165d6f73d7ef4d5008e914d99af21efb

Sharing

Copy URL Twitter E-mail

General

Target

165d6f73d7ef4d5008e914d99af21efb
Size

836KB
MD5

165d6f73d7ef4d5008e914d99af21efb
SHA1

e2c6591cca3fba2151be09ca5b01922acdcf4e21
SHA256

d2b75d8c439144d0fd348c4f5c14e0facb01b5df17cf06c7237bd363839bbed8
SHA512

ffc4ca3a480c9e4bb50c13292d5b4f5480beb926f762546538dcd56d46e9c12492ec235ed478b2cdcbbfb403800f6672656ef4c6d5c51a7c02b5237f546658d8
SSDEEP

24576:R+Bm631zL8i3mC78zxsJdG0crlXg0m/tz:4kaJv2QdUlXg0G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
165d6f73d7ef4d5008e914d99af21efb

Files

165d6f73d7ef4d5008e914d99af21efb
.exe windows:5 windows x86 arch:x86

e1ba5478bbc14ae81cc97bcaa08f37ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameW
IsDebuggerPresent
SetThreadExecutionState
DeleteFileA
GetPrivateProfileStructA
DuplicateHandle
lstrcpyW
GetCurrentThread
FindClose
GetSystemTime
SetThreadPriority
OutputDebugStringA
SetPriorityClass
GetStringTypeExW
SetEvent
CompareStringW
LoadLibraryExW
ResetEvent
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
Sleep
SetEnvironmentVariableW
ExitProcess
ReadFile
lstrcpynW
lstrcpynA
GetVersionExA
GetCurrentProcessId
GetEnvironmentVariableW
GetLogicalDrives
MoveFileExW
CreateEventA
QueryPerformanceFrequency
GetLastError
FindResourceExW
InterlockedExchange
GetTickCount
CreateProcessA
SizeofResource
RaiseException
GetPrivateProfileIntA
GetACP
GetPrivateProfileIntW
lstrcmpiA
QueryPerformanceCounter
WaitForSingleObject
TlsGetValue
CompareStringA
GetTimeFormatW
TryEnterCriticalSection
GetCurrentThreadId
TlsAlloc
FindNextFileW
RemoveDirectoryA
HeapAlloc
FindResourceA
GetVersionExW
SetUnhandledExceptionFilter
LocalFree
lstrlenW
HeapFree
GetSystemTimeAsFileTime
DeleteFileW
lstrcmpiW
GetLocaleInfoW
SetEndOfFile
GlobalFree
GetProcessHeap
VirtualAlloc
GlobalDeleteAtom
MultiByteToWideChar
SetCurrentDirectoryW
CreateDirectoryW
CloseHandle
CreateEventW
InterlockedIncrement
lstrlenA
FindFirstFileA
GetModuleHandleA
MapViewOfFile
FreeLibrary
FindFirstFileW
CreateWaitableTimerA
GetDriveTypeW
CreateProcessW
OpenProcess
LoadLibraryW
WaitForMultipleObjectsEx
SetCurrentDirectoryA
LoadLibraryA
ReleaseSemaphore
WideCharToMultiByte
WritePrivateProfileStringA
GetSystemDirectoryW
CopyFileW
WritePrivateProfileStringW
GetExitCodeThread
GetPrivateProfileStringW
QueueUserAPC
WaitForMultipleObjects
DeleteCriticalSection
GetShortPathNameW
OpenEventW
LockResource
WritePrivateProfileSectionW
FreeResource
GetPrivateProfileStringA
GlobalAddAtomW
GlobalAlloc
GetShortPathNameA
ReadProcessMemory
WritePrivateProfileStructA
TlsSetValue
GetProcAddress
GetCurrentProcess
WriteFile
GetModuleFileNameA
MulDiv
EnterCriticalSection
CreateFileA
GetStringTypeExA
GetLongPathNameW
CreateFileMappingA
GlobalLock
TerminateProcess
GetCurrentDirectoryW
UnmapViewOfFile
InitializeCriticalSection
SetLastError
GetFileSize
MoveFileW
RemoveDirectoryW
GetCommandLineW
CreateFileW
UnhandledExceptionFilter
GetStartupInfoA
GlobalUnlock
SystemTimeToFileTime
lstrcmpW
CreateSemaphoreA
LocalAlloc
FindResourceW
CreateThread
SetWaitableTimer
SetErrorMode
InterlockedCompareExchange
GetFullPathNameW
GetLocalTime
GetModuleFileNameW
LoadResource
LeaveCriticalSection
GetVersion
FindNextFileA
SetFilePointer
GetTempPathW

