c2bae2739a134476a622a11d900877bd

Sharing

Copy URL

Twitter E-mail

General

Target

c2bae2739a134476a622a11d900877bd
Size

866KB
MD5

c2bae2739a134476a622a11d900877bd
SHA1

18bdc9ad33dc4ced5f99d7116fe0a3451abecb99
SHA256

d1af58497b09d65a3dfdf2d0eff6f7ecafd0c19cf10faf47f24b18fb9a37b6a1
SHA512

0763a9f5ddad7eb057703ca47a44b5f76815320480bad3924c3717a99279026140948952801efa1c7f00aa9f90ecedf0359ee4fef91e949ecf613e980b8fd9f2
SSDEEP

12288:VahdOzPhXYgVkDK4Ot6WJC+ud4G3KcieBcxNoZMfPVfX7jsm4uHz9jR7Thcksaam:zXC+ulcxNd1fz/TThL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2bae2739a134476a622a11d900877bd

Files

c2bae2739a134476a622a11d900877bd
.exe windows:5 windows x86 arch:x86

d78b8ede8a2dea284d3e4187699714a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
LoadLibraryExW
GetFileSize
CreateFileW
InitializeCriticalSection
OutputDebugStringW
CopyFileW
DeleteFileW
GetSystemTimeAsFileTime
GetVersionExW
GetLocalTime
CreateDirectoryW
GetPrivateProfileStringW
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetCurrentProcessId
GlobalLock
GetModuleFileNameW
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
GetConsoleMode
GetConsoleCP
LCMapStringW
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileType
SetHandleCount
GetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
HeapAlloc
HeapFree
EncodePointer
DecodePointer
RtlUnwind
GetTickCount
GlobalUnlock
MulDiv
lstrcmpW
FreeResource
SetLastError
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetVersion
GetModuleHandleW
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCurrentThreadId
CreateThread
WideCharToMultiByte
lstrlenW
WriteFile
CreatePipe
lstrcpyW
lstrcatW
CreateProcessW
WaitForSingleObject
SizeofResource
ReadFile
CreateToolhelp32Snapshot
GetLastError
Process32FirstW
Process32NextW
CloseHandle
OpenProcess
TerminateProcess
Sleep
GetTempPathW
MoveFileW
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
QueryPerformanceCounter

user32

EqualRect
DrawFrameControl
SendMessageW
IsWindow
MessageBoxW
SetWindowLongW
LoadIconW
CreateWindowExW
MoveWindow
SetWindowPos
GetWindowRect
GetClientRect
InvalidateRect
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindow
DrawIconEx
OffsetRect
SetActiveWindow
EnableWindow
IsWindowEnabled
GetActiveWindow
SetWindowRgn
GetKeyState
ShowCursor
SetForegroundWindow
EnumWindows
SetTimer
PostThreadMessageW
SetPropW
PostMessageW
GetWindowLongW
DestroyIcon
FindWindowExW
GetDlgCtrlID
GetParent
GetClassInfoExW
LoadCursorW
CopyRect
SetRect
InflateRect
GetDlgItem
RegisterWindowMessageW
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
DefWindowProcW
UnregisterClassA
ShowWindow
GetPropW
CharNextW
ReleaseDC
GetDC
RegisterClassExW
GetSysColor
KillTimer
IsWindowVisible
DrawTextW
SetCursor
PtInRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
LoadImageW
LoadBitmapW
CreateAcceleratorTableW
SetFocus
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
IsChild
SetCapture
RedrawWindow
InvalidateRgn
ScreenToClient
ClientToScreen

gdi32

DeleteDC
GetStockObject
GetObjectW
CreateFontIndirectW
CreatePen
SetBkColor
ExtTextOutW
Rectangle
SelectClipRgn
SelectObject
BitBlt
SaveDC
DeleteObject
GetClipRgn
MoveToEx
LineTo
TextOutW
GetTextExtentPoint32W
CombineRgn
SetRectRgn
OffsetRgn
CreateDIBSection
CreateCompatibleDC
SetTextColor
StretchBlt
CreateBitmap
CreateCompatibleBitmap
GetDeviceCaps
CreateSolidBrush
SetBkMode
RectInRegion
RoundRect
RestoreDC
CreateRectRgn
CreateRectRgnIndirect

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

SHGetFileInfoA
ShellExecuteW

ole32

CoInitialize
CoUninitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantInit
SysStringLen
SysAllocStringLen
DispCallFunc
VarBstrCmp
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
SysAllocString
VarUI4FromStr
SysFreeString

shlwapi

StrToIntA
StrToIntW
PathFileExistsA

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromStream
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

wininet

HttpQueryInfoW
InternetReadFile
InternetOpenW
InternetOpenUrlW
InternetCloseHandle

iphlpapi

GetIfTable

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d78b8ede8a2dea284d3e4187699714a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

wininet

iphlpapi

Sections

.text Size: 262KB - Virtual size: 262KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 11KB - Virtual size: 22KB

.rsrc Size: 4.2MB - Virtual size: 4.2MB

.text
Size: 262KB - Virtual size: 262KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 11KB - Virtual size: 22KB

.rsrc
Size: 4.2MB - Virtual size: 4.2MB