79be68aa1ad39ffdd0b615801a0d8bacb7aa41dbdb8614173af7e77d2334c01a

Sharing

Copy URL

Twitter E-mail

General

Target

79be68aa1ad39ffdd0b615801a0d8bacb7aa41dbdb8614173af7e77d2334c01a
Size

2.1MB
MD5

f7f490d43c2dbcfc831c6676c0f0ddae
SHA1

c7e386de5ad6757507306f9cd3dd764a4325a479
SHA256

79be68aa1ad39ffdd0b615801a0d8bacb7aa41dbdb8614173af7e77d2334c01a
SHA512

3af3562d173dd43ada7bf48722d35d7ed8734c32196845f26011bb1389a257a5f490d5a0cf79a2a74cfbfb6520f8619ffde2830536766eab5e9821b750cae34c
SSDEEP

49152:qmKJTamdiJPaL/jW3GfdT6e+IVkbW7IlxtNs2tlFPubEb58oZm7f:vKJT0JP8/jW3Gfh6dakSIPubEbeo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79be68aa1ad39ffdd0b615801a0d8bacb7aa41dbdb8614173af7e77d2334c01a

Files

79be68aa1ad39ffdd0b615801a0d8bacb7aa41dbdb8614173af7e77d2334c01a
.dll windows:6 windows x86 arch:x86

7c632338a10b34771782c81d65bd0b6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundW

wininet

InternetGetConnectedState

libcurl

curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_setopt
curl_formadd
curl_formfree
curl_global_cleanup
curl_global_init
curl_slist_append
curl_slist_free_all

kernel32

TerminateProcess
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetCPInfo
CompareStringEx
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
UnhandledExceptionFilter
FindFirstFileW
GetModuleFileNameW
GetTempPathW
FindClose
CreateFileW
GetSystemDirectoryW
CloseHandle
GetWindowsDirectoryW
GetFileSize
GetTempFileNameW
GetModuleHandleW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
ReadFile
GetUserDefaultUILanguage
MultiByteToWideChar
CreateDirectoryW
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
Sleep
SearchPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
lstrcpyW
VirtualProtect
GlobalGetAtomNameW
GlobalFindAtomW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
CompareStringW
GlobalFlags
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
EncodePointer
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CopyFileW
MulDiv
GlobalFree
GlobalUnlock
GlobalSize
GlobalAddAtomW
GetPrivateProfileIntW
SetThreadPriority
WaitForSingleObject
lstrcmpiW
LoadLibraryA
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleA
GetVersionExW
GetCurrentThread
SetLastError
OutputDebugStringA
DeleteCriticalSection
DecodePointer
InitializeCriticalSectionEx
GetACP
WideCharToMultiByte
LocalFree
DeleteFileW
OutputDebugStringW
FormatMessageW
GetTickCount64

user32

DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
IntersectRect
InflateRect
GetMenuItemInfoW
DestroyMenu
DestroyIcon
LoadCursorW
SendMessageW
GetSysColorBrush
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
SetRect
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
FillRect
GetSysColor
ScreenToClient
EndPaint
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
UpdateWindow
KillTimer
SetTimer
RealChildWindowFromPoint
GetWindow
GetClassNameW
GetDesktopWindow
PtInRect
UnregisterClassW
PostMessageW
PostQuitMessage
CharUpperW
GetSystemMetrics
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ClientToScreen
GetWindowRect
GetWindowTextW
SetWindowTextW
GetDlgCtrlID
DeleteMenu
SystemParametersInfoW
CopyImage
GetClientRect
UnhookWindowsHookEx
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
RemoveMenu
AppendMenuW
InsertMenuW
CopyAcceleratorTableW
MessageBoxW
DestroyCursor
GetWindowRgn
ShowScrollBar
CreateMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetClipboardData

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetClipBox
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
DeleteDC
GetDeviceCaps
CreateDCW
CopyMetaFileW
CombineRgn
CreateCompatibleBitmap
CreateBitmap

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHGetPathFromIDListW
SHGetDesktopFolder
DragQueryFileW
SHGetFileInfoW
SHGetSpecialFolderLocation
DragFinish
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
OleTranslateAccelerator
CoDisconnectObject

oleaut32

VarBstrFromDate
SysAllocString
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VariantClear

shlwapi

StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

msimg32

TransparentBlt
AlphaBlend

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
DrawThemeParentBackground
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
GetCurrentThemeName
DrawThemeText

urlmon

URLDownloadToFileA

netapi32

Netbios

gdiplus

GdipAlloc
GdipFree
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipCloneImage
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

vcruntime140

__std_exception_destroy
__std_exception_copy
wcschr
wcsstr
__CxxFrameHandler3
memcpy
memmove
memset
memcmp
_CxxThrowException
wcsrchr
_except_handler4_common
__current_exception
__current_exception_context
__std_type_info_destroy_list
__uncaught_exception
memchr
__std_terminate
_purecall

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswscanf
__stdio_common_vsnwprintf_s
_fsopen
__stdio_common_vswprintf
fgetpos
_fseeki64
fsetpos
setvbuf
fopen_s
fflush
fseek
fclose
fwrite
ungetc
fread
_get_stream_buffer_pointers
fputc
fgetc
__stdio_common_vswprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-filesystem-l1-1-0

_waccess_s
_unlock_file
_wmakepath_s
_wsplitpath_s
_lock_file

api-ms-win-crt-runtime-l1-1-0

_endthread
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_resetstkoflw
_cexit
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
terminate
_errno
abort
_invalid_parameter_noinfo
_beginthread
_configure_narrow_argv

api-ms-win-crt-convert-l1-1-0

strtof
_wtol
strtoull
strtod
_wtoi
strtoll

api-ms-win-crt-string-l1-1-0

wcscspn
wcsspn
isspace
strlen
toupper
_wcslwr_s
_wcsicoll
_wcsdup
_wcsicmp
wcsncmp
towlower
towupper
iswprint
strcspn
isupper
islower
iswdigit
iswalpha
isdigit
wcscmp
wcspbrk
iswalnum
wcscpy_s
__strncnt
tolower
wcscat_s
wcslen
wcsnlen
wcscoll
wmemcpy_s
strcpy_s
_wcsupr_s
wcsncpy_s
iswspace

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
_msize
_expand
malloc

api-ms-win-crt-time-l1-1-0

_Getdays
_Getmonths
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_Gettnames
_Strftime
_localtime64_s
_mktime64
clock

api-ms-win-crt-utility-l1-1-0

rand_s
abs
ldiv
labs

api-ms-win-crt-locale-l1-1-0

__pctype_func
_unlock_locales
_lock_locales
localeconv
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___lc_codepage_func
setlocale

api-ms-win-crt-math-l1-1-0

cos
_dsign
atan2
floor
ceil
sin
frexp
_dclass
sqrt
exp

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c632338a10b34771782c81d65bd0b6a

Headers

DLL Characteristics

File Characteristics

Imports

winmm

wininet

libcurl

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

uxtheme

urlmon

netapi32

gdiplus

oleacc

imm32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 335KB - Virtual size: 335KB

.data Size: 23KB - Virtual size: 40KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 141KB - Virtual size: 140KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 335KB - Virtual size: 335KB

.data
Size: 23KB - Virtual size: 40KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 141KB - Virtual size: 140KB