user32

PostMessageA
DrawFocusRect
SetWindowLongA
KillTimer
ValidateRect
CharUpperW
CreateDialogParamA
IsWindowVisible
DeleteMenu
SendDlgItemMessageA
DestroyIcon
EndPaint
SetRectEmpty
UnhookWindowsHookEx
TranslateAcceleratorW
GetPropW
ShowCursor
ReplyMessage
CharUpperBuffA
CheckDlgButton
IsWindowUnicode
GetWindowRect
LoadImageA
CharPrevW
AppendMenuA
CallWindowProcA
IsIconic
SendDlgItemMessageW
SendNotifyMessageA
RedrawWindow
IsDialogMessageA
LoadAcceleratorsW
GetClassInfoExW
OpenClipboard
IsMenu
RegisterWindowMessageW
GetSubMenu
GetDesktopWindow
RegisterClassW
GetClipboardData
InsertMenuItemW
GetMenu
SetCapture
CloseClipboard
GetDlgItem
DispatchMessageW
ClientToScreen
LoadAcceleratorsA
GetWindowTextA
LoadStringA
SetWindowTextW
IsDialogMessageW
SetWindowTextA
SetPropW
SetCursor
GetMenuItemInfoW
GetSysColorBrush
GetMenuItemCount
CharLowerW
GetWindowDC
PostQuitMessage
GetDlgItemInt
SetWindowRgn
EnableMenuItem
DefWindowProcW
IsCharAlphaA
SetRect
FindWindowExW
GetMessagePos
DestroyWindow
ReleaseCapture
PostMessageW
GetClassNameW
LoadStringW
GetWindowTextW
SetMenuItemInfoW
LoadIconA
GetParent
GetWindowLongW
SetDlgItemInt
MsgWaitForMultipleObjectsEx
IsDlgButtonChecked
DispatchMessageA
EqualRect
GetDlgItemTextA
GetMenuStringW
RegisterWindowMessageA
RegisterClassExW
FillRect
UpdateWindow
GetMenuItemRect
GetCapture
TrackPopupMenu
RegisterClipboardFormatA
DestroyCursor
ChildWindowFromPoint
LoadCursorA
IsWindowEnabled
SetScrollPos
GetScrollInfo
EnableWindow
WindowFromPoint
MonitorFromPoint
GetCursorPos
GetWindowLongA
GetClassInfoW
GetSysColor
RegisterClassA
SendMessageTimeoutA
SetTimer
SetWindowsHookExA
GetMenuState
OffsetRect
DestroyMenu
GetWindow
CreateIconIndirect
AttachThreadInput
DrawTextW
CharNextA
GetWindowTextLengthW
TrackMouseEvent
FlashWindowEx
SetParent
EnumDisplaySettingsA
CreateDialogIndirectParamW
InvalidateRect
EmptyClipboard
CreateDialogParamW
DrawTextA
GetClassLongA
FindWindowW
EndDeferWindowPos
CreateWindowExW
RemovePropW
GetDlgCtrlID
GetSystemMenu
SystemParametersInfoA
DefWindowProcA
PeekMessageW
SetWindowPos
GetMenuItemID
SetDlgItemTextA
GetKeyState
AppendMenuW
CreatePopupMenu
MessageBeep
GetFocus
GetKeyboardState
LoadBitmapW
ReleaseDC
FindWindowA
FindWindowExA
DrawIconEx
DeferWindowPos
SetClipboardData
ShowWindow
GetWindowThreadProcessId
GetWindowTextLengthA
CharNextW
DialogBoxParamW
MessageBoxA
ShowWindowAsync
SetActiveWindow
SendMessageA
GetSystemMetrics
BeginPaint
GetForegroundWindow
MapDialogRect
LoadMenuW
BringWindowToTop
GetDC
InsertMenuItemA
GetMessageW
PtInRect
SetDlgItemTextW
SetForegroundWindow
SendMessageW
SendMessageCallbackA
GetDCEx
CopyRect
GetActiveWindow
LoadMenuA
EndDialog
LoadImageW
RemovePropA
MonitorFromRect
ChildWindowFromPointEx
CallWindowProcW
GetClientRect
GetNextDlgTabItem
CheckMenuItem
PostThreadMessageA
SetFocus
SetWindowLongW
ModifyMenuW
GetAsyncKeyState
GetUpdateRgn
CallMsgFilterA
DialogBoxIndirectParamW
MonitorFromWindow
GetAncestor
MapWindowPoints
MessageBoxW
GetUpdateRect
GetClassLongW
SystemParametersInfoW
InsertMenuW
SetScrollInfo
GetMessageA
SetClassLongA
DialogBoxParamA
CallNextHookEx
BeginDeferWindowPos
SetCursorPos
RemoveMenu
GetDlgItemTextW
EnumThreadWindows
GetWindowRgn
IsChild
PeekMessageA
GetMenuItemInfoA
IsWindow
SetMenuItemInfoA
ScreenToClient
GetMonitorInfoA
CharPrevA
InsertMenuA
AdjustWindowRectEx
TranslateMessage
InflateRect

