251c5f0ec09e1427e6362bdc05c844de

Sharing

Copy URL

Twitter E-mail

General

Target

251c5f0ec09e1427e6362bdc05c844de
Size

3.0MB
MD5

251c5f0ec09e1427e6362bdc05c844de
SHA1

b9b9f8057ed4f02b035e85766d0f48e307e853c2
SHA256

e1ac9b84fe3165655fb35cf66e786ea17f38f024dfcb4928546ba226e1e5cd7c
SHA512

c552a236d4cb2c0ea2e53b3af557ca95021f54e38c5e0ff9938c1c1a23d60810e7af851af6cc4a8ec5f3e6b9b28b7346d2ab92c678aa86a83980e45aa9e7c391
SSDEEP

49152:UE+sLYYRLVfxBBUEPdZfNDl/QCT696XSl2q+hsYFqCUCZCFLQlXPJquXeLFmsus:bDHBUCATYXDeRmX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
251c5f0ec09e1427e6362bdc05c844de

Files

251c5f0ec09e1427e6362bdc05c844de
.exe windows:4 windows x86 arch:x86

accd5a481f4f0c3e7edfc1c7bdadd381

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

dsound

DirectSoundCreate
DirectSoundEnumerateA

gdi32

BitBlt
SetTextColor
DeleteObject
CreateDIBSection
DeleteDC
TextOutA
GetTextExtentPoint32A
GetTextExtentPointA
SelectObject
CreateCompatibleDC
SwapBuffers
SetBkMode
CreateFontA
ChoosePixelFormat
SetPixelFormat
SetBkColor
GetStockObject

glu32

gluOrtho2D
gluPerspective

imm32

ImmGetCompositionWindow
ImmSetCompositionWindow
ImmGetConversionStatus
ImmGetCompositionStringA
ImmGetContext
ImmGetDescriptionA
ImmGetIMEFileNameA
ImmReleaseContext
ImmGetDefaultIMEWnd
ImmSetConversionStatus

kernel32

FlushFileBuffers
SetUnhandledExceptionFilter
Module32Next
Module32First
GetCurrentProcessId
lstrcpyn
GetThreadContext
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
FindNextFileA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetExitCodeProcess
GetLocaleInfoW
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
IsBadCodePtr
GetCurrentThreadId
GetTickCount
Sleep
lstrlen
CloseHandle
WriteFile
SetFilePointer
CreateFileA
DeleteFileA
ReadFile
GetLocalTime
GetSystemDirectoryA
lstrcmpi
GetVersionExA
QueryPerformanceCounter
SetProcessAffinityMask
SetThreadPriority
SetPriorityClass
GetProcessAffinityMask
GetThreadPriority
GetPriorityClass
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalMemoryStatus
GlobalUnlock
GlobalLock
HeapAlloc
GetFileSize
GetLastError
GetPrivateProfileStringA
GetCurrentDirectoryA
CopyFileA
SetFileAttributesA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
WinExec
FindFirstFileA
FindClose
CreateMutexA
GetModuleFileNameA
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
GetCommandLineA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetFileType
GetStdHandle
LockResource
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
FatalAppExitA
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapReAlloc
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
RaiseException
HeapFree
GetSystemTimeAsFileTime

opengl32

glDeleteTextures
glVertex2f
glDepthFunc
glStencilOp
glTexEnvf
glFlush
glFogi
glViewport
glBlendFunc
glGetFloatv
glReadPixels
glTexEnvi
glGenTextures
glScalef
wglCreateContext
wglMakeCurrent
wglDeleteContext
glPushMatrix
glRotatef
glTranslatef
glClear
glPopMatrix
glMatrixMode
glLoadIdentity
glColor4ub
glIsTexture
glPixelStorei
glTexParameteri
glColor3f
glColor4f
glColorMask
glStencilFunc
glFrontFace
glPolygonMode
glDepthMask
glVertex3f
glBindTexture
glTexImage2D
glClearColor
glDisable
glEnable
glFogfv
glFogf
glAlphaFunc
glGetString
glGetIntegerv
glColor3fv
glBegin
glTexCoord2f
glVertex3fv
glEnd

shell32

ShellExecuteEx
ShellExecuteA

user32

IntersectRect
MessageBoxA
GetDesktopWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
SetWindowPos
GetWindowRect
wsprintfA
SendMessageA
wvsprintfA
GetKeyboardLayoutNameA
GetKeyboardLayout
GetAsyncKeyState
RegisterHotKey
UnregisterHotKey
GetFocus
SetWindowLongA
CloseClipboard
GetClipboardData
OpenClipboard
CallWindowProcA
GetWindowLongA
GetCaretPos
GetWindowTextA
SetWindowTextA
ShowWindow
ReleaseDC
GetDC
CreateWindowExA
PostMessageA
GetActiveWindow
GetCursorPos
ScreenToClient
GetDoubleClickTime
PtInRect
OffsetRect
SetRect
SetCursorPos
EnumDisplaySettingsA
UpdateWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
IsIconic
AdjustWindowRect
GetSystemMetrics
SetForegroundWindow
LoadIconA
LoadCursorA
RegisterClassA
DestroyWindow
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
SetCapture
ReleaseCapture
SystemParametersInfoA
ChangeDisplaySettingsA
FindWindowA
SetTimer
SetScrollPos
GetScrollPos
IsWindowVisible
SetFocus
ShowCursor

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

mmioOpenA
mmioAscend
mmioClose
timeGetTime
mmioDescend
mmioRead
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
mmioWrite

ws2_32

WSAAsyncSelect
setsockopt
socket
shutdown
recv
closesocket
WSAStartup
WSACleanup
send
WSAGetLastError
gethostbyname
inet_addr
htons
connect

ole32

CoUninitialize
CoCreateInstance
CoInitialize

wzaudio

wzAudioStop
wzAudioPlay
wzAudioGetStreamOffsetRange
wzAudioDestroy
wzAudioOption
wzAudioCreate

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 128KB - Virtual size: 119.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Repair
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

accd5a481f4f0c3e7edfc1c7bdadd381

Headers

File Characteristics

Imports

advapi32

dsound

gdi32

glu32

imm32

kernel32

opengl32

shell32

user32

version

winmm

ws2_32

ole32

wzaudio

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 60KB - Virtual size: 60KB

.data Size: 128KB - Virtual size: 119.0MB

.rsrc Size: 12KB - Virtual size: 8KB

.Repair Size: 12KB - Virtual size: 12KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 128KB - Virtual size: 119.0MB

.rsrc
Size: 12KB - Virtual size: 8KB

.Repair
Size: 12KB - Virtual size: 12KB