66babccdfaa70673eaf6cf6d9bcadafd

Sharing

Copy URL Twitter E-mail

General

Target

66babccdfaa70673eaf6cf6d9bcadafd
Size

1.3MB
MD5

66babccdfaa70673eaf6cf6d9bcadafd
SHA1

605926fb6f2f872d38ac76d9a45aa1785905f491
SHA256

30b8d5664343bb074fbbcc9c6b50001286c371a9f05e50bf7cb6921fd227bd9f
SHA512

209df21f727c1cdee3b0e9fdb5fe3fa40781139d2c6af0d942c59497ac0defdc77eaa66e5a4a875e7be1790e965aaaf4b13a1e2b3997dd87f8468438dcf24864
SSDEEP

24576:6Fq2KH1eASRnupOdaNXL2hI3nQ5CJkGEqXzQ:0SaO3NdEqs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66babccdfaa70673eaf6cf6d9bcadafd

Files

66babccdfaa70673eaf6cf6d9bcadafd
.exe windows:5 windows x86 arch:x86

611894efcda322afa8666f77fd794886

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

inet_addr
gethostbyname
gethostname
WSACleanup
WSAStartup

winmm

joyGetPosEx
mciSendStringA
waveOutGetVolume
mixerGetDevCapsA
mixerGetLineInfoA
mixerSetControlDetails
waveOutSetVolume
mixerGetControlDetailsA
mixerGetLineControlsA
mixerOpen
joyGetDevCapsA
mixerClose

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ImageList_ReplaceIcon
ord6
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

psapi

GetProcessImageFileNameA
GetModuleFileNameExA
GetModuleBaseNameA

kernel32

FindNextFileA
FindClose
FileTimeToLocalFileTime
SetEnvironmentVariableA
Beep
OutputDebugStringA
CreateProcessA
GetFileAttributesA
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
GetEnvironmentVariableA
GetLocalTime
GetDateFormatA
GetTimeFormatA
GetDiskFreeSpaceA
SetVolumeLabelA
CreateFileA
DeviceIoControl
GetDriveTypeA
GetVolumeInformationA
CreateDirectoryA
ReadFile
GetACP
WriteFile
DeleteFileA
SetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameA
GetWindowsDirectoryA
GetTempPathA
GetFullPathNameA
GetShortPathNameA
LoadLibraryA
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
FindResourceA
CompareStringA
GetFullPathNameW
RemoveDirectoryA
CopyFileA
GetCurrentProcess
FormatMessageA
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
WritePrivateProfileSectionA
SetEndOfFile
GetFileType
GetStdHandle
SetFilePointerEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesA
LoadLibraryExA
GlobalSize
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RtlUnwind
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
HeapSize
HeapReAlloc
HeapQueryInformation
HeapFree
HeapAlloc
GetModuleFileNameA
FindFirstFileA
MoveFileA
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
RaiseException
GetCPInfo
GetVersionExW
GetModuleHandleA
GetProcAddress
GetLastError
CreateMutexA
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
lstrcmpiA
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetCurrentDirectoryA
GetSystemTimeAsFileTime
SetErrorMode
InitializeCriticalSection
SetCurrentDirectoryA
Sleep
GetTickCount
MulDiv
LoadLibraryExW
GetCommandLineA
GetCommandLineW
ExitProcess
GetStringTypeW
GetConsoleCP
GetModuleHandleExW
GetConsoleMode
GetProcessHeap
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
CreateFileW
WriteConsoleW
ReadConsoleW
QueryDosDeviceA
VirtualQuery
LCMapStringW

