044cb36d8ed314fcbc9e01f6241488d476f2e428920100edff51abb6dac8c863

Sharing

Copy URL Twitter E-mail

General

Target

044cb36d8ed314fcbc9e01f6241488d476f2e428920100edff51abb6dac8c863
Size

3.5MB
MD5

30dcc276f72911279c633496bf4a723e
SHA1

9c3f87366117c80a35f2e98d97c795859a9ae742
SHA256

044cb36d8ed314fcbc9e01f6241488d476f2e428920100edff51abb6dac8c863
SHA512

5cacf9d61cda727e9fa3fc59252e0677b69f2249fbc7deff12dce776c046f287d48e3ff9894cc309d4c5871279f1d4512a87ac1613b0e2d2283b72ab1ae3bea5
SSDEEP

49152:EAhUjGLTXj7t/bYNodeWjPh5NKCh9CNDKXsrDFBQ2bkp2U+Qek:zUj8TT7tbYWdeWRrdX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044cb36d8ed314fcbc9e01f6241488d476f2e428920100edff51abb6dac8c863

Files

044cb36d8ed314fcbc9e01f6241488d476f2e428920100edff51abb6dac8c863
.exe windows:4 windows x86 arch:x86

68dff48a128e632c510255cc426d2387

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlAllocateHeap
RtlReAllocateHeap
RtlInitializeCriticalSection
RtlDeleteCriticalSection
NtdllDefWindowProc_A
RtlEnterCriticalSection
RtlLeaveCriticalSection
RtlSizeHeap
_allmul

kernel32

GetTickCount
DeleteFileA
ExpandEnvironmentStringsA
Sleep
GetProcessHeap
HeapFree
GlobalUnlock
GlobalReAlloc
FindFirstFileA
FindNextFileA
FindClose
lstrcpy
lstrcat
lstrlen
WinExec
GlobalSize
GlobalLock
GlobalFree
GetProcAddress
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetCurrentThreadId
ExitProcess
MulDiv
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GlobalAlloc
CreateEventA
SetEvent
GetProfileStringA
CreateThread
SetCurrentDirectoryA
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
WaitForMultipleObjects
TerminateThread
CreateMutexA
ReleaseMutex
SuspendThread
GetVersion
GetCommandLineA
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCurrentProcess
TerminateProcess
GetCPInfo
GetOEMCP
GetACP
UnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
GetStdHandle
SetHandleCount
TlsAlloc
TlsSetValue
GetLastError
TlsGetValue
SetLastError
GetVersionExA
GetEnvironmentVariableA
HeapCreate
HeapDestroy
WriteFile
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
MultiByteToWideChar
VirtualFree
VirtualAlloc
FlushFileBuffers
ReadFile
SetFilePointer
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
CompareStringW
CompareStringA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
CreateFileA
SetEndOfFile
RtlUnwind
lstrcpyn
FileTimeToLocalFileTime
FileTimeToSystemTime
DuplicateHandle
LockFile
UnlockFile
GetFullPathNameA
GetVolumeInformationA
FindResourceA
LoadResource
LockResource
GlobalFindAtomA
GlobalDeleteAtom
GlobalGetAtomNameA
lstrcmpi
GlobalAddAtomA
GetFileTime
GetFileSize
GetFileAttributesA
lstrcmp
GlobalFlags
WritePrivateProfileStringA
LocalAlloc
LocalFree
TlsFree
GlobalHandle
LocalReAlloc
GetCurrentThread
SetErrorMode
GetProcessVersion

