d8400ab65cf912e75600e28b4ee4c6ae8cd17516f16d2de5e3d9b3ab5c963ef9

Sharing

Copy URL Twitter E-mail

General

Target

d8400ab65cf912e75600e28b4ee4c6ae8cd17516f16d2de5e3d9b3ab5c963ef9
Size

6.6MB
MD5

9e4cb313f28c46393b18326a94771460
SHA1

85b7be1be346b26fb11f2f11b4dbf1b167274ade
SHA256

d8400ab65cf912e75600e28b4ee4c6ae8cd17516f16d2de5e3d9b3ab5c963ef9
SHA512

b6cf2b349a2056b59f738d3c79e4bdb472ff3e495a572bb2dc887eda791fb793ac2c5826fb191ad9c9837158d69a3d4a07646cede60b76920986ea07a70ec3cc
SSDEEP

98304:Oi3g+AEVCsjthVqmO5kKMky4bGR2HzJr5ky5m8XD2HF5t:l37Tjth/YkFR2TJNT5m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8400ab65cf912e75600e28b4ee4c6ae8cd17516f16d2de5e3d9b3ab5c963ef9

Files

d8400ab65cf912e75600e28b4ee4c6ae8cd17516f16d2de5e3d9b3ab5c963ef9
.exe windows:5 windows x86 arch:x86

92ba07ab5c52f0940faa8b1a42f8b8a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_Create
InitCommonControlsEx

winmm

waveOutClose
waveOutUnprepareHeader
waveOutGetDevCapsW
waveOutGetNumDevs
waveOutSetVolume
waveOutReset
joyGetPosEx
joyGetDevCapsW
timeGetDevCaps
timeKillEvent
timeEndPeriod
timeSetEvent
timeBeginPeriod
waveOutWrite
waveOutOpen
waveOutPrepareHeader
timeGetTime
waveOutPause

opengl32

wglCreateContext
wglMakeCurrent
wglDeleteContext
wglGetProcAddress

wsock32

connect
gethostname
socket
send
ioctlsocket
recv
htons
WSAStartup
select
gethostbyname
closesocket
__WSAFDIsSet
setsockopt
htonl
inet_addr
gethostbyaddr
listen
bind
accept
WSAGetLastError

avifil32

AVIFileInit
AVIStreamSetFormat
AVIFileExit
AVIMakeCompressedStream
AVISaveOptions
AVIFileRelease
AVIFileOpenW
AVIStreamRelease
AVIFileCreateStreamW
AVIStreamWrite

shlwapi

PathIsRelativeW
PathFindExtensionW
SHDeleteKeyW
PathFindFileNameW

kernel32

UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
VirtualFree
RtlUnwind
SetStdHandle
GetFileType
ExitThread
ResumeThread
SetEnvironmentVariableA
SetEnvironmentVariableW
PeekNamedPipe
VirtualProtect
VirtualAlloc
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
WriteConsoleW
ReleaseSemaphore
WaitForSingleObject
CreateEventW
Sleep
ResetEvent
CreateSemaphoreW
ReadFile
WriteFile
CreateFileW
GetLastError
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpynW
lstrcpyW
SetCurrentDirectoryW
lstrlenW
LoadLibraryW
FileTimeToSystemTime
GetTimeFormatW
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetFileTime
WideCharToMultiByte
lstrcmpiW
lstrcmpW
GetVersionExW
InterlockedDecrement
LocalAlloc
SetEvent
LocalFree
InterlockedIncrement
FormatMessageW
GetModuleHandleA
GetModuleHandleW
WaitForMultipleObjects
GetSystemInfo
CreateThread
CreateMutexW
ReleaseMutex
CopyFileA
MoveFileExA
CreateFileA
SetFilePointerEx
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
SetWaitableTimer
CreateWaitableTimerW
QueryPerformanceFrequency
GetFileSize
QueryPerformanceCounter
GetLogicalDrives
FindFirstFileW
GetCommandLineW
FindNextFileW
SetErrorMode
FindClose
SetFileAttributesW
lstrcatW
GetCurrentDirectoryW
GetDriveTypeW
MultiByteToWideChar
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCurrentThread
GetCurrentProcess
WaitForSingleObjectEx
DuplicateHandle
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
GetCurrentThreadId
RaiseException
DecodePointer
EncodePointer
SetLastError
AreFileApisANSI
GetTempPathW
GetFileAttributesExW
DeleteFileW
CreateDirectoryW
CreateMutexA
ExitProcess
GetModuleFileNameA
GetStdHandle
GetACP
SetEndOfFile
GetConsoleMode
ReadConsoleW
GetConsoleCP
HeapAlloc
HeapFree
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
HeapReAlloc
FlushFileBuffers
HeapSize
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetFullPathNameW

