fb9801537573868ec87dde285c252e73

Sharing

Copy URL Twitter E-mail

General

Target

fb9801537573868ec87dde285c252e73
Size

1.0MB
MD5

fb9801537573868ec87dde285c252e73
SHA1

e0716afd79b466bc531321b459717add1848bd2f
SHA256

df606d26abae31348740bab551bed2968d088796414922a26007e2b2a077a562
SHA512

0e087fdf8ba25c767914c98ec80e8ce6c1b4555c16bb40dc2dc837e314dc3ce401ca785b4afcc6dfab9220042b7a516883641d513010db0bdb24b522727816d9
SSDEEP

24576:nADbJQcUP2vbvF3eXo+DpiqUc+FhUK3USl1DLSY:nADOCvbvF3eXoGUE+FN3UISY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb9801537573868ec87dde285c252e73

Files

fb9801537573868ec87dde285c252e73
.exe windows:5 windows x86 arch:x86

09c4efb6cb739551bba2552057328b14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
HeapCreate
HeapDestroy
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
HeapReAlloc
CreateThread
ExitThread
SetConsoleCtrlHandler
FatalAppExitA
GetTimeZoneInformation
GetStdHandle
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
Sleep
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameA
GetOEMCP
GetCPInfo
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalAddAtomA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
CloseHandle
CopyFileA
GlobalSize
FormatMessageA
LocalFree
MulDiv
GetTickCount
GetCurrentProcessId
GetModuleFileNameW
GlobalUnlock
GlobalFree
FreeResource
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
LockResource
InitializeCriticalSection
DeleteCriticalSection
RaiseException
GetModuleHandleW
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
lstrlenW
GetModuleFileNameA
lstrlenA
GetModuleHandleA
GetLastError
GetCurrentDirectoryA
OpenFile
_lclose
HeapAlloc
CreateEventA
WaitForSingleObject
LoadLibraryW
ReadFile
GetQueuedCompletionStatus
GetProcAddress
WriteFile
SetLastError
MultiByteToWideChar
GetProcessHeap
WideCharToMultiByte
GetStringTypeW
HeapFree

user32

GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenuEx
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CopyRect
GetDlgCtrlID
CallWindowProcA
PtInRect
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
ShowOwnedPopups
SetCursor
SetWindowsHookExA
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
SetFocus
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetDlgItemTextA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
SetWindowTextA
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
UnhookWindowsHookEx
RegisterClipboardFormatA
GetLastActivePopup
SetWindowContextHelpId
SetUserObjectSecurity
GetUserObjectSecurity
MessageBoxA
MoveWindow
MapDialogRect
SetWindowPos
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
PostQuitMessage
PostMessageA
IsIconic
DrawIcon
GetSystemMetrics
GetSystemMenu
AppendMenuA
LoadIconA
EnableWindow
CharNextW
IsWindow
IsWindowUnicode
CharNextA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
RegisterWindowMessageA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
PeekMessageA
SetDlgItemInt
ShowWindow
ScrollWindowEx
InflateRect
CallNextHookEx
DefWindowProcA
EndPaint
BeginPaint
IsDlgButtonChecked
LoadBitmapA
IsDialogMessageA
GetSysColor
CheckMenuRadioItem
GetMenu
GetWindowThreadProcessId
IsWindowVisible
GetWindowLongA
GetTopWindow
DestroyWindow
MapWindowPoints
GetClientRect
GetParent
ReleaseDC
GetDC
SendMessageA
RedrawWindow
TrackPopupMenu
GetCursorPos
GetWindow
GetMenuItemInfoA
DestroyMenu
FillRect
TabbedTextOutA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
LockWindowUpdate
GetDCEx
UnionRect
SetParent
MapVirtualKeyA
GetKeyNameTextA
KillTimer
SetTimer
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuBarInfo
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
SetRectEmpty
GetSysColorBrush
UnregisterClassA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharUpperA
DestroyIcon
GetDialogBaseUnits
WaitMessage
ReleaseCapture
LoadCursorA
WindowFromPoint
SetCapture
GetMenuItemID
DeleteMenu
DrawTextA

gdi32

SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateRectRgn
CreatePatternBrush
SelectPalette
SetColorAdjustment
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetTextMetricsA
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetCharWidthA
StretchDIBits
CreateCompatibleBitmap
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetClipRgn
CreateDIBPatternBrushPt
SelectClipRgn
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
ExtTextOutA
GetObjectA
GetClipBox
GetDCOrgEx
GetDeviceCaps
GetStockObject
PatBlt
CreateBitmap
CreateDCA
SetTextColor
GetTextExtentPoint32A
CopyMetaFileA
StretchBlt
CreateFontIndirectA
SelectObject
GetFontData
DeleteObject
CreateFontA
CreateCompatibleDC
PlayMetaFileRecord
TextOutA
DeleteDC
BitBlt
SetBkColor
SetBkMode
CreateDIBSection

comdlg32

GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
AddAccessAllowedAce
AddAce
GetAce
InitializeAcl
GetAclInformation
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegCreateKeyA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
ExtractIconA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHGetDesktopFolder

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathUnquoteSpacesA
PathCompactPathA
PathRemoveFileSpecW

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleDuplicateData
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
OleSetClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
StringFromCLSID
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
StringFromGUID2
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoRegisterClassObject
RevokeDragDrop
CoLockObjectExternal
CoRegisterMessageFilter
OleRun
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
SetConvertStg

oleaut32

SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
VariantCopy
SysAllocStringByteLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringByteLen
LoadRegTypeLi
SafeArrayAllocData
LoadTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
VarUI4FromStr
VarI4FromDate
VarI4FromBool
SysFreeString
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
SafeArrayAllocDescriptor
SafeArrayCopy
UnRegisterTypeLi
SafeArrayPtrOfIndex
SafeArrayGetElement

netapi32

NetFileEnum
NetApiBufferFree

avifil32

AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamGetFrame
AVIStreamGetFrameOpen
AVIStreamSampleToTime
AVIStreamLength
AVIStreamInfoA
AVIFileExit
AVIStreamOpenFromFileA
AVIFileInit

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

version

GetFileVersionInfoW

rpcrt4

NDRCContextBinding
RpcBindingInqAuthClientA

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

uxtheme

IsAppThemed

snmpapi

SnmpUtilMemReAlloc

ntdsapi

DsInheritSecurityIdentityA
DsIsMangledDnA
DsGetSpnW

Sections

.text
Size: 562KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09c4efb6cb739551bba2552057328b14

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

netapi32

avifil32

msvfw32

version

rpcrt4

imm32

oleacc

uxtheme

snmpapi

ntdsapi

Sections

.text Size: 562KB - Virtual size: 561KB

.rdata Size: 169KB - Virtual size: 169KB

.data Size: 14KB - Virtual size: 29KB

.rsrc Size: 282KB - Virtual size: 1.8MB

.text
Size: 562KB - Virtual size: 561KB

.rdata
Size: 169KB - Virtual size: 169KB

.data
Size: 14KB - Virtual size: 29KB

.rsrc
Size: 282KB - Virtual size: 1.8MB