user32

wsprintfA
GetSystemMetrics
GetCursorPos
MessageBoxA
SendMessageA
GetSysColor
GetWindowRect
InvalidateRect
RedrawWindow
IsWindowVisible
FillRect
GetClientRect
OffsetRect
PtInRect
GetParent
SetParent
LoadCursorA
IsRectEmpty
IsWindow
DestroyCursor
InflateRect
IntersectRect
SetRect
GetScrollRange
SetScrollPos
PostMessageA
ReleaseCapture
GetCapture
SetCapture
SetTimer
KillTimer
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
GetFocus
UpdateWindow
DestroyAcceleratorTable
IsChild
GetTopWindow
GetWindow
SetWindowPos
IsIconic
SetActiveWindow
DestroyMenu
SetFocus
PeekMessageA
GetWindowLongA
GetMenu
SetMenu
SetCursorPos
GetSystemMenu
DeleteMenu
GetClassInfoA
IsZoomed
SetWindowRgn
PostQuitMessage
EnableWindow
WinHelpA
CopyAcceleratorTableA
IsWindowEnabled
TranslateAccelerator
GetKeyState
SetCursor
SystemParametersInfoA
ShowWindow
LoadBitmapA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EqualRect
CreateMenu
CreateAcceleratorTableA
CreatePopupMenu
AppendMenuA
ModifyMenuA
CopyRect
DrawIconEx
CreateIconFromResourceEx
CreateIconFromResource
RegisterClipboardFormatA
SetRectEmpty
GetMessageA
DispatchMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClipboardData
WindowFromPoint
DrawFrameControl
DrawEdge
DrawFocusRect
GetDlgCtrlID
GetDC
ReleaseDC
TranslateMessage
TabbedTextOutA
DrawTextA
GrayStringA
GetWindowPlacement
CharUpperA
GetDlgItem
CreateDialogIndirectParamA
DestroyWindow
GetActiveWindow
EndDialog
GetNextDlgTabItem
SetWindowLongA
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetMessageTime
GetPropA
CallWindowProcA
RemovePropA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
SetWindowsHookExA
CreateWindowExA
GetWindowTextLengthA
GetWindowTextA
GetMenuItemCount
GetSubMenu
GetMenuItemID
RegisterClassA
GetScrollPos
SetScrollRange
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
LoadIconA
ScrollWindowEx
IsDialogMessage
SetWindowTextA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
ValidateRect
LoadStringA
GetSysColorBrush
GetWindowDC
BeginPaint
EndPaint
GetClassNameA
GetDesktopWindow
GetMenuCheckMarkDimensions
UnregisterClassA

gdi32

CreateFontIndirectA
GetStockObject
CreateSolidBrush
GetTextExtentPoint32A
CreateRectRgn
FillRgn
GetCurrentObject
CombineRgn
CreatePen
PatBlt
Rectangle
Ellipse
RoundRect
GetObjectA
CreateCompatibleDC
BitBlt
DPtoLP
CreateCompatibleBitmap
StartPage
EndPage
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
EndDoc
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetDeviceCaps
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
SelectPalette
RealizePalette
GetDIBits
GetSystemPaletteEntries
CreatePalette
StretchBlt
CreateDIBitmap
DeleteObject
SelectObject
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteDC
CreateBitmap
SetStretchBltMode
CreateDCA
LPtoDP
CreateRectRgnIndirect
SetBkColor
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
GetTextMetricsA

msvcrt

memcpy
strcmp

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegSetValueExA
RegCreateKeyExA
ElfOldestRecord

winmm

midiStreamRestart
midiStreamStop
midiOutReset
midiStreamClose
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiOutUnprepareHeader
waveOutGetNumDevs
waveOutOpen
waveOutClose
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutRestart

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

ShellExecuteA
Shell_NotifyIcon

ole32

CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

LoadTypeLib
RegisterTypeLib
UnRegisterTypeLib
VarUI2FromI1

comctl32

ImageList_Destroy
InitCommonControls

ws2_32

WSACleanup
WSAAsyncSelect
closesocket
ioctlsocket
recvfrom
recv
accept
getpeername
inet_ntoa
htonl

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 18.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mackt
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

68dff48a128e632c510255cc426d2387

Headers

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

msvcrt

advapi32

winmm

winspool.drv

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 96KB - Virtual size: 252KB

.rsrc Size: 284KB - Virtual size: 18.0MB

.mackt Size: 12KB - Virtual size: 12KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 96KB - Virtual size: 252KB

.rsrc
Size: 284KB - Virtual size: 18.0MB

.mackt
Size: 12KB - Virtual size: 12KB