63a716809e490e2d9bb1ee7c464e6f11b41b1f920990f0e14253662972aee7d6

Sharing

Copy URL Twitter E-mail

General

Target

63a716809e490e2d9bb1ee7c464e6f11b41b1f920990f0e14253662972aee7d6
Size

3.9MB
MD5

1200d17788a2947bbedc15ba5e773b7a
SHA1

018450df424156f1ab0df0964f25f62fb8fc131a
SHA256

63a716809e490e2d9bb1ee7c464e6f11b41b1f920990f0e14253662972aee7d6
SHA512

9c1cdfda062ebbccf182e58a8f5ca6f288d36af380db504338e5a2133db626ed0a0de91ff1fcbc2a77f9c5b0086c8d52838318b53cc3f4c9ec2e06d8157602b0
SSDEEP

98304:I8Gm91p+e0MuxHFhMPoPmTgSk6BIIakMhzLBuRSa6HQbOQoDwh/X5:EcR5EULMhzLBhXHEOd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63a716809e490e2d9bb1ee7c464e6f11b41b1f920990f0e14253662972aee7d6

Files

63a716809e490e2d9bb1ee7c464e6f11b41b1f920990f0e14253662972aee7d6
.exe windows:5 windows x86 arch:x86

99dadf904ed797e4684a1efa7acbf409

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
RtlUnwind
ExitThread
HeapQueryInformation
GetSystemInfo
VirtualQuery
SetStdHandle
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
SetFilePointerEx
ReadConsoleW
FindResourceExW
GetModuleHandleExW
OutputDebugStringW
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
SearchPathW
GetProfileIntW
SetConsoleMode
ReadConsoleInputA
FlushConsoleInputBuffer
GetVersionExA
GlobalMemoryStatus
GetVersion
GetEnvironmentVariableW
WriteProcessMemory
IsWow64Process
VirtualProtectEx
FlushInstructionCache
InterlockedCompareExchange
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
GetTimeZoneInformation
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
GetWindowsDirectoryW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalGetAtomNameW
SuspendThread
SetThreadPriority
CreateEventW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
lstrcmpA
GetVersionExW
FindNextFileW
FindFirstFileW
FileTimeToLocalFileTime
CopyFileW
MulDiv
GlobalSize
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
GetThreadLocale
GlobalFree
FreeResource
GetModuleHandleW
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileSize
GetFileInformationByHandle
FileTimeToSystemTime
SetFileTime
WriteFile
LocalFileTimeToFileTime
ReadFile
SetFilePointer
CreateFileW
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentDirectoryW
LocalFree
FormatMessageW
MoveFileExW
GetTempPathW
GetPrivateProfileStringW
GetACP
GetComputerNameA
CreateProcessW
WaitForSingleObject
GetExitCodeThread
GetExitCodeProcess
ResumeThread
GetModuleFileNameA
GetPrivateProfileStringA
FindClose
FindNextFileA
FindFirstFileA
GetFileAttributesA
OpenMutexA
WritePrivateProfileStringW
GetTickCount
GetPrivateProfileIntW
SetEvent
ReleaseMutex
CreateMutexW
GetModuleFileNameW
GetLastError
SystemTimeToFileTime
GetSystemTime
DeleteCriticalSection
WaitForMultipleObjects
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
CompareStringW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
CreateDirectoryW
GetFileAttributesW
VirtualAlloc
Thread32Next
GetCurrentProcessId
Thread32First
CreateToolhelp32Snapshot
CloseHandle
OpenThread
VirtualProtect
SetThreadContext
OpenProcess
QueryDosDeviceW
WideCharToMultiByte
ReadProcessMemory
GetProcAddress
GetModuleHandleA
TerminateThread
VirtualQueryEx
ExitProcess
GetCurrentThread
GetThreadContext
GetCurrentThreadId
VirtualAllocEx
GetCurrentProcess
TerminateProcess
Sleep
PeekNamedPipe
CreateThread

