72aef7b5ca1613e218a23249977e7ef7

Sharing

Copy URL Twitter E-mail

General

Target

72aef7b5ca1613e218a23249977e7ef7
Size

683KB
MD5

72aef7b5ca1613e218a23249977e7ef7
SHA1

34fc28b686e7e09a08a6f9667566126b89402b54
SHA256

bc671cb9602ad2182d9eeca4e0ae18e77296b98975e84508300d699fe3c0a2b2
SHA512

6f4e00f42354fb7bbf1eb53ca09dca3a0d02de8aa8d20e38c0e35dcf232d1d12a53408042d57838f0545936b8e970c0d0ea0f2a6485838eb1571a1cdfe561dad
SSDEEP

12288:PNVZzT5cUa4YaOYgM5yMWeGNR0CXSc9Dxe86Gow/vHrrlIWEPSOQWshG8Z0el:PDZzyUa4TnF7CXScVxe86Gow3Hva0WsB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72aef7b5ca1613e218a23249977e7ef7

Files

72aef7b5ca1613e218a23249977e7ef7
.exe windows:5 windows x86 arch:x86

99f1d39b05d31f4d0cd08d9c1c8779ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

wininet

FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
DeleteUrlCacheEntryW
FindCloseUrlCache

netapi32

NetUseDel
NetUserEnum
NetApiBufferFree

kernel32

GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
SetErrorMode
GetStartupInfoW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
SetEnvironmentVariableW
SetCurrentDirectoryW
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsGetValue
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringW
GetTimeFormatA
GetDateFormatA
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
GetDriveTypeA
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetExitCodeProcess
SetEnvironmentVariableA
GetProcessHeap
CreateFileA
GetCurrentDirectoryW
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFileTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
lstrlenA
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
MoveFileW
FindClose
GetModuleHandleA
FormatMessageW
MulDiv
GlobalUnlock
SuspendThread
ResumeThread
FreeResource
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GetModuleHandleW
WideCharToMultiByte
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
SetVolumeLabelW
GetDiskFreeSpaceW
GetDriveTypeW
CreateDirectoryW
GetFileSizeEx
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
lstrlenW
GetProcAddress
LoadLibraryW
FreeLibrary
GetVersionExW
InterlockedDecrement
SetFileAttributesW
GlobalReAlloc
LocalFree
GetCurrentProcessId
DeleteFileW
GetWindowsDirectoryW
CloseHandle
FindNextFileW
RemoveDirectoryW
CreateEventW
LocalAlloc
ResetEvent
GlobalFree
VirtualAllocEx
GetLongPathNameW
GetLastError
GetPrivateProfileIntW
GetTempPathW
WritePrivateProfileStringW
SetThreadPriority
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
ReadFile
TerminateProcess
GetFileAttributesW
ReadProcessMemory
CopyFileW
Sleep
VirtualFreeEx
GetSystemDirectoryW
GlobalAlloc
OpenProcess
WriteFile
GetPrivateProfileStringW
GetCurrentThread
GetTickCount
OutputDebugStringW
SetEvent
GetComputerNameW
WaitForSingleObject
GetCurrentProcess
CreateProcessW
SetFilePointer
FindFirstFileW
GetCommandLineW
LockResource
SizeofResource
LoadResource
FindResourceW
SetHandleCount

user32

UnregisterClassW
DestroyMenu
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
CharUpperW
GetWindowTextLengthW
SetFocus
GetWindowThreadProcessId
EnableWindow
SendMessageW
GetSystemMetrics
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetWindow
SetWindowContextHelpId
RegisterClipboardFormatW
MapDialogRect
GetWindowLongW
PostThreadMessageW
EqualRect
FindWindowExW
EnumChildWindows
SetWindowPos
GetDesktopWindow
ReleaseDC
GetClassNameW
GetWindowTextW
LoadIconW
GetDC
EnumWindows
ExitWindowsEx
GetClientRect
FindWindowW
DrawIcon
SetForegroundWindow
KillTimer
PostMessageW
IsIconic
PostQuitMessage
GetWindowRect
SetTimer
keybd_event
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetCursor
MessageBoxW
IsWindowEnabled
GetLastActivePopup

gdi32

GetRgnBox
GetTextColor
CreateRectRgnIndirect
GetBkColor
DeleteDC
ExtTextOutW
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
StretchBlt
GetDIBits
CreatePalette
CreateCompatibleDC
CreateCompatibleBitmap
RealizePalette
SelectPalette
GetObjectW
GetSystemPaletteEntries
GetMapMode
GetStockObject
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
Escape

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

FreeSid
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
CloseEventLog
RegSetValueExW
RegCloseKey
QueryServiceConfigW
ClearEventLogW
AdjustTokenPrivileges
ControlService
RegOpenKeyExW
CloseServiceHandle
SetEntriesInAclW
AllocateAndInitializeSid
RegDeleteValueW
QueryServiceStatus
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegDeleteKeyW
InitializeSecurityDescriptor
RegOpenKeyW
RegQueryValueExW
RegCreateKeyW
OpenServiceW
OpenEventLogW
OpenSCManagerW
DeleteService
OpenProcessToken

shell32

ShellExecuteW
SHGetFolderPathW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleInitialize
OleUninitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SystemTimeToVariantTime
SafeArrayDestroy
OleCreateFontIndirect
VarUdateFromDate
VariantTimeToSystemTime

Sections

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99f1d39b05d31f4d0cd08d9c1c8779ad

Headers

DLL Characteristics

File Characteristics

Imports

psapi

wininet

netapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 412KB - Virtual size: 412KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 129KB - Virtual size: 129KB

.text
Size: 412KB - Virtual size: 412KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 129KB - Virtual size: 129KB