0df9635533f46079ded4e2f41aa75180

Sharing

Copy URL

Twitter E-mail

General

Target

0df9635533f46079ded4e2f41aa75180
Size

552KB
MD5

0df9635533f46079ded4e2f41aa75180
SHA1

e84dc00c265fd2596160d92db35afcabb9fd721c
SHA256

e59e1c288a445ddde1bd826470bd262b5d351ba83ea9d82ad8329157e3fcc37e
SHA512

eb4d28951fd98cd4713461beddd1ab1a44e2abefb11a29deea2d1977fbdaabc4b1b1a6b5d1bd5091a37d1ec8002f331797d348ea19a6594097f599bc08dd2f67
SSDEEP

12288:tPHFsiMMnMMMMMG7ydZOtY+KVb4zgR3Qt3Q3CX1LA6T:tNsiMMnMMMMMG7EZ2Y1Vb4zr4g1VT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0df9635533f46079ded4e2f41aa75180

Files

0df9635533f46079ded4e2f41aa75180
.exe windows:4 windows x86 arch:x86

4e956d2f00fc54f217dee64b3b2f2272

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
FileTimeToLocalFileTime
GetSystemTime
LCMapStringA
GetVersion
CreateDirectoryA
GetDriveTypeA
GetFileAttributesA
lstrcmpiA
WinExec
SetEnvironmentVariableA
GetFullPathNameA
ResetEvent
LCMapStringW
CompareStringW
LockFile
WideCharToMultiByte
CloseHandle
ReleaseSemaphore
HeapFree
SetLocalTime
GlobalUnlock
GetStringTypeA
InitializeCriticalSection
DeleteCriticalSection
SetCurrentDirectoryA
TerminateProcess
UnhandledExceptionFilter
IsBadCodePtr
lstrcmpiW
SetFilePointer
TlsSetValue
GetLocalTime
FindClose
GetModuleHandleA
lstrcpynA
CreateSemaphoreA
GetStdHandle
GlobalFree
VirtualProtect
VirtualQuery
HeapDestroy
GlobalHandle
RemoveDirectoryA
InterlockedIncrement
GetModuleFileNameW
SetFileTime
InterlockedDecrement
GetUserDefaultLCID
FreeEnvironmentStringsW
GetCPInfo
FormatMessageA
FreeResource
_lread
GetACP
_llseek
EnterCriticalSection
ResumeThread
GetProfileStringA
GetDateFormatA
GetLocaleInfoA
GetFileTime
SetHandleCount
GlobalLock
LoadLibraryExA
GetFileType
FileTimeToSystemTime
SystemTimeToFileTime
RaiseException
GetTickCount
GetVersionExA
SearchPathA
GetEnvironmentStrings
VirtualAlloc
HeapCreate
lstrlenA
GetVolumeInformationA
ExitThread
GetProcAddress
Sleep
GetCommandLineA
IsDBCSLeadByte
TlsAlloc
SetStdHandle
DuplicateHandle
GlobalAlloc
GetSystemDirectoryA
TlsGetValue
lstrcpyA
LoadResource
GetWindowsDirectoryA
UnlockFile
RtlUnwind
LoadLibraryA
GetTempPathA
FreeEnvironmentStringsA
GetSystemInfo
SetEvent
GetCurrentProcessId
HeapAlloc
CreateThread
CreateProcessA
FlushFileBuffers
GetCurrentProcess
GetExitCodeProcess
GetOEMCP
SetErrorMode
SetEndOfFile
MoveFileA
HeapReAlloc
LeaveCriticalSection
GetLastError
IsBadReadPtr
GetCurrentDirectoryA
VirtualFree
CreateEventA
GetTempFileNameA
GlobalAddAtomA
FlushInstructionCache
lstrcatA
GetStartupInfoA
GlobalSize
LockResource
GetSystemDefaultLCID
TlsFree
GlobalReAlloc
_lwrite
ExitProcess
CompareStringA
HeapSize
GetEnvironmentStringsW
FreeLibrary
SizeofResource
GetTimeZoneInformation
_lclose
GetSystemDefaultLangID
GetModuleFileNameA
SetFileAttributesA
GetUserDefaultLangID
GetStringTypeW
WaitForSingleObject
WriteFile
ReadFile
SetLastError
FormatMessageW
GetStringTypeExA
FindResourceA
DeleteFileA
FindFirstFileA
GetCurrentThreadId
lstrcmpA
CreateProcessW
MulDiv
GlobalDeleteAtom
FindNextFileA
GetShortPathNameA
CreateFileA

