39b391781f4249a84082babd6caa60f8

Sharing

Copy URL

Twitter E-mail

General

Target

39b391781f4249a84082babd6caa60f8
Size

1.5MB
MD5

39b391781f4249a84082babd6caa60f8
SHA1

ce6b67f70a971bb0eecab3215840ba608dec77d3
SHA256

e0598f0e9707373e82f03a798f2b21eda06a9a9cc5c6cef4506ce39a8a3f67a9
SHA512

3a7953107b68cfadab35692af6ab85ac1d527941c0792cc8117780d17b2f707477c1f8149f232c3dcd1e2c6ab9a3b56223c83d9d9a96aea1309a07a637564daa
SSDEEP

24576:kwTlmiqkUQrXG0CeZ3hw2SjffUGmQZWoACCf:kwTZq0T0eZ3mhrmQZWoAC6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39b391781f4249a84082babd6caa60f8

Files

39b391781f4249a84082babd6caa60f8
.exe windows:5 windows x86 arch:x86

1bbd2b3b2520f01e8bd48404b8df87f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpConnect
WinHttpOpen
WinHttpCrackUrl
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSetCredentials
WinHttpSetOption

wininet

InternetGetConnectedState

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
DebugBreak
OutputDebugStringW
lstrlenA
lstrcmpW
MulDiv
GetModuleFileNameW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CopyFileW
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetLocaleInfoW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
InterlockedExchange
GlobalFree
MoveFileW
LoadLibraryW
FreeResource
LockResource
LocalFree
FormatMessageW
GetVersionExW
GetWindowsDirectoryW
GetTempPathW
GetCurrentDirectoryW
GetLocalTime
FileTimeToLocalFileTime
CompareFileTime
GetTimeZoneInformation
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
FindClose
FindNextFileW
FindFirstFileW
GetUserDefaultLangID
WideCharToMultiByte
GetSystemTimeAsFileTime
GetTempPathA
FlushFileBuffers
WriteFile
ReadFile
SetFilePointer
SetEndOfFile
GetFileSize
GetShortPathNameW
GetSystemDirectoryW
ExpandEnvironmentStringsW
GetLongPathNameW
GetTempFileNameW
GetDriveTypeW
GetDiskFreeSpaceW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
SetCurrentDirectoryW
GetCurrentProcess
GetVersion
lstrcpyW
WaitForSingleObject
ResetEvent
GetSystemInfo
PostQueuedCompletionStatus
CreateEventA
CreateIoCompletionPort
CreateSemaphoreA
DuplicateHandle
ReleaseSemaphore
CreateThread
ReleaseMutex
CreateMutexA
OpenMutexA
GetQueuedCompletionStatus
HeapFree
HeapAlloc
GetStdHandle
SetCurrentDirectoryA
GetCurrentDirectoryA
ExitProcess
HeapSize
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
LCMapStringW
LCMapStringA
GetFullPathNameW
GetStartupInfoW
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapDestroy
FatalAppExitA
HeapReAlloc
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetConsoleCP
FlushInstructionCache
HeapCreate
RaiseException
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
GetStringTypeA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
GetCurrentThreadId
SetLastError
GetSystemTime
SystemTimeToFileTime
SetFileTime
CreateFileW
GetFileTime
FileTimeToSystemTime
WaitForSingleObjectEx
WaitForMultipleObjectsEx
SetEvent
CreateDirectoryW
GetLastError
GetTickCount
InterlockedCompareExchange
CloseHandle
lstrlenW
Sleep
InterlockedIncrement
InterlockedDecrement
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetDriveTypeA
GetFullPathNameA
CompareStringA
CompareStringW
SetEnvironmentVariableA
ResumeThread
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
GetModuleFileNameA
RemoveDirectoryW
ExitThread

user32

DialogBoxParamW
KillTimer
SetTimer
GetWindowPlacement
DrawAnimatedRects
GetCursorPos
PostQuitMessage
GetWindowRect
GetActiveWindow
LoadMenuW
EnableMenuItem
SetForegroundWindow
LoadBitmapW
DestroyMenu
DestroyIcon
GetSystemMetrics
LoadImageW
MonitorFromWindow
FindWindowW
GetSubMenu
IsIconic
IsWindowVisible
GetMonitorInfoW
IsDialogMessageW
MapWindowPoints
ModifyMenuW
BringWindowToTop
CreateWindowExW
CallWindowProcW
DestroyWindow
GetDlgItem
SendMessageW
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableW
GetDC
ReleaseDC
TrackPopupMenu
GetMenuItemID
MonitorFromPoint
SetMenuDefaultItem
LoadIconW
EndDialog
EnableWindow
SystemParametersInfoW
FindWindowExA
PostMessageW
GetDesktopWindow
GetClassNameW
SetWindowPos
RedrawWindow
IsWindow
GetClientRect
BeginPaint
FillRect
EndPaint
IsChild
SetFocus
GetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
wvsprintfW
CharNextW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowLongW
SetWindowLongW
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
ShowWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CreateDialogParamW
DefWindowProcW
MessageBoxW
LoadStringW
UnregisterClassA
GetParent

gdi32

StretchBlt
SetBkColor
CreateFontW
CreateFontIndirectW
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

advapi32

RegSetValueExW
RegEnumValueW
AllocateAndInitializeSid
IsValidSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityInfo
RegConnectRegistryW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegQueryInfoKeyW
OpenProcessToken
RegFlushKey

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHAppBarMessage
Shell_NotifyIconW
ShellExecuteW

ole32

CreateStreamOnHGlobal
OleInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
CoTaskMemFree
CoTaskMemRealloc
CoCreateGuid
CoCreateInstance
CoInitializeEx
OleUninitialize

oleaut32

LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString
VarUI4FromStr

comctl32

InitCommonControlsEx

wintrust

WinVerifyTrust

userenv

GetUserProfileDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1bbd2b3b2520f01e8bd48404b8df87f6

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

wintrust

userenv

version

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 1.5MB - Virtual size: 1.5MB