091be6c738c9a6416fbcfb8beff0b078

Sharing

Copy URL Twitter E-mail

General

Target

091be6c738c9a6416fbcfb8beff0b078
Size

379KB
MD5

091be6c738c9a6416fbcfb8beff0b078
SHA1

795cb9cd745bae22840ab216607cf6debeda9139
SHA256

d452de6aee57d357cd91e9993a19a07dd3479ae042b052f56b7bad541208d61a
SHA512

2595a733f799c486db2a3c8e1d9db3ffb435f2f7b0b176e6a3af355fa034351e27af942d595e776a2944bb0946d0c95ac9ffc4895b7719f7223697692b20084f
SSDEEP

6144:ibl+/GgKcyurJ6azPd3Ig28a861HWaoTJqyTIKpe7kaJCZp3n+dvowymfUySZh9x:4M/GFcyW/Pd3DTJqDvnqwyFBoI/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
091be6c738c9a6416fbcfb8beff0b078

Files

091be6c738c9a6416fbcfb8beff0b078
.exe windows:4 windows x86 arch:x86

c69e82bfddd94fb3396361351a821e51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ord1111
ord1102
WSAGetLastError
ord1000
ord1115
ord1117
socket
getservbyport
ord1113
ord1104
ord1110
connect
WSAAsyncGetHostByName
ord1112
getsockname
ord1120
select
ord1130
getprotobynumber
ord1103
sendto
ord1101
getpeername
getprotobyname
inet_ntoa
ord1109
htonl
ord1119
ntohs
WSAAsyncSelect
WSAIsBlocking
ord1116
ord1141
setsockopt
WSAUnhookBlockingHook
recvfrom
ord1140
WSACancelBlockingCall
ntohl
send
inet_addr
WSAAsyncGetProtoByName
ord1108
recv
WSACancelAsyncRequest
getsockopt
ord1118

