34cd62ad105d0782ab25f6fb98f9a212

Sharing

Copy URL Twitter E-mail

General

Target

34cd62ad105d0782ab25f6fb98f9a212
Size

768KB
MD5

34cd62ad105d0782ab25f6fb98f9a212
SHA1

0d0f715321d7885e5495c7e40818995d29a72c13
SHA256

e729a55224ddf58387a7eb692e0bd9678ca41f31d058a98cb64a6463a52ba756
SHA512

89c5e9f8710e5926e87342bc46f177486ef944808ed3c40bafff16878fcf67b59ebcafbc4b498e51062b37c8c0a9e2f81844c056d2e0762f6cae29b93fe0ac94
SSDEEP

6144:SlzT/VlsnjGhAqB3qpBx9PdI+CrBAmEUkhV8:SlftlsjGeqB3qzx9i8h+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34cd62ad105d0782ab25f6fb98f9a212

Files

34cd62ad105d0782ab25f6fb98f9a212
.exe windows:4 windows x86 arch:x86

f09be7e08b827f8dc0a93da6bc6c0ba3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mumsg

??1CMsg@@QAE@XZ
??0CMsg@@QAE@XZ
?LoadWTF@CMsg@@QAEXPAD@Z
?Get@CMsg@@QAEPADH@Z

winmm

timeGetTime
sndPlaySoundA

ws2_32

inet_ntoa
WSAAsyncSelect
WSACleanup
send
htons
inet_addr
gethostbyname
connect
WSAStartup
WSAGetLastError
socket
recv
closesocket

wz_zp

BZ2_bzDecompressInit
BZ2_bzDecompress
BZ2_bzDecompressEnd

kernel32

TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
GetACP
TerminateProcess
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
SetEnvironmentVariableA
GetProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
CreateEventA
GlobalAlloc
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleFileNameA
GetThreadLocale
GetFullPathNameA
GetCurrentDirectoryA
SetFileAttributesA
GetLastError
CreateMutexA
Sleep
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
lstrcmpA
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
DeleteFileA
CopyFileA
CreateFileA
GetFileSize
ReadFile
WriteFile
CloseHandle
ResetEvent
WaitForSingleObject
SetUnhandledExceptionFilter

user32

CharUpperA
GetCursorPos
ValidateRect
GetMessageA
WindowFromPoint
SetWindowContextHelpId
MapDialogRect
CharNextA
LoadStringA
GetSysColorBrush
DestroyMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
CheckRadioButton
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
UpdateWindow
LoadCursorA
CopyIcon
GetWindowRect
GetDC
ReleaseDC
InflateRect
SetWindowLongA
SetCursor
PtInRect
ReleaseCapture
SetCapture
MessageBeep
LoadImageA
GetDesktopWindow
IsChild
GetClassNameA
PeekMessageA
TranslateMessage
DispatchMessageA
KillTimer
PostQuitMessage
SetRect
IsIconic
GetSystemMetrics
DrawIcon
FindWindowA
SetTimer
LoadIconA
MessageBoxA
GrayStringA
DrawTextA
TabbedTextOutA
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RedrawWindow
IsWindow
GetSysColor
GetClientRect
GetParent
SendMessageA
InvalidateRect
EnableWindow
PostMessageA
LoadBitmapA
GetDlgItem
MoveWindow
wsprintfA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
DefWindowProcA

gdi32

GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
SelectPalette
SetBkMode
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A
CreateFontIndirectA
SetDIBitsToDevice
StretchDIBits
GetDIBits
CreatePalette
RealizePalette
GetStockObject
CreateFontA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
GetTextExtentPointA
CreateDIBitmap
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

OleFlushClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysFreeString
VariantClear

wininet

FtpFindFirstFileA
InternetFindNextFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpGetFileA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetSetStatusCallback
FtpOpenFileA
InternetReadFile

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f09be7e08b827f8dc0a93da6bc6c0ba3

Headers

File Characteristics

Imports

mumsg

winmm

ws2_32

wz_zp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 28KB - Virtual size: 219KB

.rsrc Size: 456KB - Virtual size: 455KB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 28KB - Virtual size: 219KB

.rsrc
Size: 456KB - Virtual size: 455KB