749911e678eead343e1779c6d65cc80e

Sharing

Copy URL

Twitter E-mail

General

Target

749911e678eead343e1779c6d65cc80e
Size

569KB
MD5

749911e678eead343e1779c6d65cc80e
SHA1

59ca349da9aa1a28841f21698fe2d9b417c1b366
SHA256

a54391ca9c027bf6e13eb526f8c4b9febad3b607084d894deaad90eeaa620799
SHA512

f4a4cbabfe9c6a5b5bddbf48102c351c320501d2e3d976df1f476da5a2eb9269d29758f2656e203b356001bcc034b183119ef87e18957dad8bc06d16f7dc122a
SSDEEP

12288:21s4JzXdFykzOJyuvUPoNbMuo1IZpbYI5Xiez7JgxoLz8rn:2RzNYkaJtkCMuTpbY0XiePyxwzAn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
749911e678eead343e1779c6d65cc80e

Files

749911e678eead343e1779c6d65cc80e
.exe windows:5 windows x86 arch:x86

1e2f13e3c1a25e21ffbd00fea227df0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSAGetLastError
closesocket
listen
bind
htons
gethostbyname
socket
gethostname
connect
accept
send
recv

wininet

HttpQueryInfoA
FtpCommandA
FtpFindFirstFileA
InternetGetCookieA
InternetCreateUrlA
InternetCanonicalizeUrlA
InternetCrackUrlA
FtpSetCurrentDirectoryA
HttpEndRequestA
InternetGetLastResponseInfoA
InternetQueryOptionA
InternetAutodial
InternetCloseHandle
InternetWriteFile
InternetSetOptionA
HttpSendRequestExA
InternetReadFile
HttpSendRequestA
InternetOpenA
InternetConnectA
HttpOpenRequestA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

gdiplus

GdipCloneImage
GdipLoadImageFromFile
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageHeight

kernel32

SetLastError
GetCurrentProcess
FlushInstructionCache
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
GetTempPathA
GetFileAttributesA
DeleteFileA
RemoveDirectoryA
Sleep
GetFileSizeEx
CreateProcessA
WaitForSingleObject
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadResource
SizeofResource
LockResource
GetModuleFileNameA
LoadLibraryA
lstrcatA
CreateFileA
GetCurrentProcessId
TerminateProcess
GetLocalTime
SystemTimeToFileTime
FileTimeToDosDateTime
FreeLibrary
lstrlenA
lstrcmpiA
IsDBCSLeadByte
lstrlenW
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
LocalFree
CreateDirectoryA
CopyFileA
GetFileAttributesW
CreateDirectoryW
SetFilePointer
SetEndOfFile
FindFirstFileA
FindNextFileA
FormatMessageA
CreateFileW
ReadFile
WriteFile
GetModuleFileNameW
GetFileSize
GlobalAlloc
RaiseException
GlobalUnlock
GlobalFree
lstrcpyA
GetCurrentDirectoryA
CompareStringA
SetFileAttributesA
SetFileTime
MoveFileA
CreateThread
GetFileTime
GetExitCodeThread
TerminateThread
GetTickCount
CreateMutexA
ReleaseMutex
QueryPerformanceCounter
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
EncodePointer
DecodePointer
VirtualProtect
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetCurrentThreadId
ExitThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
LeaveCriticalSection
EnterCriticalSection
GetLastError
MulDiv
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapSize
ExitProcess
HeapCreate
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
LCMapStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
LoadLibraryW
SetStdHandle
WriteConsoleW
FlushFileBuffers
InterlockedPushEntrySList
GlobalLock
InterlockedCompareExchange

user32

KillTimer
SetTimer
UpdateWindow
CharNextA
DialogBoxParamA
InvalidateRect
InflateRect
wsprintfA
GetActiveWindow
CopyRect
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
CallWindowProcA
IsWindowEnabled
GetWindow
GetKeyState
ReleaseCapture
GetCapture
SetCapture
SetFocus
GetWindowLongA
CharLowerA
DispatchMessageA
PeekMessageA
TranslateMessage
DestroyWindow
DrawFocusRect
GetFocus
GetSysColorBrush
FillRect
GetSysColor
SetCursor
PtInRect
GetCursorPos
DefWindowProcA
SetRectEmpty
SetDlgItemTextA
EndDialog
LoadIconA
SendDlgItemMessageA
SetWindowLongA
CreateWindowExA
LoadCursorA
GetClassInfoExA
RegisterClassExA
SetWindowPos
DrawTextA
GetWindowDC
EndPaint
GetClientRect
BeginPaint
IsWindow
MoveWindow
PostMessageA
MessageBoxA
ReleaseDC
GetDC
GetWindowTextA
GetParent
ScreenToClient
GetWindowRect
SetWindowTextA
ShowWindow
SendMessageA
GetDlgItem
UnregisterClassA
EnableWindow

gdi32

BitBlt
CreateDCA
GetPixel
CreateCompatibleBitmap
LineTo
MoveToEx
CreatePen
GetTextMetricsA
SelectObject
CreateFontIndirectA
CreateSolidBrush
SetBkColor
GetTextExtentPoint32A
DeleteDC
GetObjectA
CreateCompatibleDC
GetDeviceCaps
SetTextColor
GetStockObject
SetBkMode
DeleteObject

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyW
RegOpenKeyExA

shell32

Shell_NotifyIconA
SHGetFolderPathA
ShellExecuteExA
ShellExecuteA

ole32

CoUninitialize
CoCreateGuid
StringFromCLSID
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoGetClassObject
CoGetMalloc
OleRun
CoInitialize

oleaut32

VarUI4FromStr

comctl32

PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e2f13e3c1a25e21ffbd00fea227df0a

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wininet

version

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 339KB - Virtual size: 339KB

.rdata Size: 78KB - Virtual size: 78KB

.data Size: 11KB - Virtual size: 19KB

.rsrc Size: 106KB - Virtual size: 106KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 339KB - Virtual size: 339KB

.rdata
Size: 78KB - Virtual size: 78KB

.data
Size: 11KB - Virtual size: 19KB

.rsrc
Size: 106KB - Virtual size: 106KB

.reloc
Size: 25KB - Virtual size: 25KB