user32

CheckRadioButton
IntersectRect
PtInRect
CreateDialogIndirectParamA
CreateAcceleratorTableA
DestroyAcceleratorTable
InsertMenuItemA
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoA
IsMenu
GetMenuItemInfoA
CreateMenu
CreatePopupMenu
SetMenuInfo
AppendMenuA
DestroyMenu
TrackPopupMenuEx
CreateIconIndirect
GetDesktopWindow
CopyImage
CreateIconFromResourceEx
EnumClipboardFormats
GetWindow
BringWindowToTop
GetTopWindow
InvalidateRect
SetLayeredWindowAttributes
SetWindowPos
SetWindowRgn
SetFocus
GetGUIThreadInfo
SetActiveWindow
EnumChildWindows
MoveWindow
GetQueueStatus
GetWindowRect
GetClientRect
SystemParametersInfoA
AdjustWindowRectEx
DrawTextA
SetRect
GetIconInfo
SetWindowTextA
IsWindowVisible
MessageBoxA
CallWindowProcA
ChangeClipboardChain
SetClipboardViewer
LoadAcceleratorsA
EnableMenuItem
GetMenu
CreateWindowExA
RegisterClassExA
LoadCursorA
DestroyIcon
DestroyWindow
IsCharAlphaA
MapVirtualKeyA
MapVirtualKeyExA
SetMenu
GetWindowTextA
mouse_event
WindowFromPoint
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
PostMessageW
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutA
UnhookWindowsHookEx
SetWindowsHookExA
PostThreadMessageA
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
ToAsciiEx
GetKeyboardLayout
CallNextHookEx
CharLowerA
ReleaseDC
GetDC
OpenClipboard
GetClipboardData
GetClipboardFormatNameA
CloseClipboard
DefDlgProcA
GetClassLongA
GetMessagePos
UpdateWindow
GetAncestor
GetClassInfoExA
SendMessageW
SetParent
RedrawWindow
MapWindowPoints
RemovePropA
SetPropA
GetPropA
LoadImageA
SetClipboardData
EmptyClipboard
PostMessageA
FindWindowA
EndDialog
IsWindow
DispatchMessageA
TranslateMessage
ShowWindow
CountClipboardFormats
ExitWindowsEx
GetMenuStringA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetLastInputInfo
GetCursor
ClientToScreen
MessageBeep
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
DialogBoxParamA
SetForegroundWindow
DefWindowProcA
FillRect
DrawIconEx
GetSysColorBrush
GetSysColor
RegisterWindowMessageA
IsIconic
IsZoomed
SetWindowLongA
ScreenToClient
IsDialogMessageA
SendMessageA
IsWindowEnabled
GetWindowLongA
GetKeyState
TranslateAcceleratorA
KillTimer
PeekMessageA
GetFocus
GetClassNameA
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
SetTimer
GetParent
GetDlgCtrlID
CharUpperA
IsClipboardFormatAvailable
EnumWindows
FlashWindow
GetWindowTextLengthA
VkKeyScanExA
EnableWindow
CheckMenuItem

gdi32

SetBrushOrgEx
SetBkMode
GetCharABCWidthsA
GdiFlush
CreateDIBSection
FillRgn
GetClipRgn
GetClipBox
EnumFontFamiliesExA
ExcludeClipRect
SetTextColor
SetBkColor
GetPixel
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectA
GetTextMetricsA
GetTextFaceA
SelectObject
GetStockObject
CreateDCA
CreateSolidBrush
CreateFontA
CreatePatternBrush
GetDeviceCaps
DeleteObject

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
GetUserNameA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegConnectRegistryA

shell32

ExtractIconA
DragQueryPoint
SHEmptyRecycleBinA
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathA
ShellExecuteExA
Shell_NotifyIconA
DragFinish
DragQueryFileA

ole32

OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize
OleInitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SysFreeString
SafeArrayGetLBound
SafeArrayDestroy
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnlock
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayGetUBound
VariantCopyInd
SafeArrayCopy
SysAllocString
VariantChangeType
VariantClear
SafeArrayCreate
SysStringLen
GetActiveObject

Sections

.text
Size: 628KB - Virtual size: 627KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

611894efcda322afa8666f77fd794886

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 628KB - Virtual size: 627KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 10KB - Virtual size: 30KB

.rsrc Size: 613KB - Virtual size: 612KB

.text
Size: 628KB - Virtual size: 627KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 10KB - Virtual size: 30KB

.rsrc
Size: 613KB - Virtual size: 612KB