4544b61007e117e1fdb60c3c9a89eff8

Sharing

Copy URL

Twitter E-mail

General

Target

4544b61007e117e1fdb60c3c9a89eff8
Size

6.6MB
MD5

4544b61007e117e1fdb60c3c9a89eff8
SHA1

c238eb82e6136c03d4d84db18008423932cfd126
SHA256

e18db3f2a4a5e6a6d4150e6698bde4805facb6eb32cc8953797d8b179621bc96
SHA512

fa50abe0428a06f19a67133fd758c53eea01541042ed1500bf2eaba7b6f370b67c359b15ed289aeb86f80d8df670e5b516448037fab1116ec00d296574795a4a
SSDEEP

196608:VfhVqnGeScgF9j+gGEJA87EnZPfxLTir/n1RpBGZLiCQSwwYA:Vfh8GeScgF9j+hveRpBGZLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4544b61007e117e1fdb60c3c9a89eff8

Files

4544b61007e117e1fdb60c3c9a89eff8
.exe windows:4 windows x86 arch:x86

62f98375d26325555155378520a27734

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

dsound

ord11

winmm

mmioAscend
mmioRead
mmioDescend
mmioOpenA
mmioGetInfo
mmioCreateChunk
mmioSeek
mmioSetInfo
mmioAdvance
mmioWrite
mmioClose
timeGetDevCaps
timeBeginPeriod
timeGetTime

imm32

ImmAssociateContext
ImmSetOpenStatus
ImmGetContext
ImmGetProperty
ImmGetCompositionStringW
ImmGetCandidateListW
ImmNotifyIME
ImmGetOpenStatus
ImmGetConversionStatus
ImmIsIME
ImmGetIMEFileNameA
ImmReleaseContext

ws2_32

inet_addr
gethostbyname
WSASetLastError
connect
WSAGetLastError
WSASend
gethostname
htons
ntohs
WSASocketA
WSARecv
getpeername
WSACloseEvent
WSACreateEvent
WSAStartup
WSACleanup
socket
WSASetEvent
setsockopt
WSAResetEvent
WSAWaitForMultipleEvents
listen
WSAEventSelect
WSAAccept
send
WSAEnumNetworkEvents
bind
htonl
shutdown
closesocket

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

CreateDirectoryA
GetSystemDirectoryA
CreateProcessA
GlobalUnlock
GlobalSize
GlobalLock
GlobalAlloc
GetDateFormatA
InitializeCriticalSectionAndSpinCount
GetLocalTime
GetCurrentDirectoryA
SetThreadPriority
CreateEventA
SetEvent
WaitForMultipleObjects
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
GetOverlappedResult
GetSystemInfo
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
SetUnhandledExceptionFilter
SetErrorMode
WriteFile
DeleteFileA
ReadFile
GetTempFileNameA
GetTempPathA
lstrcatA
GetProfileIntA
DebugBreak
FatalAppExitA
LocalFree
FormatMessageA
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceW
InterlockedCompareExchange
GetProcessHeap
OutputDebugStringW
GetModuleHandleA
RaiseException
GetLastError
CreateToolhelp32Snapshot
Process32First
OpenProcess
GetExitCodeProcess
TerminateProcess
CreatePipe
Process32Next
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetEnvironmentVariableW
InitializeCriticalSection
OpenMutexA
CreateMutexA
ReleaseMutex
lstrcmpiA
VirtualFree
GetFileAttributesA
WaitForSingleObject
SetEnvironmentVariableA
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetTimeZoneInformation
GetCurrentProcessId
HeapSize
GetCommandLineA
GetStartupInfoA
FindNextFileA
GetTimeFormatA
VirtualQuery
VirtualProtect
CreateThread
ExitThread
GetSystemTimeAsFileTime
RtlUnwind
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GlobalFlags
SuspendThread
CloseHandle
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
IsDBCSLeadByte
lstrlenA
Sleep
ExitProcess
lstrcmpA
GetTickCount
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
OutputDebugStringA
lstrcpyA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetFullPathNameA
CreateFileA
MulDiv
lstrcpynA
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedDecrement
DeleteCriticalSection
InterlockedIncrement
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetShortPathNameA
LocalAlloc
FlushFileBuffers
SetFilePointer
MoveFileA
GetFileTime
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GlobalFree
CopyFileA
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
ResumeThread
GlobalReAlloc
IsProcessorFeaturePresent
GetCurrentThreadId
GlobalHandle

