69c8b7f3c286d7ddd4bcc806ab13b2fa

Sharing

Copy URL Twitter E-mail

General

Target

69c8b7f3c286d7ddd4bcc806ab13b2fa
Size

20.4MB
MD5

69c8b7f3c286d7ddd4bcc806ab13b2fa
SHA1

6be496cfaa7e5fa81ced4777039be920a903f857
SHA256

dce5c7d6b168ed7477d2dbe9e9be48c3cd1c572583bfa82114e6c1578f2134cd
SHA512

9c51a946d1e6ea3b2217f82619ea5c4dc4e6c416a6a78e9c39902f1eac5006c0c369cbe324e9df23e6ae2f31ca54962ed11085f2c4cda25a33f28eaaddb54a6d
SSDEEP

98304:tQmTQywjMQCCeDbAg119sUZv2oy3ftsgx6ECvTJ:BTxuMQCSg1s4vIqZ7J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69c8b7f3c286d7ddd4bcc806ab13b2fa

Files

69c8b7f3c286d7ddd4bcc806ab13b2fa
.exe windows:4 windows x86 arch:x86

3b19826510178d1e12815773675dd107

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

comctl32

ord6
ImageList_Destroy
ImageList_Draw
ImageList_GetImageCount
ImageList_LoadImageA
InitCommonControlsEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA

crypt32

CertAddEncodedCertificateToStore
CertCloseStore
CertCreateCertificateContext
CertFreeCertificateContext
CertGetIssuerCertificateFromStore
CertOpenStore
CertOpenSystemStoreA
CryptDecodeObject

ddraw

DirectDrawCreate

dinput

DirectInputCreateA

dplayx

ord1
ord2

dsound

ord1
ord2

gdi32

AnimatePalette
BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreatePalette
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
GdiFlush
GetBkColor
GetBkMode
GetDeviceCaps
GetObjectA
GetRegionData
GetStockObject
GetSystemPaletteEntries
GetSystemPaletteUse
GetTextColor
GetTextExtentPoint32A
PatBlt
RealizePalette
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetSystemPaletteUse
SetTextColor
SetViewportOrgEx
StretchDIBits

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexA
CreateProcessA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadPriority
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileA
MultiByteToWideChar
OpenEventA
OpenFile
OpenMutexA
OpenProcess
OutputDebugStringA
PeekNamedPipe
RaiseException
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
_hread
_hwrite
_lclose
_lcreat
_llseek
_lopen
lstrcmpA
lstrcpyA
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW

netapi32

Netbios

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoInitialize
CoRegisterClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromCLSID

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantClear
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
LoadRegTypeLi

olepro32

ord253

shell32

DragQueryFileA
ExtractIconA
ShellExecuteA

urlmon

CoInternetGetSession

user32

AttachThreadInput
BeginPaint
CallNextHookEx
CallWindowProcA
ChangeDisplaySettingsA
CharLowerA
CharNextA
CheckDlgButton
ClientToScreen
CreateAcceleratorTableA
CreateDialogParamA
CreateIconFromResource
CreateIconFromResourceEx
CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
DrawEdge
DrawFrameControl
DrawTextA
EnableWindow
EndDialog
EndPaint
EnumChildWindows
EnumDisplaySettingsA
EnumWindows
FillRect
FlashWindow
FrameRect
GetActiveWindow
GetAsyncKeyState
GetClassInfoExA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetFocus
GetForegroundWindow
GetKeyState
GetKeyboardType
GetMenuItemCount
GetMenuItemInfoA
GetMessageA
GetMessagePos
GetParent
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetUpdateRect
GetUpdateRgn
GetWindow
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
InflateRect
InvalidateRect
InvalidateRgn
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadImageA
LoadImageW
LoadMenuA
LoadStringA
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterHotKey
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetCapture
SetCursor
SetCursorPos
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoA
SetRectEmpty
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowWindow
SystemParametersInfoA
TrackPopupMenuEx
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHookEx
UnregisterHotKey
UpdateWindow
ValidateRect
WindowFromPoint
wsprintfA

wininet

HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetQueryOptionA
InternetSetOptionA

winmm

PlaySoundA
PlaySoundW
mciSendCommandA
mciSendCommandW
mciSendStringA
mmioAdvance
mmioAscend
mmioClose
mmioDescend
mmioGetInfo
mmioOpenA
mmioOpenW
mmioRead
mmioSeek
mmioSetInfo
mmioWrite
sndPlaySoundA
sndPlaySoundW
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 10.5MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 700B - Virtual size: 700B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 250B - Virtual size: 250B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b19826510178d1e12815773675dd107

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

crypt32

ddraw

dinput

dplayx

dsound

gdi32

kernel32

netapi32

ole32

oleaut32

olepro32

shell32

urlmon

user32

wininet

winmm

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 1.0MB - Virtual size: 1.0MB

.bss Size: 10.5MB - Virtual size: 10.5MB

.text Size: 700B - Virtual size: 700B

.rdata Size: 164KB - Virtual size: 164KB

.data Size: 355KB - Virtual size: 355KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 29KB - Virtual size: 29KB

.bss Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 33KB - Virtual size: 33KB

.text Size: 1.7MB - Virtual size: 1.7MB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 21KB - Virtual size: 21KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 4KB - Virtual size: 4KB

.bss Size: 40KB - Virtual size: 40KB

.idata Size: 250B - Virtual size: 250B

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 1.0MB - Virtual size: 1.0MB

.bss
Size: 10.5MB - Virtual size: 10.5MB

.text
Size: 700B - Virtual size: 700B

.rdata
Size: 164KB - Virtual size: 164KB

.data
Size: 355KB - Virtual size: 355KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 29KB - Virtual size: 29KB

.bss
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 33KB - Virtual size: 33KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 21KB - Virtual size: 21KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 4KB - Virtual size: 4KB

.bss
Size: 40KB - Virtual size: 40KB

.idata
Size: 250B - Virtual size: 250B