gdi32

CreateFontW
GetTextMetricsW
SetPixel
CombineRgn
BitBlt
CreateCompatibleBitmap
SetBkMode
CreatePen
Rectangle
LineTo
FillRgn
SelectPalette
CreatePalette
GetDIBColorTable
GetFontLanguageInfo
OffsetRgn
ChoosePixelFormat
ExtTextOutA
GetObjectW
EnumFontsA
GetTextExtentPoint32A
CreateRectRgnIndirect
GetObjectA
UpdateColors
GetTextMetricsA
RestoreDC
IntersectClipRect
SetTextAlign
DeleteObject
CreatePolyPolygonRgn
GetCurrentObject
CreateSolidBrush
CreateRectRgn
GetDIBits
GetDeviceCaps
ExtTextOutW
RectVisible
CreateFontIndirectA
GetTextExtentPoint32W
SetTextColor
MoveToEx
GetPixel
StretchBlt
SetStretchBltMode
CreatePatternBrush
CreateBrushIndirect
ExtSelectClipRgn
SetDIBits
GetStockObject
GetNearestColor
SaveDC
CreateFontA
DeleteDC
SetBkColor
CreateCompatibleDC
CreateFontIndirectW
CreateDIBSection
RealizePalette
SelectObject
SetBrushOrgEx

advapi32

CryptReleaseContext
RegOpenKeyW
CryptGenRandom
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyW
RegOpenKeyA
RegCloseKey
RegSetValueExW
RegQueryValueExA
RegEnumKeyW
RegDeleteValueW
RegOpenKeyExW
CryptAcquireContextA
RegQueryValueExW

shell32

ShellExecuteW
SHChangeNotify
SHGetDesktopFolder
SHGetFolderPathW
DragQueryPoint
ord680
SHAppBarMessage
DragFinish
SHBrowseForFolderW
SHFileOperationW
DragQueryFileW
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetPathFromIDListW

ole32

CoTaskMemFree
CoCreateInstance
CoRevokeClassObject
RegisterDragDrop
StringFromGUID2
CoRegisterClassObject
CoTaskMemAlloc
OleRun
CoCreateGuid
CoUninitialize
RevokeDragDrop
CoInitializeEx
OleInitialize
OleUninitialize
CoGetObject
CoInitialize

oleaut32

VariantClear
SysFreeString
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
DispGetParam
SafeArrayCopy
SysAllocString
SysAllocStringLen

shlwapi

StrCmpNW
PathRemoveFileSpecA
PathAddBackslashW
PathFindFileNameW
PathRemoveExtensionW
ord29
PathIsRootW
PathIsSameRootW
PathAppendA
PathAddExtensionW
UrlGetPartW
PathFileExistsW
PathRemoveFileSpecW
StrCmpIW
PathFindExtensionW
PathCombineW
PathIsRelativeW
PathQuoteSpacesW
PathRemoveBackslashW
PathAppendW
PathQuoteSpacesA
PathStripToRootW
PathIsNetworkPathW
PathCommonPrefixW
PathCombineA
PathUnquoteSpacesW
StrToIntExW
PathIsFileSpecW
PathIsDirectoryW
PathFindFileNameA
StrToIntW
PathStripPathW
StrCmpNIW
PathIsURLW
PathCanonicalizeW
StrChrW
PathRemoveBlanksW
UrlIsW
PathIsUNCW

rpcrt4

UuidToStringW
UuidFromStringW
UuidCreate
RpcStringFreeW

netapi32

NetApiBufferFree

wtsapi32

WTSVirtualChannelClose

dnsapi

DnsQuery_A

Sections

.text
Size: 499KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.stroke
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joke
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.poke
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.key
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cond
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1ba5478bbc14ae81cc97bcaa08f37ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

rpcrt4

netapi32

wtsapi32

dnsapi

Sections

.text Size: 499KB - Virtual size: 499KB

.stroke Size: 52KB - Virtual size: 51KB

.char Size: 512B - Virtual size: 34B

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 47KB

.joke Size: 512B - Virtual size: 124B

.poke Size: 512B - Virtual size: 170B

.key Size: 209KB - Virtual size: 209KB

.cond Size: 48KB - Virtual size: 48KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 499KB - Virtual size: 499KB

.stroke
Size: 52KB - Virtual size: 51KB

.char
Size: 512B - Virtual size: 34B

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 47KB

.joke
Size: 512B - Virtual size: 124B

.poke
Size: 512B - Virtual size: 170B

.key
Size: 209KB - Virtual size: 209KB

.cond
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB