3f6e8278fcc03c2bf0ec3de62eaf395769d66be5665864655901366047a1ea35

Sharing

Copy URL Twitter E-mail

General

Target

3f6e8278fcc03c2bf0ec3de62eaf395769d66be5665864655901366047a1ea35
Size

2.9MB
MD5

24005cb63fc112ab7d8707023e2f6beb
SHA1

122d7b59db85094b3918017bd8a5b4309d116d90
SHA256

3f6e8278fcc03c2bf0ec3de62eaf395769d66be5665864655901366047a1ea35
SHA512

11a09ff7c11a8f2d00ffdd03ee55aac90c991676575908315722b5457507d60a8c6f984ade3c1993158cbe6abf41f37ee47baddab60fc99d7d1dc6dec7f908c0
SSDEEP

49152:37GPGV6H2ld7YNGJlq2Yiuv7bhUt+rKfNQo5ecWxm:b8o82+hr6Qo5ec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f6e8278fcc03c2bf0ec3de62eaf395769d66be5665864655901366047a1ea35

Files

3f6e8278fcc03c2bf0ec3de62eaf395769d66be5665864655901366047a1ea35
.exe windows:6 windows x86 arch:x86

ac126d0c141fb9a35781556a5c5396a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
CreatePipe
PeekNamedPipe
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
CreateProcessW
OpenProcess
GetSystemInfo
GetVersionExW
VirtualQuery
GetModuleFileNameW
GlobalFlags
LocalFree
FormatMessageW
CopyFileW
IsBadReadPtr
IsBadWritePtr
SetSystemPowerState
MultiByteToWideChar
WideCharToMultiByte
GenerateConsoleCtrlEvent
GetQueuedCompletionStatus
SetEvent
ResetEvent
CreateEventW
Sleep
CreateThread
SetThreadPriority
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
SetLocalTime
FileTimeToSystemTime
LoadLibraryExW
lstrcmpiW
VerSetConditionMask
VerifyVersionInfoW
GetModuleFileNameA
LoadLibraryExA
FormatMessageA
CreateIoCompletionPort
PostQueuedCompletionStatus
TerminateThread
GetStringTypeW
SetStdHandle
HeapQueryInformation
SetEnvironmentVariableW
GetFileAttributesExW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
CreateFileW
MoveFileExW
FlushFileBuffers
GetCPInfo
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetCurrentThread
SetConsoleCtrlHandler
WriteFile
HeapValidate
QueryPerformanceFrequency
DuplicateHandle
GetCommandLineA
WriteConsoleW
GetFileType
GetStdHandle
GetModuleHandleExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCommandLineW
GetUserDefaultLCID
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
GetTickCount
ExitProcess
ReadFile
DebugBreak
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalAlloc
OutputDebugStringW
GetLocalTime
CreateWaitableTimerW
SetWaitableTimer
CloseHandle
GetModuleHandleW
GetCurrentThreadId
LeaveCriticalSection
IsDebuggerPresent
GetTimeZoneInformation
WritePrivateProfileStringW
GetPrivateProfileStringW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTempPathW
TryEnterCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
SystemTimeToFileTime
LocalAlloc
LocalFileTimeToFileTime
IsBadStringPtrW
IsBadStringPtrA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetEndOfFile
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
GetLastError
RaiseException
FreeEnvironmentStringsW
DecodePointer

user32

CallWindowProcW
GetCursorPos
TrackPopupMenu
DeleteMenu
ModifyMenuW
AppendMenuW
InsertMenuW
GetMenuItemCount
GetSubMenu
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
CreateMenu
GetMenu
RegisterClassExW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetMonitorInfoW
MonitorFromWindow
FillRect
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
SetActiveWindow
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetClassInfoExW
IsWindowVisible
GetSysColor
CharNextW
GetDlgItem
PostQuitMessage
TranslateAcceleratorW
UnregisterClassW
DestroyCursor
DestroyIcon
MessageBoxW
SendMessageW
IsWindow
DestroyWindow
ShowWindow
MoveWindow
SetWindowPos
InvalidateRect
GetWindowTextW
IsMenu
IsChild
IsIconic
GetNextDlgTabItem
GetDlgCtrlID
IsWindowEnabled
SetMenu
GetSystemMenu
DrawIcon
BeginPaint
EndPaint
SetWindowRgn
IntersectRect
GetClassNameW
GetLastActivePopup
IsDialogMessageW
WinHelpW
RedrawWindow
MessageBeep
ClientToScreen
OffsetRect
SetRect
PtInRect
DrawTextW
IsZoomed
GetTopWindow
EnumDisplaySettingsW
WaitForInputIdle
AttachThreadInput
ExitWindowsEx
CopyImage
LoadImageW
LoadIconW
GetWindowTextLengthW
GetWindowLongW
SetWindowLongW
SetParent
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
DefWindowProcW
SetFocus
GetFocus
GetKeyState
EnableWindow
SetWindowTextW
GetWindowRect
AdjustWindowRectEx
SetCursor
ScreenToClient
EqualRect
GetParent
GetWindow
wsprintfW
MsgWaitForMultipleObjects
GetSystemMetrics
GetDC
GetWindowDC
ReleaseDC
GetClientRect
LoadStringW
PostMessageW
RegisterClassW
GetClassInfoW
CreateWindowExW
GetActiveWindow
SetTimer
SetPropW
GetPropW
RemovePropW
GetDesktopWindow
LoadCursorW
IsRectEmpty

gdi32

CreateSolidBrush
SetBkColor
SetTextColor
CreateEllipticRgn
CreateRoundRectRgn
GetClipBox
ExcludeClipRect
GetObjectType
GetTextMetricsW
SetBkMode
CombineRgn
CreateBitmap
GetTextExtentPoint32W
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
ExtCreateRegion
GetPixel
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
SetMapMode
SetPixel
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
GetObjectW
SetDIBColorTable
CreateDIBSection
GdiAlphaBlend
SetStretchBltMode
StretchBlt
SelectPalette
SelectObject
RealizePalette
GetSystemPaletteEntries
GetStockObject
GetDIBits
GetDeviceCaps
DeleteDC
CreatePalette
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateBrushIndirect
CreateFontIndirectW
DeleteObject

advapi32

RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegSetValueExW
RegQueryValueExW
RegQueryValueW

shell32

Shell_NotifyIconW
DragAcceptFiles
DragFinish
DragQueryFileW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoTaskMemFree
CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromString
IIDFromString
CLSIDFromProgID
OleRun
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr
GetActiveObject
VarUdateFromDate
OleCreatePictureIndirect
OleCreateFontIndirect
RegisterTypeLi
LoadTypeLi
LHashValOfNameSys
VarCmp
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysStringLen
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy

sqlite3

sqlite3_close_v2
sqlite3_exec
sqlite3_free
sqlite3_open_v2
sqlite3_prepare_v2
sqlite3_step
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_finalize
sqlite3_column_text

gdiplus

GdipSetCompositingMode
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipDrawImageRectI
GdipAlloc

uxtheme

SetWindowTheme

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 966KB - Virtual size: 966KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac126d0c141fb9a35781556a5c5396a7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

sqlite3

gdiplus

uxtheme

ws2_32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 966KB - Virtual size: 966KB

.data Size: 15KB - Virtual size: 91KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 84KB - Virtual size: 83KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 966KB - Virtual size: 966KB

.data
Size: 15KB - Virtual size: 91KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 84KB - Virtual size: 83KB