user32

GetLastActivePopup
LoadAcceleratorsA
OpenWindowStationW
BroadcastSystemMessageW
GetClassInfoA
FillRect
CharUpperA
LoadStringA
CreateDialogIndirectParamA
ClientToScreen
DdeQueryNextServer
RegisterWindowMessageA
IsCharLowerW
DdeInitializeW
GetMenuItemInfoW
GetClassInfoExW
ChangeDisplaySettingsA
ScrollWindowEx
BroadcastSystemMessage
UnregisterClassW
DrawMenuBar
TabbedTextOutA
GetListBoxInfo
CreateMenu
GetWindow
GetMenuItemRect
RemovePropA
DialogBoxIndirectParamA
EnumWindowStationsA
GetMenuInfo
GetShellWindow
GetUserObjectInformationW
SetClipboardViewer
PostThreadMessageA
GetClipboardFormatNameA
LoadCursorFromFileW
GetInputDesktop
CopyAcceleratorTableA
DefDlgProcA
CreateWindowExA
ValidateRgn
DispatchMessageW
SetWindowTextW
IsDlgButtonChecked
SetActiveWindow
CreateDesktopW
ShowWindowAsync
SubtractRect
EnumPropsExW
OffsetRect
DlgDirListA
ReleaseDC
DdeQueryStringA
SetPropA
CopyRect
DispatchMessageA
SetRect
RegisterClipboardFormatA
TranslateAccelerator
GetKeyboardLayoutNameW
GetWindowRect
GetWindowTextW
TrackPopupMenuEx
EnumClipboardFormats
ToAscii
EnableWindow
UpdateWindow
BeginPaint
SetMenuDefaultItem
ChangeMenuA
GetDlgItem
GetWindowModuleFileNameA
SetWindowRgn
GetOpenClipboardWindow
GetWindowTextA
GetWindowModuleFileNameW
OpenClipboard
SetWindowsHookExA
CheckMenuRadioItem
GetClassInfoExA
IsChild
EnumPropsExA
GetParent
GrayStringA
BlockInput
SetCapture
EnumDisplaySettingsExW
CreateCursor
ValidateRect
LoadMenuIndirectW
PostQuitMessage
GetGuiResources
ChangeClipboardChain
ShowScrollBar
EnumDisplaySettingsExA
GetSystemMenu
LoadCursorA
SetWindowContextHelpId
SetDlgItemInt
GetClipboardSequenceNumber
SetProcessWindowStation
SetClassLongW
MenuItemFromPoint
LoadMenuA
CharToOemBuffW
CreateCaret
DestroyIcon
DrawTextExA
WINNLSGetIMEHotkey
IsWindowEnabled
OpenDesktopW
KillTimer
EnumChildWindows
DialogBoxParamA
DrawStateA
GetSysColor
GetScrollRange
MessageBoxExW
SetDlgItemTextW
IsMenu
SetMenuContextHelpId
SendDlgItemMessageW
GetClipboardOwner
GetMenuItemInfoA
CharNextW
CharToOemBuffA
FindWindowA
IsDialogMessageW
IsRectEmpty
GetCursorPos
SetSystemCursor
BeginDeferWindowPos
GetFocus
IsZoomed
PeekMessageA
OemToCharA
LoadIconW
DragObject
GetMenuDefaultItem
OemKeyScan
DdeQueryConvInfo
ImpersonateDdeClientWindow
SetForegroundWindow
GetMenuCheckMarkDimensions
LoadCursorFromFileA
DlgDirListW
SetCursorPos
GetDialogBaseUnits
CloseWindowStation
GetTitleBarInfo
MsgWaitForMultipleObjectsEx
SetCaretPos
CreateWindowStationA
SetDebugErrorLevel
SetWindowsHookW
GetSubMenu
GetDesktopWindow
HideCaret
TabbedTextOutW
GetWindowPlacement
CharNextA
GetMenuContextHelpId
DlgDirListComboBoxA
DdeCreateDataHandle
NotifyWinEvent
GetAsyncKeyState
GetActiveWindow
GetWindowLongW
SendMessageTimeoutW
UnhookWindowsHookEx
CreateWindowExW
ToAsciiEx
DefDlgProcW
GetWindowThreadProcessId
VkKeyScanW
ToUnicode
CharUpperW
DdeConnect
BroadcastSystemMessageA
SetScrollInfo
CharUpperBuffA
EditWndProc
DrawTextA
LookupIconIdFromDirectoryEx
DlgDirSelectExA
ShowWindow
MessageBoxA
OemToCharBuffW
EnumPropsW
DrawStateW
ReuseDDElParam
MapVirtualKeyA
GetScrollPos
CopyImage
DdeSetUserHandle
ModifyMenuA
GetClientRect
CharPrevExA
SetMenuInfo
GetScrollInfo
IsClipboardFormatAvailable
FlashWindow
GetClassLongA
WINNLSEnableIME
SetMenuItemInfoW
DdeAbandonTransaction
CopyIcon
DdeFreeDataHandle
SetThreadDesktop
SetCaretBlinkTime
IsWindow
CallMsgFilterA
DeferWindowPos
ChangeDisplaySettingsW
GetKBCodePage
ScreenToClient
EnumWindows
DrawFrame
SetMessageExtraInfo
LoadMenuW
RegisterHotKey
DefMDIChildProcA
CheckDlgButton
GetClassLongW
SetProcessDefaultLayout
GetClassInfoW
GetWindowWord
GetDlgCtrlID
SetClassLongA
PaintDesktop
OpenDesktopA
GetMessageExtraInfo
DdePostAdvise
DestroyCaret
GetTopWindow
DrawFrameControl
SendNotifyMessageA
SwapMouseButton
DrawIconEx
CheckMenuItem
AttachThreadInput
SystemParametersInfoW
CloseDesktop
RemoveMenu
SendDlgItemMessageA
TileChildWindows
InsertMenuItemW
SendIMEMessageExA
EnumDisplaySettingsA
LoadBitmapA
CountClipboardFormats
RemovePropW
SendInput
AdjustWindowRectEx
GetMenuBarInfo
PostMessageW
GetDC
DestroyAcceleratorTable
ModifyMenuW
OpenInputDesktop
EndPaint
GetCaretBlinkTime
CreateDialogIndirectParamW
SetParent
GetMonitorInfoA
DdeReconnect
CharToOemW
MessageBoxExA
SystemParametersInfoA
GetKeyboardLayoutList
LoadBitmapW
GetDlgItemInt
ShowCursor
ShowOwnedPopups
WaitForInputIdle
EqualRect
DdeUnaccessData
AdjustWindowRect
SetPropW
SwitchDesktop
SetClipboardData
MessageBoxW
CallNextHookEx
GetNextDlgTabItem
DragDetect
GetKeyboardType
DdeGetLastError
RegisterClipboardFormatW
GetCursorInfo
AppendMenuA
CharLowerA
SetRectEmpty
GetClassNameA
UnhookWinEvent
CharNextExA
TileWindows
GetUpdateRect
GetUserObjectInformationA
GrayStringW
TranslateAcceleratorA
LoadImageA
GetIconInfo
TranslateMessage
DlgDirSelectExW
DrawIcon
RedrawWindow
CreateMDIWindowW
SetClassWord
DdeFreeStringHandle
SetMenuItemBitmaps
SetWindowWord
CreateIconFromResourceEx
ChangeDisplaySettingsExW
GetPropW
DialogBoxParamW
DdeAddData
UnregisterDeviceNotification
SetUserObjectInformationW
SetScrollPos
SetMenuItemInfoA
DdeSetQualityOfService
ChangeDisplaySettingsExA
DdeImpersonateClient
GetDlgItemTextA
GetClipboardData
GetQueueStatus
DefFrameProcW
LoadKeyboardLayoutW
GetKeyboardState
GetDCEx
SendNotifyMessageW

