7a2ee4adafa74c888d9c4b478bd15e81790cb9335c281ca3c821143d42599ccf

Sharing

Copy URL Twitter E-mail

General

Target

7a2ee4adafa74c888d9c4b478bd15e81790cb9335c281ca3c821143d42599ccf
Size

6.1MB
MD5

52de0c297e9103179be752cc415981b5
SHA1

c73d1e9a262f80d2268658a9f64dc63999277ee4
SHA256

7a2ee4adafa74c888d9c4b478bd15e81790cb9335c281ca3c821143d42599ccf
SHA512

4561f1cdd2985297237c797f390bfb96e71ba585fd7576b625decb771b2f0823a875f16c9d15dd0379011f42c234b92c0f697cd003f1e4f0f122c3f72eafa60f
SSDEEP

196608:MIOOrnNLue7u0bacHD4HjTuO06PPkoqp0tx0JukKQ5/GqOW6YY8tVRFLOyomFHKP:pOil/RF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a2ee4adafa74c888d9c4b478bd15e81790cb9335c281ca3c821143d42599ccf

Files

7a2ee4adafa74c888d9c4b478bd15e81790cb9335c281ca3c821143d42599ccf
.exe windows:6 windows x64 arch:x64

8add16a66ac7d497ded78773ac80b68a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetDateFormatW
ReadConsoleW
GetConsoleMode
CreateProcessW
GetExitCodeProcess
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetConsoleCP
PeekNamedPipe
GetDriveTypeW
SetConsoleCtrlHandler
ExitProcess
WriteConsoleW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlPcToFileHeader
InterlockedPushEntrySList
RtlUnwindEx
GetCPInfo
GetStringTypeW
LCMapStringW
SetConsoleMode
LCMapStringEx
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetFileInformationByHandleEx
AreFileApisANSI
SetFilePointerEx
GetFileInformationByHandle
FindFirstFileExW
CreateDirectoryW
FormatMessageA
OutputDebugStringW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
ReadConsoleInputW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
WaitForSingleObjectEx
ResetEvent
FindResourceExW
GetUserDefaultLCID
GetTempFileNameW
GetTimeZoneInformation
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
Sleep
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
VirtualProtect
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FileTimeToSystemTime
GlobalGetAtomNameW
GetTempPathW
SetFilePointer
GetFileSize
GetFileAttributesW
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
VerifyVersionInfoW
VerSetConditionMask
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalSize
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
GetVersionExW
OutputDebugStringA
LoadLibraryA
FlushConsoleInputBuffer
SystemTimeToFileTime
GetSystemTime
GlobalMemoryStatus
SizeofResource
LoadLibraryW
FreeLibrary
GetTickCount
GetCurrentProcessId
CloseHandle
FindNextFileW
FindFirstFileW
FindClose
GetProcAddress
GetModuleHandleW
GetCurrentThreadId
WriteFile
GetFileType
GetStdHandle
GetCurrentThread
QueryPerformanceFrequency
QueryPerformanceCounter
RtlVirtualUnwind
SetLastError
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetLastError
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
RtlUnwind

user32

SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
MapVirtualKeyW
GetKeyNameTextW
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
HideCaret
KillTimer
DestroyCursor
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuW
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
MonitorFromPoint
TrackMouseEvent
IsZoomed
GetWindowRgn
CharUpperW
GetAsyncKeyState
MessageBeep
NotifyWinEvent
SetCursorPos
SetRect
UnionRect
BringWindowToTop
CreatePopupMenu
IntersectRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
InvertRect
SetParent
SendMessageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
UnregisterClassW
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
GetDC
ReleaseDC
PostMessageW
PostQuitMessage
RegisterWindowMessageW
DrawEdge
DrawFrameControl
IsWindowVisible
GetFocus
DrawStateW
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
GetParent
DrawIconEx
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
DefWindowProcW
GetClassInfoW
SetLayeredWindowAttributes
SetRectEmpty
CopyRect
LoadCursorW
SystemParametersInfoW
GetMonitorInfoW
EnumDisplayMonitors
LoadMenuW
GetWindowThreadProcessId
GetLastActivePopup
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
GetKeyState
ValidateRect
ShowOwnedPopups
SetCursor
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
DestroyAcceleratorTable
SetClassLongPtrW
GetUpdateRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
CopyAcceleratorTableW
UpdateLayeredWindow
MapDialogRect
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SubtractRect
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
GetNextDlgGroupItem
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
UpdateWindow
InvalidateRect
CreateMenu

gdi32

CreatePen
CreatePatternBrush
EnumFontFamiliesW
GetStockObject
GetTextCharsetInfo
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
CreateFontIndirectW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
CreateDIBitmap
CreateCompatibleDC
BitBlt
CreateDCW
DeleteDC
CreateCompatibleBitmap
DeleteObject
GetDeviceCaps
GetObjectW
CombineRgn
CreateEllipticRgn
CreateHatchBrush
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
PatBlt
ExtTextOutW
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
GetViewportExtEx
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegCloseKey

shell32

SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW

shlwapi

PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
StrFormatKBSizeW

uxtheme

DrawThemeParentBackground
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
IsAppThemed
OpenThemeData
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CreateStreamOnHGlobal
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
IsAccelerator

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysStringLen

gdiplus

GdipCreateFromHDC
GdipDrawImageRectI
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipSetInterpolationMode
GdipCloneImage

ws2_32

WSACleanup
send
WSAGetLastError
ioctlsocket
freeaddrinfo
htons
inet_ntop
recv
gethostname
getservbyname
connect
socket
WSASetLastError
getpeername
WSAStartup
getaddrinfo
select
closesocket
__WSAFDIsSet
shutdown

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 327KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8add16a66ac7d497ded78773ac80b68a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 1016KB - Virtual size: 1016KB

.data Size: 327KB - Virtual size: 373KB

.pdata Size: 147KB - Virtual size: 146KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 83KB - Virtual size: 82KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 1016KB - Virtual size: 1016KB

.data
Size: 327KB - Virtual size: 373KB

.pdata
Size: 147KB - Virtual size: 146KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 83KB - Virtual size: 82KB