362f5c04c2441799099ce90eb74200a7

Sharing

Copy URL Twitter E-mail

General

Target

362f5c04c2441799099ce90eb74200a7
Size

868KB
MD5

362f5c04c2441799099ce90eb74200a7
SHA1

08c03db2bb4c31ecc9f671d5facbb3d333e4e892
SHA256

76aac94044f9d0df3c395c306000a802740976e3a9ad15e2f0926ed2b1f9b993
SHA512

39eadac68d48879cbc1bc69287bef450f2188e520e4e72eaed5184e08142d5545a45806f3454e85fb39953e791614a46ce16318625c61a395d56c240a4bc27f1
SSDEEP

12288:2PTak8cKzrzU03pCtok0LDxsHkFYeWZC5KFIkZmutT3mYEP:Hk3KT9YhEeNaK2N+T3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
362f5c04c2441799099ce90eb74200a7

Files

362f5c04c2441799099ce90eb74200a7
.exe windows:4 windows x86 arch:x86

172e6e211c85b97e64e13fb9f579c2cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
RtlUnwind
HeapAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
ExitThread
CreateThread
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
FatalAppExitA
HeapDestroy
HeapCreate
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetTempFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
LocalLock
LocalUnlock
GetTickCount
FindNextFileA
SetErrorMode
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
RaiseException
GlobalFlags
InterlockedIncrement
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
CreateFileA
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
CopyFileA
MulDiv
GlobalSize
GlobalUnlock
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
SetLastError
FreeResource
GlobalFree
lstrcpynA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
FormatMessageA
GetModuleHandleA
LocalFree
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetEnvironmentVariableW
CreateProcessA
VirtualAlloc
VirtualFree
DeleteCriticalSection
InterlockedDecrement
GetVolumeInformationA
GetSystemDirectoryA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateMutexA
GetLastError
ReleaseMutex
GetEnvironmentStrings
CloseHandle

user32

GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
GetSystemMenu
SetParent
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetDialogBaseUnits
DestroyMenu
GetMenuItemInfoA
InflateRect
MessageBeep
GetNextDlgGroupItem
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
DestroyIcon
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DeleteMenu
GetWindowThreadProcessId
ReleaseCapture
LoadCursorA
WindowFromPoint
SetCapture
ClientToScreen
wsprintfA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
IsChild
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
IsClipboardFormatAvailable
LoadIconA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
DefWindowProcA
EnableWindow
SetTimer
KillTimer
CharLowerW
CharLowerA
CharUpperW
CharUpperA
PostMessageA
PostQuitMessage
SetCursor
SendMessageA
ShowOwnedPopups
IsWindowEnabled
GetLastActivePopup
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
PtInRect
WaitMessage
SetWindowContextHelpId
MapDialogRect
GetWindowTextLengthA
GetWindowTextA
PostThreadMessageA
UnionRect
MapVirtualKeyA
GetKeyNameTextA
RegisterClipboardFormatA
SetWindowPos
ScrollWindowEx
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
GetMessagePos
CreatePopupMenu
GetWindowLongA
GetParent
MessageBoxA
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetFocus
SetMenuItemBitmaps
GetWindow
CheckDlgButton
CheckRadioButton
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
SendDlgItemMessageA
InvalidateRgn

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
SetRectRgn
CombineRgn
CreateHatchBrush
PatBlt
DPtoLP
StretchDIBits
GetCharWidthA
CreateFontA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
GetMapMode
CreateBitmap
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
OffsetViewportOrgEx

comdlg32

GetOpenFileNameA
ReplaceTextA
FindTextA
PageSetupDlgA
PrintDlgA
CommDlgExtendedError
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
GetJobA
DocumentPropertiesA
ClosePrinter

advapi32

SetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
GetFileSecurityA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
UrlUnescapeA

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
CoCreateInstance
StringFromGUID2
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
CreateErrorInfo
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
LoadTypeLi
GetErrorInfo
SetErrorInfo
SysAllocString

ws2_32

ntohs
getsockname
WSAGetLastError
WSAConnect
WSASocketA
WSAStartup
inet_addr
htons
WSACleanup
closesocket
shutdown
WSARecv
WSASend
recv
send
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
getpeername
bind
htonl
gethostbyname
select
socket
accept
inet_ntoa

wininet

HttpOpenRequestA
InternetOpenUrlA
GopherOpenFileA
InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
GopherFindFirstFileA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetFindNextFileA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetOptionExA
InternetSetCookieA
InternetCrackUrlA

Sections

.textbss
Size: - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 644KB - Virtual size: 642KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

172e6e211c85b97e64e13fb9f579c2cf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

Sections

.textbss Size: - Virtual size: 252KB

.text Size: 644KB - Virtual size: 642KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 20KB - Virtual size: 35KB

.idata Size: 20KB - Virtual size: 18KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 44KB - Virtual size: 43KB

.textbss
Size: - Virtual size: 252KB

.text
Size: 644KB - Virtual size: 642KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 20KB - Virtual size: 35KB

.idata
Size: 20KB - Virtual size: 18KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 44KB - Virtual size: 43KB