2265034a40e6f562a571eeec3f148bea

Sharing

Copy URL

Twitter E-mail

General

Target

2265034a40e6f562a571eeec3f148bea
Size

5.7MB
MD5

2265034a40e6f562a571eeec3f148bea
SHA1

32ec20d688869ed638122acaedc449ff4b079bd8
SHA256

ece7d2b7f2db18db370bdfadd75e8ec31bab1d8f2626dfd77e1016e80ea932c9
SHA512

2f4572363cecd22a6fbba245f3df021c17a8e3149c496c13f18d55ada1ade3f23c6c39c75d8c18fe163122696d741d5d96afdb01d457f9a64672da22842343a3
SSDEEP

98304:pv/UVT8PiE2A2pD1eiyjiYvFDzGilIrc+ZtTSAKz:pvDQJYvxxIrc5AKz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2265034a40e6f562a571eeec3f148bea

Files

2265034a40e6f562a571eeec3f148bea
.exe windows:5 windows x86 arch:x86

7781fe1855eff8c12a4f11dede725b0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
WriteConsoleA
EnumSystemLocalesA
InterlockedCompareExchange
GetLocaleInfoA
LoadLibraryExA
WriteConsoleW
TerminateThread
LoadLibraryExW
EnumResourceTypesW
EnumResourceNamesW
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
GetExitCodeThread
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
HeapReAlloc
RtlUnwind
HeapAlloc
GetCPInfo
ExitProcess
GetSystemTimeAsFileTime
CreateThread
ExitThread
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
GetTickCount
GetTempFileNameW
GetFileTime
SetErrorMode
GetFileAttributesW
GlobalFlags
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
GetModuleHandleA
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
GetVersionExA
LoadLibraryA
FreeResource
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
lstrcmpW
GlobalFree
GlobalSize
InterlockedIncrement
InterlockedDecrement
SetFileTime
CreateDirectoryW
DosDateTimeToFileTime
GetCurrentDirectoryW
SystemTimeToFileTime
SetFilePointer
GetFileType
DuplicateHandle
QueryDosDeviceW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
ExpandEnvironmentStringsW
lstrcpyW
GetCurrentProcessId
IsDebuggerPresent
lstrcatW
RaiseException
GetGeoInfoW
GetUserGeoID
GlobalAlloc
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDriveStringsW
SetLastError
MulDiv
GetLocaleInfoW
GlobalUnlock
GlobalLock
EndUpdateResourceW
UpdateResourceW
ReadFile
GetFileSize
BeginUpdateResourceW
GetPrivateProfileStringW
SearchPathW
FindClose
SetThreadLocale
RemoveDirectoryW
FindNextFileW
FindFirstFileW
FreeLibrary
FormatMessageW
LoadLibraryW
QueueUserWorkItem
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTempPathW
LocalFree
GetCommandLineW
OpenProcess
GetCurrentProcess
IsValidLocale
GetCurrentThreadId
CreateMutexW
OpenMutexW
GetProcAddress
GetModuleHandleW
GetVersionExW
GetNativeSystemInfo
CopyFileW
lstrlenW
GetFileSizeEx
GetModuleFileNameW
FlushFileBuffers
MoveFileExW
Sleep
WriteFile
CreateFileW
DeleteFileW
ResetEvent
SetEvent
CreateEventW
SizeofResource
GetLastError
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
FindResourceW
LoadResource
LockResource
LocalSize

