW
CloseEnhMetaFile
CreateEnhMetaFileW
SetWindowOrgEx
Rectangle
RestoreDC
ExcludeClipRect
SaveDC
SelectObject
CreateCompatibleDC
DeleteDC
RemoveFontMemResourceEx
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
CreateRoundRectRgn
DeleteObject
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
GetBkColor
SetTextAlign
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExW
BitBlt
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CombineRgn
GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
LPtoDP
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreatePalette

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
MapGenericMask
DuplicateToken
GetFileSecurityW
OpenProcessToken
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
AccessCheck
AdjustTokenPrivileges
LookupPrivilegeValueW
DeregisterEventSource
RegisterEventSourceW
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
ReportEventW

shell32

Shell_NotifyIconW
ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW
SHGetFolderPathW
ShellExecuteW
SHGetFolderLocation
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
DragFinish

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
OleGetClipboard
CoInitializeEx
CoDisconnectObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateGuid
CoUninitialize
CoCreateInstance
CLSIDFromProgID
StringFromGUID2
OleDuplicateData
DoDragDrop
RegisterDragDrop
OleLockRunning
CLSIDFromString
ReleaseStgMedium
CreateStreamOnHGlobal

oleaut32

VariantCopy
VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
VariantChangeType
SysStringLen
VariantInit

msimg32

TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

shlwapi

PathAppendW
StrCmpNIW
StrCatW
PathGetDriveNumberW
PathBuildRootW
PathFindFileNameW
PathRemoveExtensionW
PathFileExistsW
PathIsDirectoryW
StrCmpIW
StrStrIW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetWindowTheme
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

crypt32

CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertFreeCertificateContext
CertCloseStore

ws2_32

getaddrinfo
freeaddrinfo
accept
listen
recvfrom
sendto
ioctlsocket
getnameinfo
shutdown
htonl
ntohl
WSAStartup
gethostbyname
gethostname
WSACleanup
WSAGetLastError
socket
__WSAFDIsSet
select
WSAIoctl
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
inet_addr

gdiplus

GdipGetFontCollectionFamilyCount
GdipDeleteFontFamily
GdipDeletePrivateFontCollection
GdipCreateFontFamilyFromName
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFamilyName
GdipCreateFont
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipFree
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipNewPrivateFontCollection
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipBitmapUnlockBits
GdipGetGenericFontFamilySansSerif
GdipGetImageGraphicsContext
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipImageSelectActiveFrame
GdipGetImageHeight
GdipGetImageWidth
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDrawString
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipDrawPath
ord1
GdipAddPathLine
GdipDrawRectangleI
GdipSetPenMode
GdipFillRectangleI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStream
GdipDrawEllipseI
GdipDeletePen
GdipCreatePen1
GdipDrawImageRectI
GdipSetClipPath
GdipAddPathEllipseI
GdipDeletePath
GdipCreatePath
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipPrivateAddMemoryFont
GdipDeleteFont
GdipGetImagePixelFormat

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

wldap32

ord143
ord217
ord46
ord211
ord60
ord50
ord41
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301

dbghelp

MiniDumpWriteDump

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 961KB - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QMGuid
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1734e94aff7aa5fd6bf11679871ceaf4

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

uxtheme

version

crypt32

ws2_32

gdiplus

imm32

winmm

wldap32

dbghelp

oleacc

winspool.drv

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 961KB - Virtual size: 960KB

.data Size: 99KB - Virtual size: 137KB

.QMGuid Size: 512B - Virtual size: 20B

.rsrc Size: 351KB - Virtual size: 350KB

.reloc Size: 245KB - Virtual size: 244KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 961KB - Virtual size: 960KB

.data
Size: 99KB - Virtual size: 137KB

.QMGuid
Size: 512B - Virtual size: 20B

.rsrc
Size: 351KB - Virtual size: 350KB

.reloc
Size: 245KB - Virtual size: 244KB