02f0c47c9ba0a431cae15e8345e12be1

Sharing

Copy URL

Twitter E-mail

General

Target

02f0c47c9ba0a431cae15e8345e12be1
Size

1.3MB
MD5

02f0c47c9ba0a431cae15e8345e12be1
SHA1

8b988fac53d79a844205a6412579dc6f0cbf5bcb
SHA256

eab6702e70b09a6478b692c7ff62cb8884d3ff52c75868f45a8338b9e10fa436
SHA512

aeacf3d874a645182aeff36f4d0d09d4ef7bbb34a2c8f0be23c95f76ab1b0526ec166758358999364ac8df20890127a06249075fc77b3d92b3018ffc0cc8182a
SSDEEP

24576:BQ505aRvHgqQWy0ixA/mf/KmlK/UC78f76+CyMAK0eQiUMB80eQiUMBOK:Bc05aRvAqQWIx0mJK/Zmm+xMPyiUMB8D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f0c47c9ba0a431cae15e8345e12be1

Files

02f0c47c9ba0a431cae15e8345e12be1
.exe windows:4 windows x86 arch:x86

ca6c2870e742a346cda4fce692db01ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetUserDefaultLangID
GetComputerNameA
GetDiskFreeSpaceExW
DeviceIoControl
GlobalMemoryStatusEx
CreateFileA
LoadLibraryA
GetCurrentProcessId
ExpandEnvironmentStringsW
CreateProcessW
GetTempPathW
SetUnhandledExceptionFilter
CreateThread
SetEvent
MoveFileW
CreateEventW
GetLogicalDriveStringsW
QueryDosDeviceW
lstrcpyW
lstrcatW
GetDriveTypeW
SetCurrentDirectoryW
OutputDebugStringW
FlushFileBuffers
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
GetVolumeInformationW
ExpandEnvironmentStringsA
FormatMessageA
GetSystemDirectoryA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
CreateFileMappingW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetCurrentDirectoryW
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
VirtualQuery
GetModuleHandleA
VirtualProtect
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemInfo
InterlockedCompareExchange
LockResource
FreeLibrary
GetLastError
GetPrivateProfileIntW
GetProcAddress
lstrcmpiW
LoadLibraryW
lstrlenA
GetFileSize
GetLocalTime
LocalFree
LocalAlloc
OpenProcess
GetSystemDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetTickCount
SetEndOfFile
WriteFile
CreateDirectoryW
GetFileAttributesW
SetFilePointer
GetCurrentThread
SetThreadPriority
MoveFileExW
DeleteFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WaitForSingleObject
Sleep
TerminateThread
WideCharToMultiByte
FreeResource
lstrlenW
ReadFile
InterlockedDecrement
RaiseException
MultiByteToWideChar
FlushInstructionCache
CreateFileW
InterlockedIncrement
GetCurrentProcess
UnmapViewOfFile
CloseHandle
MapViewOfFileEx
GetUserDefaultLCID
FindResourceExW
GetWindowsDirectoryW
GlobalAlloc
GetVersionExW
GlobalLock
LeaveCriticalSection
LoadLibraryExW
SetLastError
EnterCriticalSection
GetModuleFileNameW
FindResourceW
DeleteCriticalSection
LoadResource
InterlockedExchange
GetCurrentThreadId
GlobalFree
InitializeCriticalSection
SizeofResource
GetModuleHandleW
GlobalUnlock
GetPrivateProfileStringW
GetStringTypeW

user32

EnableWindow
GetWindowThreadProcessId
IntersectRect
KillTimer
ClientToScreen
SetTimer
SetWindowTextW
GetCursorPos
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
UnregisterClassA
DrawIconEx
SetCapture
SetWindowLongW
SystemParametersInfoW
GetParent
SetWindowPos
GetWindow
ReleaseCapture
RegisterWindowMessageW
AttachThreadInput
PostThreadMessageW
GetWindowRect
IsRectEmpty
SetForegroundWindow
GetDlgCtrlID
GetWindowLongW
InvalidateRect
CharNextW
GetClientRect
ShowWindow
PostMessageW
MapWindowPoints
MoveWindow
GetFocus
GetKeyState
SetRectEmpty
UpdateLayeredWindow
IsChild
WindowFromPoint
LoadIconW
GetScrollPos
DefWindowProcW
PtInRect
DrawTextW
IsDialogMessageW
CreateWindowExW
DestroyIcon
SendMessageW
RegisterClassExW
InflateRect
PeekMessageW
SetFocus
IsWindow
BeginPaint
SetRect
GetMessageW
TranslateMessage
FindWindowW
OffsetRect
DispatchMessageW
EndPaint
EqualRect
LoadImageW
SetCursor
GetNextDlgTabItem
LoadBitmapW
DestroyWindow
LoadCursorW
CallWindowProcW
MonitorFromWindow
GetActiveWindow
GetDlgItem
GetDC
GetMonitorInfoW
GetDesktopWindow
CopyRect
ReleaseDC
IsWindowVisible
IsWindowEnabled
FindWindowExW
UpdateWindow
BringWindowToTop
EnumDisplayDevicesA
ScreenToClient
GetWindowTextW
GetWindowTextLengthW
SetActiveWindow
GetForegroundWindow
SetWindowRgn
GetClassInfoExW