user32

ValidateRect
GetDlgItemTextW
IsDlgButtonChecked
TranslateAcceleratorW
GetUpdateRect
TranslateMessage
SendDlgItemMessageA
SendMessageA
SetCapture
SetCursor
wsprintfW
PeekMessageW
SetMenuItemInfoW
GetDlgCtrlID
DispatchMessageW
GetDlgItemTextA
RegisterDeviceNotificationW
ShowWindow
GetActiveWindow
GetSubMenu
LoadAcceleratorsW
CreatePopupMenu
UnregisterClassW
GetMenuItemCount
SetActiveWindow
GetMessageW
CreateDialogParamW
GetMenuItemInfoW
LoadMenuW
RemoveMenu
CheckDlgButton
PostQuitMessage
LoadImageW
SetCursorPos
GetCursorPos
EnableWindow
GetMenu
GetWindowPlacement
SetWindowPlacement
CallWindowProcW
DrawMenuBar
GetKeyState
DestroyCursor
DestroyAcceleratorTable
GetSystemMetrics
DefWindowProcW
MapVirtualKeyW
RegisterClassExW
GetAsyncKeyState
SetTimer
GetSysColor
IsWindowEnabled
SetFocus
LoadCursorW
GetSysColorBrush
UpdateWindow
InvalidateRect
BeginPaint
EndPaint
GetForegroundWindow
SetDlgItemTextW
SendDlgItemMessageW
LoadIconW
SetScrollInfo
GetScrollInfo
MapDialogRect
SetScrollPos
ScrollWindow
GetParent
GetWindowTextW
ChangeDisplaySettingsW
EnumDisplayDevicesW
EnumDisplaySettingsW
ReleaseDC
GetWindowLongW
AdjustWindowRectEx
GetWindowRect
GetDC
SetWindowPos
MonitorFromWindow
CreateWindowExW
ScreenToClient
SendMessageW
EndDialog
SetWindowTextW
RedrawWindow
GetMonitorInfoW
MoveWindow
SetWindowLongW
GetDlgItem
DialogBoxParamW
OffsetRect
ClientToScreen
GetClientRect
MessageBoxW
IsIconic
MessageBoxA
PostMessageW
InsertMenuItemW
MapWindowPoints
SetMenu
DestroyWindow
ReleaseCapture

gdi32

GetDeviceCaps
GetTextMetricsW
GetTextExtentPoint32W
CreateICW
GetStockObject
SetTextColor
DeleteObject
CreateFontIndirectW
ChoosePixelFormat
SwapBuffers
SetPixelFormat
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchDIBits
DeleteDC
ExtTextOutW
SetBkColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

CommandLineToArgvW
ShellExecuteW
DragQueryFileW
SHGetMalloc
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

d3d9

Direct3DCreate9

ddraw

DirectDrawCreate

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 873KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 391KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92ba07ab5c52f0940faa8b1a42f8b8a4

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

winmm

opengl32

wsock32

avifil32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

d3d9

ddraw

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 873KB - Virtual size: 872KB

.data Size: 391KB - Virtual size: 3.6MB

_RDATA Size: 2KB - Virtual size: 2KB

.rsrc Size: 540KB - Virtual size: 539KB

.reloc Size: 302KB - Virtual size: 301KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 873KB - Virtual size: 872KB

.data
Size: 391KB - Virtual size: 3.6MB

_RDATA
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 540KB - Virtual size: 539KB

.reloc
Size: 302KB - Virtual size: 301KB