ole32

OleCreateFromData
OleGetAutoConvert
OleSave
OleSetMenuDescriptor
CoLockObjectExternal
CoCreateInstance
OleIsRunning
OleInitialize
StgOpenStorageOnILockBytes
RevokeDragDrop
StringFromCLSID
CoGetMalloc
OleCreateMenuDescriptor
OleLoad
CreateDataAdviseHolder
IIDFromString
OleDoAutoConvert
ReleaseStgMedium
OleFlushClipboard
OleLockRunning
OleCreateLinkFromData
WriteClassStg
CoRevokeClassObject
DoDragDrop
CoDisconnectObject
CreateOleAdviseHolder
StgIsStorageILockBytes
OleTranslateAccelerator
RegisterDragDrop
OleDuplicateData
StringFromGUID2
OleIsCurrentClipboard
OleRegGetUserType
OleGetIconOfClass
ReadClassStg
CreateILockBytesOnHGlobal
CoRegisterClassObject
OleQueryCreateFromData
OleSaveToStream
OleLoadFromStream
OleSetClipboard
MkParseDisplayName
OleCreateLinkToFile
IsAccelerator
StgOpenStorage
OleUninitialize
StgCreateDocfile
ReadClassStm
OleRun
OleGetClipboard
CoUnmarshalInterface
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
OleConvertIStorageToOLESTREAM
OleDestroyMenuDescriptor
OleConvertOLESTREAMToIStorage
CreateStreamOnHGlobal
CoMarshalInterface
GetClassFile
OleCreateFromFile
CoIsOle1Class
ProgIDFromCLSID
CLSIDFromProgID
BindMoniker
CoFreeUnusedLibraries
CLSIDFromString
OleQueryLinkFromData
OleCreateLink
CoGetClassObject
CreateBindCtx