gdi32

GetTextMetricsW
SetViewportOrgEx
ExtTextOutW
DeleteObject
SetBkColor
CreateFontIndirectW
SaveDC
SelectObject
SelectClipRgn
CreateRectRgnIndirect
SetBkMode
GetObjectW
BitBlt
TextOutW
CreateCompatibleBitmap
CreateBitmap
GetStockObject
StretchBlt
GetViewportOrgEx
CreateDIBSection
CreateCompatibleDC
GetTextExtentPoint32W
RestoreDC
DeleteDC
GetTextColor
RoundRect
MoveToEx
GetClipRgn
LineTo
Rectangle
CreatePen
CombineRgn
CreateRectRgn
GetDeviceCaps
GetCurrentObject
RectInRegion
SetStretchBltMode
ExtSelectClipRgn
CreateRoundRectRgn
OffsetRgn
SetTextColor
CreateFontW

advapi32

DuplicateTokenEx
OpenProcessToken
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoInitializeEx
CoUninitialize
CoSetProxyBlanket
CoTaskMemAlloc
CoInitializeSecurity
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
CoCreateInstance
CoCreateGuid

oleaut32

VarUI4FromStr
SafeArrayUnlock
SysStringLen
VariantClear
VariantInit
SysAllocString
SysFreeString
SafeArrayLock

shlwapi

PathAppendW
PathFileExistsW
PathAddBackslashW
StrToIntW
PathRemoveFileSpecW
StrToIntA
PathFindFileNameW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

gdiplus

GdipSetPenMode
GdipSetPenStartCap
GdipDrawLine
GdipSetPenDashStyle
GdipCreateBitmapFromStream
GdipCreateFont
GdipSetPenEndCap
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipGetFamily
GdipAddPathStringI
GdipGetFontSize
GdipFillPath
GdipDrawImageI
GdipFillRectangle
GdipDrawPath
GdipDrawRectangleI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipMeasureString
GdipAddPathRectangleI
GdipDrawImageRectRect
GdipCreateFontFromLogfontW
GdipCreateHBITMAPFromBitmap
GdipFillRectangleI
GdipSetStringFormatLineAlign
GdipAddPathPieI
GdipGetImageWidth
GdipSetStringFormatFlags
GdipDrawImagePointsRectI
GdipCloneBrush
GdipGetImageHeight
GdipSetStringFormatTrimming
GdipSetClipPath
GdipDeleteBrush
GdipClosePathFigure
GdipSetInterpolationMode
GdipFree
GdipCreateBitmapFromScan0
GdipDeleteFontFamily
GdipDeletePath
GdipGetImagePixelFormat
GdipCreatePath
GdipCreateSolidFill
GdipDeleteFont
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawLinesI
GdipNewPrivateFontCollection
GdipLoadImageFromFile
GdipCreateFromHDC
GdipDeletePrivateFontCollection
GdipGraphicsClear
GdipCloneImage
GdipDrawImageRectI
GdipPrivateAddFontFile
GdipDrawString
GdipTranslateWorldTransform
GdipCreateLineBrushI
GdiplusStartup
GdipSetSmoothingMode
GdipGetFontCollectionFamilyCount
GdipRotateWorldTransform
GdipCloneBitmapArea
GdipSetTextRenderingHint
GdipDisposeImage
GdipCreateImageAttributes
GdipAlloc
GdipResetWorldTransform
GdipDisposeImageAttributes
GdiplusShutdown
GdipDrawImageRectRectI
GdipCreateStringFormat
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipSetImageAttributesColorMatrix
GdipDeleteStringFormat
GdipLoadImageFromStream
GdipDeletePen
GdipImageRotateFlip
GdipSetStringFormatAlign
GdipCreatePen1
GdipAddPathArcI

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

Sections

.text
Size: 664KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 536KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca6c2870e742a346cda4fce692db01ed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

iphlpapi

psapi

Sections

.text Size: 664KB - Virtual size: 662KB

.rdata Size: 136KB - Virtual size: 134KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 536KB - Virtual size: 532KB

.text
Size: 664KB - Virtual size: 662KB

.rdata
Size: 136KB - Virtual size: 134KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 536KB - Virtual size: 532KB