820ed200bc6a229c686c6b7270b4ff51421e89ff33c25695813218abe0c56f93

Sharing

Copy URL Twitter E-mail

General

Target

820ed200bc6a229c686c6b7270b4ff51421e89ff33c25695813218abe0c56f93
Size

5.3MB
MD5

66759c61f7d2cb80e2ba4a476ffab900
SHA1

c4d765dcad795ac49dff2e7dad66eedfd931e965
SHA256

820ed200bc6a229c686c6b7270b4ff51421e89ff33c25695813218abe0c56f93
SHA512

252f411cd673803a5846837c40bad46e4dc6f6f6d45ab1acb2184af9b68dc8143ecc92eebd51c9779194be5b35b6a308552f732f3cccf1cd8b99f30ebdd439a1
SSDEEP

98304:x6m40JrWaOpnqRMnwAg5h1xgWIOQD7aKTbNK9xT21ayL/k1sbIIlH:gIJrWaO5vwACzMIKTMuky7kG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
820ed200bc6a229c686c6b7270b4ff51421e89ff33c25695813218abe0c56f93

Files

820ed200bc6a229c686c6b7270b4ff51421e89ff33c25695813218abe0c56f93
.exe windows:5 windows x86 arch:x86

dbd9214535abd3ad95f5dbb4b9d20aac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
Process32NextW
Process32FirstW
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
DeleteCriticalSection
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableW
RemoveDirectoryW
Sleep
SetEndOfFile
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
HeapSize
HeapReAlloc
ReadConsoleW
GetConsoleMode
HeapAlloc
GetStringTypeW
HeapFree
CloseHandle
GetLastError
CreateMutexW
MoveFileExW
CreateProcessW
FindClose
LCMapStringW
GetACP
ExitProcess
WriteConsoleW
GetFileType
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
EncodePointer
SetLastError
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
OutputDebugStringW
IsDebuggerPresent
GetCurrentProcessId
GetModuleHandleA
GetFileSize
WideCharToMultiByte
MultiByteToWideChar
SetFilePointer
GlobalSize
MulDiv
GetTickCount
GlobalUnlock
GlobalLock
GlobalAlloc
VerSetConditionMask
VerifyVersionInfoW
GlobalFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
QueryPerformanceFrequency
FileTimeToSystemTime
LocalFileTimeToFileTime
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
GetModuleHandleW
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
lstrcmpW
FindResourceW
LoadResource
InterlockedCompareExchange
GetCommandLineW
GetModuleFileNameW
GetTempPathW
GetFileAttributesW
LoadLibraryW
GetProcAddress
FreeLibrary
ReadFile
WriteFile
CreateFileW
DeleteFileW
GetCurrentDirectoryW
CopyFileW
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
WaitForSingleObject
CreateEventW
SetEvent
ResetEvent
SetThreadPriority
GetCurrentThreadId
TerminateThread
SizeofResource
GetCurrentProcess
GetStdHandle

user32

IsWindowEnabled
GetDesktopWindow
FindWindowW
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetKeyState
GetAsyncKeyState
GetSysColor
ClientToScreen
UnregisterClassW
MapWindowPoints
CharNextW
SetCursor
UnionRect
SetForegroundWindow
PostQuitMessage
MessageBoxW
SetWindowRgn
OffsetRect
MonitorFromPoint
IsZoomed
PtInRect
UpdateLayeredWindow
IntersectRect
IsRectEmpty
GetClientRect
GetUpdateRect
MoveWindow
EndPaint
BeginPaint
ReleaseCapture
SetCapture
GetFocus
GetCursorPos
ScreenToClient
InvalidateRect
SetWindowTextW
GetDC
GetPropW
SetPropW
CallWindowProcW
SendMessageW
GetSystemMetrics
LoadImageW
SetWindowPos
IsIconic
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
ShowWindow
SetFocus
EnableWindow
GetWindow
IsWindowVisible
IsWindow
SetWindowLongW
GetClassInfoExW
RegisterClassW
LoadCursorW
ReleaseDC
GetParent
GetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
CreateWindowExW
WaitMessage
RegisterClassExW
DispatchMessageW
SetTimer
PeekMessageW
MsgWaitForMultipleObjectsEx
CallMsgFilterW
GetQueueStatus
TranslateMessage
KillTimer

advapi32

RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

OleUninitialize
CoCreateInstance
OleInitialize
CoInitializeEx
CreateStreamOnHGlobal

shlwapi

PathIsRelativeW
StrCmpW
StrCatW

winmm

timeGetTime
timeSetEvent
timeKillEvent

gdiplus

GdipCreateBitmapFromStream
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipCreateHBITMAPFromBitmap
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateMatrix
GdipDeleteMatrix
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipRotateMatrix
GdipCreatePen1
GdipClonePen
GdipSetPenWidth
GdipGetPenWidth
GdipSetPenColor
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenDashCap197819
GdipGetPenStartCap
GdipGetPenEndCap
GdipGetPenDashCap197819
GdipSetPenLineJoin
GdipGetPenLineJoin
GdipSetPenDashStyle
GdipGetPenDashStyle
GdipDeletePen
GdipCreateSolidFill
GdipFree
GdipCloneBrush
GdipCreateBitmapFromHBITMAP
GdipCreateTexture
GdipCreatePath
GdipClonePath
GdipResetPath
GdipSetPathFillMode
GdipGetPathFillMode
GdipStartPathFigure
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathLine2I
GdipAddPathBezierI
GdipAddPathCurveI
GdipAddPathRectangleI
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathPieI
GdipAddPathPolygonI
GdipGetPathWorldBoundsI
GdipIsVisiblePathPointI
GdipIsOutlineVisiblePathPointI
GdipTransformPath
GdipDeletePath
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangle
GdipDrawLineI
GdipSetSmoothingMode
GdipDrawBezierI
GdipDrawRectangleI
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCreateBitmapFromFile
GdipSetStringFormatTrimming
GdiplusShutdown
GdiplusStartup
GdipDeleteBrush
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipScaleMatrix
GdipTranslateMatrix
GdipMeasureString
GdipFillPath
GdipDrawPath
GdipFillEllipseI
GdipSetStringFormatLineAlign
GdipDrawString
GdipDrawEllipseI

comctl32

ord17
_TrackMouseEvent

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

msimg32

AlphaBlend

gdi32

CreateFontIndirectW
DeleteObject
BitBlt
GetObjectW
SelectObject
CreateDIBSection
StretchBlt
CreateCompatibleDC
DeleteDC
GetStockObject
ExtSelectClipRgn
CreateRectRgnIndirect
GetObjectA
SetStretchBltMode
SetWindowOrgEx
GetWindowOrgEx
RestoreDC
CreateRoundRectRgn
GetDeviceCaps
SaveDC

Sections

.text
Size: 526KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbd9214535abd3ad95f5dbb4b9d20aac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

winmm

gdiplus

comctl32

imm32

msimg32

gdi32

Sections

.text Size: 526KB - Virtual size: 525KB

.rdata Size: 114KB - Virtual size: 114KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 526KB - Virtual size: 525KB

.rdata
Size: 114KB - Virtual size: 114KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

.reloc
Size: 30KB - Virtual size: 29KB