ddraw

DirectDrawEnumerateA

olecli32

OleClone

user32

OffsetRect
GetMessageTime
GetCursorPos
TrackPopupMenu
ClipCursor
MessageBeep
CharToOemA
ScreenToClient
GetClassNameA
GetClipboardFormatNameA
SetPropA
DdeGetData
AttachThreadInput
GetSysColor
CallWindowProcA
GetUpdateRect
GetMessagePos
RegisterClassExA
GetCaretBlinkTime
GetUpdateRgn
SetWindowsHookExA
SetWindowLongA
MapWindowPoints
UpdateWindow
SetCursor
DrawFocusRect
SetWindowContextHelpId
GetIconInfo
GetAsyncKeyState
CopyRect
IsClipboardFormatAvailable
SetRect
DdeQueryStringA
PostMessageW
GetWindowTextA
InflateRect
IsWindow
SetParent
ReleaseDC
DrawTextA
GetMenuItemID
GetMenuState
GetCapture
ShowScrollBar
AdjustWindowRect
AdjustWindowRectEx
RegisterClassA
ClientToScreen
DestroyIcon
EnableMenuItem
DdeNameService
InvalidateRgn
RemovePropA
CopyAcceleratorTableA
VkKeyScanW
GetWindow
DeferWindowPos
DestroyCaret
FindWindowA
SystemParametersInfoA
EnumThreadWindows
DestroyWindow
ReleaseCapture
SetCapture
InsertMenuA
DdeCreateStringHandleA
DestroyCursor
DdeFreeDataHandle
GetParent
SetScrollRange
GetPropA
LoadCursorA
SetClipboardData
CharToOemBuffA
GetClipboardData
DdeGetLastError
InvalidateRect
PostMessageA
GetWindowRect
MessageBoxA
PtInRect
EqualRect
GetMenuStringA
WinHelpA
CreateCursor
WaitMessage
ModifyMenuA
DdeDisconnect
SendMessageA
CharLowerBuffA
TabbedTextOutA
IsIconic
LockWindowUpdate
GetClientRect
IsChild
DefMDIChildProcA
WindowFromPoint
MoveWindow
CharLowerA
CreateMenu
ShowWindow
DrawFrameControl
RemoveMenu
CharPrevA
CreateCaret
wsprintfA
CreateDialogParamA
CreateWindowExA
GetSubMenu
DefFrameProcA
IntersectRect
GetScrollPos
CharUpperA
DefWindowProcA
DdeAbandonTransaction
CreateAcceleratorTableA
GetKeyState
SetScrollInfo
CreatePopupMenu
DdeQueryConvInfo
PostThreadMessageA
SetMenuDefaultItem
HideCaret
TranslateMDISysAccel
SetForegroundWindow
BeginDeferWindowPos
keybd_event
CharUpperBuffW
IsZoomed
IsWindowEnabled
GetMenuItemInfoA
DispatchMessageA
SetTimer
PeekMessageA
IsRectEmpty
SetWindowPos
GetForegroundWindow
SetFocus
CreateIcon
SetMenu
GetKeyboardLayout
UnhookWindowsHookEx
GetDCEx
SetMenuItemInfoA
LoadBitmapA
GetActiveWindow
SetWindowTextA
DeleteMenu
SetWindowRgn
GetWindowRgn
GetCaretPos
MsgWaitForMultipleObjects
LoadAcceleratorsA
LoadImageA
GetWindowDC
FindWindowW
EndDeferWindowPos
GetWindowLongA
DdeUninitialize
LoadStringA
GetDesktopWindow
SetWindowsHookExW
SetCursorPos
ToAscii
WaitForInputIdle
GetKeyboardState
SendDlgItemMessageA
DdeClientTransaction
OpenClipboard
GetCursor
VkKeyScanA
DrawIcon
PeekMessageW
LoadIconA
FillRect
OemToCharA
SetCaretPos
MessageBoxIndirectA
DdeConnect
SubtractRect
GetMenuItemCount
GetSystemMetrics
DdeCmpStringHandles
EndDialog
GetDoubleClickTime
CharUpperBuffA
PostQuitMessage
GetWindowTextLengthA
EndPaint
GetTabbedTextExtentA
DdeCreateDataHandle
GetWindowThreadProcessId
DdePostAdvise
GetSystemMenu
GetDC
DdeFreeStringHandle
CloseClipboard
GetDlgItem
ShowCursor
GetFocus
SetActiveWindow
IsCharAlphaA
GetClassInfoA
BeginPaint
TranslateMessage
CharNextA
DestroyMenu
GetClassInfoExA
EnableWindow
FrameRect
CheckMenuItem
RegisterClipboardFormatA
DialogBoxParamA
DdeSetUserHandle
BringWindowToTop
SetDlgItemTextA
DrawMenuBar
IsDialogMessageA
SetScrollPos
GetScrollInfo
DdeInitializeA
IsWindowVisible
DestroyAcceleratorTable
EnumClipboardFormats
GetMenu
CallNextHookEx
UnregisterClassA
GetQueueStatus
SetKeyboardState
KillTimer
EmptyClipboard
CharLowerBuffW
GetLastActivePopup
ShowCaret
AppendMenuA

ws2_32

WSAConnect

advapi32

RegEnumValueA
RegEnumKeyA
AdjustTokenPrivileges
OpenProcessToken
InitializeSecurityDescriptor
RegisterEventSourceA
ReportEventA
RegSetValueA
RegCloseKey
RegCreateKeyW
RegEnumValueW
RegOpenKeyW
RegDeleteValueW
RegDeleteValueA
RegOpenKeyA
RegQueryInfoKeyA
RegQueryValueExW
RegOpenKeyExA
LookupPrivilegeValueA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyA
SetSecurityDescriptorDacl
RegEnumKeyW
DeregisterEventSource
RegSetValueExW
RegQueryValueA
RegDeleteKeyW
RegSetValueExA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e956d2f00fc54f217dee64b3b2f2272

Headers

File Characteristics

Imports

kernel32

ole32

ddraw

olecli32

user32

ws2_32

advapi32

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 96KB - Virtual size: 95KB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 84KB - Virtual size: 83KB

.data Size: 348KB - Virtual size: 2.0MB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 96KB - Virtual size: 95KB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 84KB - Virtual size: 83KB

.data
Size: 348KB - Virtual size: 2.0MB