9f660f2b837525d5f9457d139befaf91549f00061d0140bad6cafea6622daa8f

Sharing

Copy URL Twitter E-mail

General

Target

9f660f2b837525d5f9457d139befaf91549f00061d0140bad6cafea6622daa8f
Size

2.5MB
MD5

6f6bfd8a9439e4399caa1de5cd80cea8
SHA1

099ebe6be7d7bbdfa12322a52a99571c14391211
SHA256

9f660f2b837525d5f9457d139befaf91549f00061d0140bad6cafea6622daa8f
SHA512

eacb079068e97665ce9420559b192ab2bedc3762938d278fa3e9fa0c092221539d5935df8b0c121433c7d52b9673cb4355798a5aca89ae51c328a7a6279419d7
SSDEEP

49152:ZHolZbWOC/DO5OB6XETztSLcBmUsR4mwjgTlHB6XQrrrKHLYG:ZH4yz9Bm/lMAr6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f660f2b837525d5f9457d139befaf91549f00061d0140bad6cafea6622daa8f

Files

9f660f2b837525d5f9457d139befaf91549f00061d0140bad6cafea6622daa8f
.exe windows:5 windows x64 arch:x64

0f6366a151ab89e903fc7ff199acf9f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetPrivateProfileStringA
GlobalFlags
GetACP
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetTickCount
GetProfileIntA
Sleep
SearchPathA
VirtualProtect
FindResourceExW
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlUnwindEx
EncodePointer
DecodePointer
RaiseException
RtlPcToFileHeader
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoW
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
GetTimeZoneInformation
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
IsValidCodePage
GetConsoleCP
GetConsoleMode
HeapSetInformation
GetVersion
HeapCreate
WritePrivateProfileStringA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
CompareStringW
LCMapStringW
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
lstrcmpA
GetModuleHandleW
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetCurrentProcessId
GetModuleFileNameA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetModuleHandleA
CompareStringA
LoadLibraryW
ActivateActCtx
DeactivateActCtx
lstrcmpW
GetLastError
SetLastError
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
GetPrivateProfileIntA
GetStdHandle
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
DeleteFileA
WriteFile
SetFileTime
GetCurrentDirectoryA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
ReadFile
CloseHandle
CreateFileA
SetFilePointer
GetFileAttributesA
SystemTimeToFileTime
FileTimeToSystemTime
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
TlsGetValue
SizeofResource
GetDriveTypeW

user32

DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
InvertRect
HideCaret
GetIconInfo
CopyImage
LoadImageA
GetNextDlgGroupItem
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
FrameRect
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
MapDialogRect
GetWindowRgn
CallNextHookEx
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
SetMenuDefaultItem
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetClassLongPtrA
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemInt
GetDlgItem
CheckDlgButton
GetWindow
GetClassNameA
LoadBitmapW
InvalidateRect
UpdateWindow
FillRect
DrawStateA
EnableWindow
MessageBoxA
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
SendMessageA
EnableMenuItem
GetSubMenu
LoadMenuW
GetClientRect
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
SetWindowRgn
NotifyWinEvent
MessageBeep
ReleaseCapture
WindowFromPoint
SetCapture
KillTimer
SetTimer
RedrawWindow
SetWindowsHookExA
GetSystemMenu
DeleteMenu
OffsetRect
IntersectRect
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
MapVirtualKeyA
GetKeyNameTextA
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CharUpperA
EndPaint
BeginPaint
GetWindowDC
DestroyAcceleratorTable
SetParent
DestroyIcon
WaitMessage
UnregisterClassA
SetScrollInfo
GetMenuDefaultItem
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
GetSystemMetrics
IsIconic
DrawIcon
wsprintfA
GetCursorPos
LoadCursorA
SetCursor
GetWindowRect
PtInRect
GetWindowLongA
SetWindowLongA
GetMessagePos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
IsChild
GetScrollPos
GetCapture

gdi32

SetLayout
GetLayout
SetTextAlign
CreateFontA
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetStockObject
GetObjectA
DeleteObject
SetPixelV
GetTextFaceA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
SelectClipRgn
GetTextColor
GetBkColor
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
CreateSolidBrush

shell32

ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragFinish
DragQueryFileA
SHBrowseForFolderA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

ws2_32

bind
ntohs
getsockname
WSAIoctl
getsockopt
select
__WSAFDIsSet
WSASetLastError
WSACleanup
getpeername
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
socket
inet_ntoa
gethostbyname
WSAStartup
send
WSAGetLastError
setsockopt
htons
inet_addr
connect
recv
closesocket
ntohl

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

CryptDestroyKey
CryptEncrypt
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptImportKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptGetHashParam

ole32

CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

wldap32

ord46
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord41

crypt32

CertFreeCertificateContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 611KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f6366a151ab89e903fc7ff199acf9f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

ws2_32

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

wldap32

crypt32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 611KB - Virtual size: 610KB

.data Size: 33KB - Virtual size: 81KB

.pdata Size: 91KB - Virtual size: 91KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 97KB - Virtual size: 100KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 611KB - Virtual size: 610KB

.data
Size: 33KB - Virtual size: 81KB

.pdata
Size: 91KB - Virtual size: 91KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 97KB - Virtual size: 100KB