0f925fcfa7375703bb76a8f3cca4236f

Sharing

Copy URL Twitter E-mail

General

Target

0f925fcfa7375703bb76a8f3cca4236f
Size

556KB
MD5

0f925fcfa7375703bb76a8f3cca4236f
SHA1

1fec49ae2ba155af42ab6b662cec77232287437f
SHA256

d5aa75cac083d4e7789c0a7c60b1b855c9082228dd1c47e3f5839e2522c294a0
SHA512

9d8d1359326e5c9810eb097819f5c558b94e7f17258bade58ab6b222de252a34185ec3148685075c599099e5bb16ab020889acade377130bc599793d3a1a332d
SSDEEP

12288:TW3ATNae1NoUzIdHS2PFWntcBCcGwdBMMnMMMMMtZQP8StDNSzt8CWHXaUX:TW3ATEGoUzIdy2PFWnGBAYBMMnMMMMM4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f925fcfa7375703bb76a8f3cca4236f

Files

0f925fcfa7375703bb76a8f3cca4236f
.exe windows:4 windows x86 arch:x86

65a3a5b7808ac921451050abea72003d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
CreateProcessW
GlobalAlloc
GetTimeZoneInformation
lstrcpyA
ResetEvent
SystemTimeToFileTime
GetSystemInfo
ExitThread
SetCurrentDirectoryA
_llseek
GetStringTypeExA
InterlockedDecrement
MultiByteToWideChar
GetCommandLineA
GetVolumeInformationA
ReadFile
FreeResource
FindNextFileA
DeleteCriticalSection
SearchPathA
GetTempPathA
GetDateFormatA
GetACP
lstrcmpA
CreateProcessA
GlobalSize
RemoveDirectoryA
IsBadCodePtr
CreateDirectoryA
MoveFileA
SetLastError
IsBadReadPtr
GetUserDefaultLCID
CompareStringW
FormatMessageW
CloseHandle
CompareStringA
LeaveCriticalSection
VirtualProtect
GetProfileStringA
SetFileTime
VirtualQuery
TlsAlloc
FindResourceA
GetTickCount
_lclose
EnterCriticalSection
GetLastError
GetDriveTypeA
GetShortPathNameA
FreeEnvironmentStringsA
TerminateProcess
GetWindowsDirectoryA
SetEndOfFile
LockResource
Sleep
WriteFile
RtlUnwind
GetEnvironmentStringsW
LoadLibraryA
GetLocaleInfoA
GetModuleFileNameA
SetFileAttributesA
MulDiv
lstrcatA
GlobalHandle
TlsFree
HeapAlloc
ReleaseSemaphore
GetTempFileNameA
FindClose
GetCurrentProcess
SizeofResource
DuplicateHandle
GlobalUnlock
DeleteFileA
SetFilePointer
FreeEnvironmentStringsW
GetCurrentProcessId
LoadResource
SetHandleCount
GlobalFree
GetFileType
GetVersionExA
GetEnvironmentStrings
UnlockFile
GetCurrentDirectoryA
GlobalLock
SetStdHandle
CreateFileA
CreateSemaphoreA
WideCharToMultiByte
InitializeCriticalSection
SetEvent
InterlockedIncrement
UnhandledExceptionFilter
GetModuleFileNameW
HeapDestroy
GetSystemDefaultLCID
HeapReAlloc
GetStringTypeW
GetFullPathNameA
HeapSize
CreateThread
LCMapStringA
WaitForSingleObject
GetLocalTime
GetOEMCP
FreeLibrary
FormatMessageA
lstrcmpiA
VirtualAlloc
HeapCreate
FlushFileBuffers
LockFile
LoadLibraryExA
FileTimeToSystemTime
GlobalAddAtomA
GetVersion
GetProcAddress
GetCurrentThreadId
IsDBCSLeadByte
TlsGetValue
GetSystemTime
GetUserDefaultLangID
GetSystemDefaultLangID
_lwrite
lstrcpynA
GetStdHandle
CreateEventA
VirtualFree
lstrcmpiW
ResumeThread
GetExitCodeProcess
SetEnvironmentVariableA
GetStringTypeA
FileTimeToLocalFileTime
GetFileTime
LCMapStringW
GetSystemDirectoryA
SetErrorMode
GetFileAttributesA
_lread
GlobalReAlloc
GetStartupInfoA
GlobalDeleteAtom
GetCPInfo
ExitProcess
HeapFree
FlushInstructionCache
RaiseException
GetModuleHandleA
FindFirstFileA
lstrlenA
WinExec
SetLocalTime

ole32

WriteClassStg
CoDisconnectObject
CLSIDFromProgID
OleCreateFromFile
BindMoniker
OleLockRunning
CoRevokeClassObject
CreateBindCtx
OleCreateLink
OleDuplicateData
IIDFromString
CoRegisterClassObject
OleGetAutoConvert
StgCreateDocfile
OleCreateLinkFromData
OleIsCurrentClipboard
CoLockObjectExternal
OleCreateFromData
OleDoAutoConvert
StgOpenStorage
CoCreateInstance
ReleaseStgMedium
OleRun
OleSetClipboard
ProgIDFromCLSID
OleDestroyMenuDescriptor
OleLoad
DoDragDrop
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
StringFromCLSID
CLSIDFromString
OleQueryCreateFromData
StgOpenStorageOnILockBytes
CoIsOle1Class
OleUninitialize
OleLoadFromStream
RegisterDragDrop
OleGetIconOfClass
ReadClassStg
OleTranslateAccelerator
CreateOleAdviseHolder
CoFreeUnusedLibraries
StgIsStorageILockBytes
CoUnmarshalInterface
OleFlushClipboard
GetClassFile
OleGetClipboard
OleSave
OleInitialize
CoGetClassObject
CreateDataAdviseHolder
OleRegGetUserType
OleConvertIStorageToOLESTREAM
CoGetMalloc
OleSaveToStream
OleCreateLinkToFile
StringFromGUID2
OleConvertOLESTREAMToIStorage
MkParseDisplayName
CreateILockBytesOnHGlobal
ReadClassStm
CoMarshalInterface
OleIsRunning
OleSetMenuDescriptor
OleQueryLinkFromData
RevokeDragDrop
OleCreateMenuDescriptor
CoRegisterMessageFilter
IsAccelerator

gdi32

CreatePalette
SetTextColor
PlayEnhMetaFile
SetMapMode
SelectObject
CreateEllipticRgnIndirect
SetBrushOrgEx
CreateFontIndirectA
SetBkMode
Pie
GetTextExtentPoint32A
StartPage
DeleteDC
GetBitmapBits
CreateCompatibleBitmap
AbortDoc
MoveToEx
PtInRegion
CreatePen
CreateBrushIndirect
CreateHalftonePalette
CreateICA
StretchBlt
GetObjectA
CombineRgn
GetNearestColor
CreateBitmap
GetBkColor
Arc
EnumFontsA
EndPath
SetPixelV
SetWindowOrgEx
CreateDIBSection
CreateHatchBrush
GetClipBox
DeleteMetaFile
SetRectRgn
WidenPath
GetObjectType
LineTo
ExtTextOutA
SelectPalette
PatBlt
GetTextColor
CreateSolidBrush
DeleteObject
GetViewportExtEx
StretchDIBits
OffsetRgn
CreateDIBitmap
ScaleViewportExtEx
BitBlt
GetSystemPaletteEntries
SetViewportExtEx
IntersectClipRect
GetROP2
DeleteEnhMetaFile
PlayMetaFile
ExtCreateRegion
Escape
CreateRectRgnIndirect
CreateEnhMetaFileA
CreateRectRgn
SelectClipRgn
CreateMetaFileA
UnrealizeObject
GetStockObject
StartDocA
CopyMetaFileA
GetDeviceCaps
SetWindowExtEx
RoundRect
GetMapMode
CopyEnhMetaFileA
ExcludeClipRect
BeginPath
SetDIBColorTable
GetWindowOrgEx
GetCurrentObject
CreateDCA
OffsetWindowOrgEx
GetPaletteEntries
CloseMetaFile
GetEnhMetaFileHeader
CreatePatternBrush
CloseEnhMetaFile
EndDoc
GetDIBits
CreateRoundRectRgn
Rectangle
SaveDC
RealizePalette
GetTextMetricsA
SetROP2
Ellipse
CreateCompatibleDC
ScaleWindowExtEx
TranslateCharsetInfo
SetAbortProc
SetViewportOrgEx
SetBkColor
GetWindowExtEx
TextOutA
GetPixel
SetStretchBltMode
ResetDCA
PathToRegion
CreatePenIndirect
RestoreDC
EndPage
GetTextExtentPointA

user32

InvalidateRgn
InflateRect
GetClassNameA
ShowCursor
DdeCmpStringHandles
CreateMenu
DdeNameService
LoadStringA
IsIconic
GetSysColor
GetScrollInfo
CharNextA
IsWindowVisible
IsCharAlphaA
LoadCursorA
GetWindowLongA
SetFocus
CopyRect
FillRect
CharLowerBuffA
CreateWindowExA
TrackPopupMenu
BringWindowToTop
PostThreadMessageA
SetWindowRgn
MsgWaitForMultipleObjects
GetKeyboardState
CharToOemA
DdeCreateStringHandleA
BeginPaint
MapWindowPoints
DeferWindowPos
DefFrameProcA
SetScrollRange
CharPrevA
SetMenuItemInfoA
GetCaretBlinkTime
IsWindowEnabled
TranslateMDISysAccel
GetDCEx
SetWindowLongA
GetAsyncKeyState
GetPropA
WaitForInputIdle
CreateAcceleratorTableA
DdeGetData
DrawFocusRect
IsZoomed
DdeGetLastError
SetParent
CheckMenuItem
LoadImageA
DdeConnect
SetMenuDefaultItem
SetPropA
GetKeyState
EndDialog
CharUpperBuffW
SystemParametersInfoA
DdeDisconnect
EnableMenuItem
CallWindowProcA
ModifyMenuA
GetForegroundWindow
GetWindowDC
SetCursorPos
GetQueueStatus
DdeFreeDataHandle
DestroyAcceleratorTable
SetActiveWindow
CharLowerBuffW
UnhookWindowsHookEx
LoadAcceleratorsA
GetDC
ShowWindow
SetTimer
PeekMessageW
DrawIcon
SetForegroundWindow
MessageBeep
LoadBitmapA
CreateCursor
wsprintfA
GetMenuItemInfoA
EnumClipboardFormats
AdjustWindowRect
SetClipboardData
MoveWindow
EndDeferWindowPos
KillTimer
PeekMessageA
GetIconInfo
DdeAbandonTransaction
GetMenuItemCount
SetCapture
GetMenuState
EnumThreadWindows
AttachThreadInput
DdeClientTransaction
CopyAcceleratorTableA
GetClipboardData
VkKeyScanA
IsDialogMessageA
GetDoubleClickTime
GetWindowRect
ClipCursor
DialogBoxParamA
SetWindowTextA
CharLowerA
GetFocus
GetMenuItemID
GetSystemMetrics
GetClientRect
GetClassInfoExA
SetWindowsHookExW
ReleaseCapture
FindWindowW
PostQuitMessage
SetScrollPos
GetSystemMenu
RemoveMenu
DdeInitializeA
SetRect
GetClipboardFormatNameA
GetClassInfoA
FrameRect
DispatchMessageA
CreateCaret
SetCursor
PtInRect
EndPaint
SetDlgItemTextA
ShowScrollBar
ShowCaret
IsClipboardFormatAvailable
GetUpdateRgn
PostMessageA
DestroyCursor
AppendMenuA
LoadIconA
WindowFromPoint
VkKeyScanW
GetParent
AdjustWindowRectEx
GetUpdateRect
GetWindow
GetMessageTime
SetScrollInfo
GetDesktopWindow
CreateIcon
keybd_event
DdeSetUserHandle
DefWindowProcA
DdePostAdvise
CharUpperBuffA
IsRectEmpty
BeginDeferWindowPos
SetMenu
DdeUninitialize
ClientToScreen
DestroyIcon
GetLastActivePopup
GetMessagePos
DdeQueryConvInfo
GetWindowRgn
EmptyClipboard
DdeCreateDataHandle
MessageBoxIndirectA
PostMessageW
CreatePopupMenu
InvalidateRect
IsChild
UpdateWindow
GetCursor
WaitMessage
RegisterClassExA
UnregisterClassA
GetTabbedTextExtentA
DrawMenuBar
SetKeyboardState
CharUpperA
MessageBoxA
SendDlgItemMessageA
GetCapture
GetWindowThreadProcessId
DestroyWindow
GetActiveWindow
OffsetRect
CreateDialogParamA
GetCaretPos
RegisterClipboardFormatA
DrawFrameControl
DestroyMenu
DefMDIChildProcA
EnableWindow
SetWindowContextHelpId
DestroyCaret
LockWindowUpdate
IntersectRect
OemToCharA
SendMessageA
OpenClipboard
SetCaretPos
TranslateMessage
ScreenToClient
EqualRect
ReleaseDC
SetWindowPos
FindWindowA
WinHelpA
GetDlgItem
GetMenuStringA
GetKeyboardLayout
GetWindowTextA
InsertMenuA
CharToOemBuffA
RegisterClassA
SubtractRect
TabbedTextOutA
CallNextHookEx
DrawTextA
ToAscii
GetCursorPos
GetSubMenu
RemovePropA
DdeQueryStringA
SetWindowsHookExA
CloseClipboard
IsWindow
GetScrollPos
GetWindowTextLengthA
DdeFreeStringHandle
HideCaret
DeleteMenu
GetMenu

ntdll

RtlAddAuditAccessObjectAce

advapi32

RegQueryInfoKeyA
LookupPrivilegeValueA
RegSetValueExA
RegQueryValueExW
RegCreateKeyW
DeregisterEventSource
RegOpenKeyExA
SetSecurityDescriptorDacl
RegDeleteValueA
InitializeSecurityDescriptor
RegOpenKeyW
RegEnumValueA
RegQueryValueA
AdjustTokenPrivileges
RegOpenKeyA
ReportEventA
RegSetValueExW
RegisterEventSourceA
RegDeleteKeyW
OpenProcessToken
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegSetValueA
RegDeleteValueW
RegCreateKeyA
RegEnumKeyW
RegQueryValueExA
RegEnumValueW

ddraw

DirectDrawEnumerateA

Sections

.text
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 328KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65a3a5b7808ac921451050abea72003d

Headers

File Characteristics

Imports

kernel32

ole32

gdi32

user32

ntdll

advapi32

ddraw

Sections

.text Size: 4KB - Virtual size: 916B

.data Size: 328KB - Virtual size: 2.0MB

.idata Size: 16KB - Virtual size: 15KB

.rsrc Size: 192KB - Virtual size: 188KB

.rdata Size: 12KB - Virtual size: 10KB

.text
Size: 4KB - Virtual size: 916B

.data
Size: 328KB - Virtual size: 2.0MB

.idata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 192KB - Virtual size: 188KB

.rdata
Size: 12KB - Virtual size: 10KB