user32

ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MapVirtualKeyW
GetKeyNameTextW
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
PeekMessageW
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowTextLengthW
GetWindowTextW
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SendDlgItemMessageW
CheckDlgButton
GetActiveWindow
SetActiveWindow
GetWindowDC
BeginPaint
EndPaint
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
EndDialog
WinHelpW
SystemParametersInfoW
RedrawWindow
IsZoomed
PostQuitMessage
IsWindowEnabled
SetFocus
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
CharLowerBuffW
wsprintfW
GetDesktopWindow
MapDialogRect
InvalidateRect
FillRect
GetWindowLongW
GetCapture
OffsetRect
SetClipboardData
EmptyClipboard
UpdateWindow
GetWindowRect
MapWindowPoints
GetMessagePos
LoadMenuW
CharUpperW
InflateRect
GetSysColorBrush
LoadCursorW
UnregisterClassW
DeleteMenu
SetRectEmpty
PostThreadMessageW
WaitMessage
DestroyMenu
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsW
MessageBeep
GetWindow
GetParent
DrawIcon
GetClientRect
IsIconic
SwitchToThisWindow
GetDlgItem
LoadIconW
CloseClipboard
GetClipboardData
CreateAcceleratorTableW
SetWindowRgn
NotifyWinEvent
CreatePopupMenu
SetParent
WindowFromPoint
SetClassLongW
GetSystemMenu
SetCapture
IsMenu
ReleaseCapture
DestroyIcon
LoadImageW
MessageBoxW
RegisterWindowMessageW
GetSystemMetrics
PostMessageW
GetForegroundWindow
RegisterClassA
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DefFrameProcA
DefWindowProcA
CallWindowProcA
CreateIconIndirect
SendMessageTimeoutW
LoadMenuIndirectW
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
EnumWindows
IsWindowUnicode
GetWindowLongA
SetWindowLongA
IsWindow
GetWindowPlacement
ShowWindow
SetForegroundWindow
SetWindowPos
GetClassNameW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
DefFrameProcW
GetMessageW
TranslateMessage
DispatchMessageW
ExitWindowsEx
GetDC
LoadBitmapW
ReleaseDC
EnableWindow
SendMessageW
GetFocus
IsClipboardFormatAvailable
OpenClipboard
CharUpperBuffW
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
CreateMenu
GetWindowRgn
DestroyCursor
GetNextDlgGroupItem
MapVirtualKeyExW
IsCharLowerW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
GetMenuItemInfoW
SetTimer
KillTimer
IsRectEmpty
BringWindowToTop
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatW
DrawStateW
CopyImage
SetRect

gdi32

ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
SetRectRgn
CombineRgn
DPtoLP
OffsetRgn
GetRgnBox
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
GetTextExtentPoint32W
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
CreateRectRgn
CreateDIBSection
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
Polyline
Ellipse
Polygon
StretchDIBits
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
TextOutW
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
RectVisible
PtVisible
GetPixel
GetClipRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
BitBlt
CreateCompatibleBitmap
GetStockObject
EndPage
EndDoc
StartPage
StartDocW
SetMapMode
CreateFontIndirectW
GetObjectW
DeleteDC
GetWindowExtEx
GetViewportExtEx
FrameRgn
DeleteObject
SetBrushOrgEx
GetCurrentObject
CreatePatternBrush
SelectObject
CreateCompatibleDC
SetPixel
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW
PrintDlgExW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CloseServiceHandle
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
RegSetKeySecurity
GetLengthSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExW
RegDeleteValueW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
TreeResetNamedSecurityInfoW
AddAccessAllowedAceEx
InitializeSid
InitializeAcl

shell32

ShellExecuteW
ord680
ShellExecuteExW
CommandLineToArgvW
SHGetFolderPathW
ord165
SHParseDisplayName
SHGetMalloc
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_Destroy
FlatSB_GetScrollProp
_TrackMouseEvent
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_GetImageInfo

shlwapi

StrFormatByteSizeW
PathFileExistsW
PathStripPathW
SHDeleteValueW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

ole32

RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleRun
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
OleLockRunning
CreateStreamOnHGlobal
CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoUninitialize
StringFromGUID2
CoCreateGuid
CoInitialize
CoCreateInstance
DoDragDrop

oleaut32

OleLoadPicturePath
VarBstrFromDate
VarDateFromStr
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantChangeType
SysStringByteLen
VariantInit
SysAllocStringByteLen
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen
SysFreeString
VariantClear
SysAllocString
VariantChangeTypeEx

wininet

InternetOpenUrlW
InternetOpenW
InternetCloseHandle
InternetConnectW
HttpOpenRequestW
InternetReadFile
InternetSetOptionW
InternetQueryDataAvailable
HttpSendRequestW
HttpQueryInfoW

msi

ord88
ord70
ord169
ord141

psapi

GetProcessImageFileNameW

uxtheme

DrawThemeParentBackground

dbghelp

ImageDirectoryEntryToData
MiniDumpWriteDump

crypt32

CertGetCertificateContextProperty
CryptProtectData
CryptUnprotectData

wintrust

WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain

gdiplus

GdipFree
GdipAlloc
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDeleteGraphics
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipDisposeImage
GdipGetImageWidth

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

waveOutGetNumDevs
PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57.2MB - Virtual size: 57.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7781fe1855eff8c12a4f11dede725b0a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

msi

psapi

uxtheme

dbghelp

crypt32

wintrust

gdiplus

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 446KB - Virtual size: 445KB

.data Size: 31KB - Virtual size: 78KB

.rsrc Size: 57.2MB - Virtual size: 57.2MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 446KB - Virtual size: 445KB

.data
Size: 31KB - Virtual size: 78KB

.rsrc
Size: 57.2MB - Virtual size: 57.2MB