user32

RegisterClipboardFormatW
LoadMenuW
InflateRect
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
FillRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
MessageBeep
GetNextDlgGroupItem
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetClassNameW
GetClassLongW
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
CopyImage
SetMenu
GetMenu
GetCapture
GetKeyState
PostThreadMessageW
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
PtInRect
CharNextW
GetDlgCtrlID
GetDlgItem
MapDialogRect
SetWindowContextHelpId
UnhookWindowsHookEx
IsRectEmpty
OffsetRect
IntersectRect
SetRect
GetWindowRect
InvalidateRgn
CopyAcceleratorTableW
IsWindowEnabled
SetCapture
GetFocus
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
MessageBoxA
RegisterWindowMessageW
SendMessageW
GetParent
EnableWindow
SetFocus
SetWindowPos
wsprintfW
UnregisterClassW
LoadCursorW
UpdateWindow
GetWindowTextW
SetForegroundWindow
GetTopWindow
WaitForInputIdle
SetTimer
EqualRect
IsWindowVisible
IsWindow
ReleaseDC
GetDC
SetLayeredWindowAttributes
SetWindowLongW
EnumThreadWindows
CreatePopupMenu
InsertMenuItemW
SetRectEmpty
LoadImageW
UnpackDDElParam
ReuseDDElParam
GetMenuDefaultItem
DestroyCursor
DrawIconEx
CreateMenu
GetWindowThreadProcessId
GetDesktopWindow
GetWindow
GetSysColorBrush
RealChildWindowFromPoint
WaitMessage
WindowFromPoint
DeleteMenu
DestroyIcon
GetSubMenu
CharUpperW
GetProcessWindowStation
GetUserObjectInformationW
PostMessageW
MessageBoxW
PostQuitMessage
LoadIconW
KillTimer
GetSystemMenu
AppendMenuW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
DrawStateW
CopyRect
FrameRect
GetWindowLongW
InvalidateRect
ReleaseCapture
ShowWindow
SystemParametersInfoW
GetWindowRgn
SetWindowRgn
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
GetWindowTextA
GetClassNameA
DefFrameProcW
DrawMenuBar
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
DrawFocusRect
ToUnicodeEx
LockWindowUpdate
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
DrawFrameControl
DrawEdge
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetParent
UnionRect
GetKeyNameTextW
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
EndDeferWindowPos
GetKeyboardState

gdi32

CreateHatchBrush
CreatePen
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
SetTextColor
CreateFontIndirectW
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
CreatePalette
CreateDCW
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
SetBkColor
GetTextColor
GetDeviceCaps
GetBkColor
GetRgnBox
CreateRectRgnIndirect
CombineRgn
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateDIBSection
GetTextExtentPoint32W
CreatePatternBrush
CreateRectRgn
GetStockObject
Rectangle
GetObjectW
StretchBlt
CopyMetaFileW
GetNearestPaletteIndex
CreateBitmap
CreateCompatibleDC
ScaleWindowExtEx
GetPixel

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegisterEventSourceA
DeregisterEventSource
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetUserNameA
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
ReportEventA

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
SHGetFileInfoW
ShellExecuteW
SHAppBarMessage
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
SHDeleteKeyW
PathRemoveFileSpecW

uxtheme

GetWindowTheme
GetThemeSysColor
IsAppThemed
GetThemePartSize
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CLSIDFromProgID
CLSIDFromString
OleLockRunning
OleDuplicateData
ReleaseStgMedium
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysAllocStringLen
OleCreateFontIndirect
VariantChangeType
SafeArrayDestroy
VariantCopy
VarBstrFromDate
LoadTypeLi
SysStringLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysAllocString

oledlg

OleUIBusyW

ntdll

RtlAdjustPrivilege

ws2_32

WSACleanup
WSAStartup
gethostbyname
ntohs
WSAAddressToStringA
connect
ioctlsocket
htons
inet_addr
socket
closesocket
WSAGetLastError
send
recv
__WSAFDIsSet
select

iphlpapi

GetAdaptersInfo

psapi

GetModuleInformation
GetModuleFileNameExA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdiplusStartup
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cpp0
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99dadf904ed797e4684a1efa7acbf409

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ntdll

ws2_32

iphlpapi

psapi

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 482KB - Virtual size: 482KB

.data Size: 39KB - Virtual size: 84KB

.detourd Size: 512B - Virtual size: 12B

.detourc Size: 4KB - Virtual size: 4KB

.cpp0 Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 149KB - Virtual size: 149KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 482KB - Virtual size: 482KB

.data
Size: 39KB - Virtual size: 84KB

.detourd
Size: 512B - Virtual size: 12B

.detourc
Size: 4KB - Virtual size: 4KB

.cpp0
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 149KB - Virtual size: 149KB

.rsrc
Size: 18KB - Virtual size: 18KB