wininet

FindFirstUrlCacheGroup
LoadUrlCacheContent
HttpSendRequestW
SetUrlCacheGroupAttributeA
FtpGetFileA
InternetHangUp
InternetOpenUrlW
RunOnceUrlCache
FtpCreateDirectoryW
InternetSetDialState
HttpQueryInfoW
InternetWriteFileExA
FtpOpenFileA
InternetConfirmZoneCrossingW
DeleteUrlCacheGroup
InternetCombineUrlW
FtpCreateDirectoryA
InternetCloseHandle
InternetTimeToSystemTimeW
GopherGetAttributeW
GetUrlCacheEntryInfoA
HttpQueryInfoA
FtpCommandA
InternetCrackUrlW
CommitUrlCacheEntryA
InternetDial
SetUrlCacheConfigInfoW
FindFirstUrlCacheContainerW
InternetGoOnlineW
HttpSendRequestExW
InternetDialA
InternetCheckConnectionW
FtpGetFileSize
InternetSetOptionA
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryA
InternetWriteFile

advapi32

LookupPrivilegeDisplayNameA
CreateServiceW
CryptDestroyHash
CryptSignHashA
CryptCreateHash

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
WritePrivateProfileStructW
GetEnvironmentVariableA
WritePrivateProfileStringA
GlobalGetAtomNameA
GetVersionExW
GlobalFree
GetProcessVersion
SetConsoleActiveScreenBuffer
ReleaseSemaphore
CreateFileMappingW
GlobalDeleteAtom
SetFileTime
CommConfigDialogA
lstrcpyn
GetFullPathNameA
GetNamedPipeHandleStateA
FindResourceA
OpenFile
WriteConsoleA
lstrcmpA
OpenEventA
VirtualFree
GetPrivateProfileSectionNamesW
LoadLibraryExA
Module32Next
ReadProcessMemory
GlobalFindAtomA
DeleteCriticalSection
AllocConsole
BeginUpdateResourceW
OpenProcess
WaitForSingleObjectEx
GetExitCodeThread
SetCriticalSectionSpinCount
GetNumberFormatW
WaitForSingleObject
GlobalFix
EnumCalendarInfoExA
WriteConsoleOutputA
GetLocaleInfoW
HeapUnlock
GetSystemPowerStatus
CreateRemoteThread
FileTimeToLocalFileTime
lstrcmpiA
lstrcpy
GetHandleInformation
HeapCreate
CreateProcessW
GetFullPathNameW
TlsAlloc
Toolhelp32ReadProcessMemory
SetConsoleMode
TerminateThread
GetLogicalDriveStringsW
GetUserDefaultLCID
GetTimeZoneInformation
LeaveCriticalSection
GetCurrentThread
HeapSize
lstrcmpiW
GetPrivateProfileIntW
GetProcessHeap
GetProfileSectionW
FreeLibraryAndExitThread
HeapCompact
FlushConsoleInputBuffer
BeginUpdateResourceA
CompareFileTime

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c69e82bfddd94fb3396361351a821e51

Headers

File Characteristics

Imports

wsock32

user32

wininet

advapi32

kernel32

Sections

.text Size: 217KB - Virtual size: 216KB

.data Size: 162KB - Virtual size: 161KB

.text
Size: 217KB - Virtual size: 216KB

.data
Size: 162KB - Virtual size: 161KB