user32

EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
CharNextA
GetKeyboardLayout
InflateRect
ReleaseCapture
SetCapture
FindWindowA
OffsetRect
GetIconInfo
IsDlgButtonChecked
EnableWindow
CheckRadioButton
EndDialog
DialogBoxParamA
GetDlgItem
ReleaseDC
EnumDisplaySettingsA
ChangeDisplaySettingsA
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
SetWindowLongA
SetMenu
ClipCursor
GetMenu
DestroyMenu
PostQuitMessage
LoadIconA
AdjustWindowRect
LoadMenuA
GetWindowLongA
EqualRect
SetRect
PtInRect
GetPropA
SetPropA
RemovePropA
GetClassInfoA
RegisterClassA
DefWindowProcA
GetClientRect
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
IsWindowEnabled
GetLastActivePopup
GetParent
GetSysColorBrush
GetSysColor
UnhookWindowsHookEx
GetWindowTextA
GetWindowTextLengthA
ValidateRect
GetKeyState
IsWindowVisible
GetActiveWindow
GetClassNameA
SetWindowTextA
GetDesktopWindow
GetFocus
GetDlgCtrlID
GetWindow
ClientToScreen
SetScrollPos
GetScrollPos
CheckDlgButton
GetDlgItemInt
GetDlgItemTextA
SendDlgItemMessageA
SetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
MoveWindow
ScrollWindowEx
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetWindowPlacement
IsIconic
IntersectRect
CallWindowProcA
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
UpdateWindow
ShowScrollBar
SetForegroundWindow
GetScrollRange
SetScrollRange
TrackPopupMenu
TrackPopupMenuEx
CharNextExA
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
IsChild
IsWindow
GetClassInfoExA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
GetMenuItemInfoA
SetCursor
ShowOwnedPopups
DeleteMenu
DestroyIcon
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDialogBaseUnits
CopyRect
SetRectEmpty
GetWindowRect
SetWindowPos
DestroyWindow
ShowWindow
SetFocus
CreateDialogParamA
CreateWindowExA
UnregisterClassA
CharUpperA
CharUpperW
CharLowerA
CharLowerW
SetWindowsHookExA
LoadStringA
GetAsyncKeyState
CallNextHookEx
GetDC
SendMessageA
PostMessageA
GetCursorPos
ScreenToClient
SystemParametersInfoA
MessageBoxA
wsprintfA
LoadCursorA
GetSystemMetrics
MessageBoxW
ScrollWindow

gdi32

ExtTextOutW
MoveToEx
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
GetTextMetricsA
SetBkMode
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
GetDCOrgEx
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateBitmap
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
GetCharacterPlacementW
GetCharacterPlacementA
GetObjectW
GetObjectA
GetDIBits
EnumFontFamiliesExA
ExtTextOutA
DeleteObject
DeleteDC
CreateCompatibleDC
SetMapMode
SelectObject
CreateDIBSection
SetTextColor
SetBkColor
SetTextAlign
CreateFontA
GetDeviceCaps
GetTextExtentPoint32A
GetStockObject
GetDeviceGammaRamp
SetDeviceGammaRamp
CopyMetaFileA
CreateDCA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
CreateRectRgn

advapi32

CryptReleaseContext
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegCloseKey
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueA

ole32

CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
StringFromGUID2
CoDisconnectObject
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc

oleaut32

SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
SysReAllocStringLen
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayLock
VariantTimeToSystemTime
SysFreeString
VarBstrFromDate
SystemTimeToVariantTime
VariantInit
SysAllocString
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VariantCopy
VariantChangeType
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SysStringByteLen
SysAllocStringByteLen
SafeArrayPutElement
SysStringLen

mss32

_AIL_shutdown@0
_AIL_service_stream@8
_AIL_start_stream@4
_AIL_set_stream_loop_count@8
_AIL_open_stream@12
_AIL_close_stream@4
_AIL_pause_stream@8
_AIL_set_digital_master_volume_level@8
_AIL_last_error@0
_AIL_open_digital_driver@16
_AIL_startup@0
_AIL_stream_status@4
_AIL_close_digital_driver@4

neuzd

GetRegisterString
GetFirstStackTraceString
GetNextStackTraceString
GetFaultReason

comctl32

ord17

shlwapi

PathStripToRootA
PathFindExtensionA
PathRemoveExtensionA
PathIsUNCA
PathFindFileNameA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

shell32

ExtractIconA
SHGetFileInfoA

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

62f98375d26325555155378520a27734

Headers

File Characteristics

Imports

d3d9

dsound

winmm

imm32

ws2_32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

mss32

neuzd

comctl32

shlwapi

oleacc

winspool.drv

comdlg32

shell32

Sections

.text Size: 5.4MB - Virtual size: 5.4MB

.rdata Size: 1016KB - Virtual size: 1016KB

.data Size: 76KB - Virtual size: 1.7MB

.rsrc Size: 116KB - Virtual size: 116KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 5.4MB - Virtual size: 5.4MB

.rdata
Size: 1016KB - Virtual size: 1016KB

.data
Size: 76KB - Virtual size: 1.7MB

.rsrc
Size: 116KB - Virtual size: 116KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB