1220d9b7f0a09acdd9e7cbc8966decb3

Sharing

Copy URL

Twitter E-mail

General

Target

1220d9b7f0a09acdd9e7cbc8966decb3
Size

460KB
MD5

1220d9b7f0a09acdd9e7cbc8966decb3
SHA1

b36060484942c0431f9e9496757584a39f08eb03
SHA256

e3955ac6011b9ed9bf2a21a57ad9a1d6fbf3fdcf05bdf89b41bc0ac48ef576fc
SHA512

65e5649c52e996ace12d963701f0c123ba58b30743fb7aeca3d60770ad78aa33ab0684d3c5448538975dd44b0044ba9dae6d0c5befcbad41967553365a3ad181
SSDEEP

6144:ntfETT7+21Jzo2SdHqBlcEWnDA6DDr8YCXlhy3AgHf3H5srdvKsCvrWfbip44R:ntfEn7+0Mqz2DDrOlILkvZarWmL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1220d9b7f0a09acdd9e7cbc8966decb3

Files

1220d9b7f0a09acdd9e7cbc8966decb3
.exe windows:4 windows x86 arch:x86

581d96b3eba6feea2f36f3c046011090

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathAppendA
SHSetValueA
PathFileExistsA
SHGetValueA

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile

kernel32

LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
GlobalFlags
GetVersionExA
lstrcmpW
GlobalFindAtomA
FreeResource
GetCPInfo
GetOEMCP
ExitProcess
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LocalAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileType
CreateFileW
SetStdHandle
SetHandleCount
GetStdHandle
FatalAppExitA
SetConsoleCtrlHandler
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetACP
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
InterlockedIncrement
FileTimeToSystemTime
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
SuspendThread
SetEvent
WaitForSingleObject
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalDeleteAtom
GetAtomNameA
GlobalGetAtomNameA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
MoveFileA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetVersion
CompareStringA
lstrcmpiW
lstrcmpiA
InterlockedExchange
GetStringTypeExA
lstrlenW
MultiByteToWideChar
CompareStringW
GetEnvironmentVariableA
GetStringTypeExW
GetEnvironmentVariableW
SystemTimeToFileTime
GetSystemTimeAsFileTime
ResumeThread
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
WriteFile
RemoveDirectoryA
DeleteFileA
Sleep
GetTempPathA
CreateProcessA
SetLastError
lstrcatA
GetLastError
CreateMutexA
LoadLibraryA
GetProcAddress
GetModuleHandleA
CreateFileA
FreeLibrary
GetModuleFileNameA
lstrlenA
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
HeapReAlloc

user32

GetMenuItemInfoA
DestroyMenu
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDialogBaseUnits
InflateRect
UnregisterClassA
DestroyIcon
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDesktopWindow
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
DeleteMenu
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
LoadCursorA
GetDC
EndPaint
GetMessageA
DispatchMessageA
TranslateMessage
RegisterWindowMessageA
RegisterClassExA
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowTextLengthA
GetWindowTextA
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
CreateWindowExA
SetTimer
SetMessageExtraInfo
GetMessageExtraInfo
PostQuitMessage
DefWindowProcA
MessageBoxA
wsprintfA
CharUpperW
CharLowerA
CharLowerW
CharUpperA
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
GetSystemMetrics
MsgWaitForMultipleObjects
GetMenuState

gdi32

CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
DeleteDC
GetCurrentPositionEx
GetDCOrgEx
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateDCA
CopyMetaFileA
CreateHatchBrush
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
ArcTo

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumValueA
RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA

shell32

ExtractIconA
SHGetFileInfoA
ShellExecuteA
SHGetFolderPathA
SHGetSpecialFolderPathA

ole32

WriteClassStg
WriteFmtUserTypeStg
OleRegGetUserType
CoTaskMemFree
CoInitializeEx
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
StringFromGUID2
CLSIDFromString
CoDisconnectObject
SetConvertStg

oleaut32

SafeArrayPutElement
VariantInit
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantClear
SafeArrayRedim
VariantChangeType
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
VarDateFromStr
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen

Sections

.text
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

581d96b3eba6feea2f36f3c046011090

Headers

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 344KB - Virtual size: 340KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 344KB - Virtual size: 340KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 16KB - Virtual size: 14KB