1bd7d7b601dc003039eab648fdcb3b5689ff26c8b3de2112c1981aa9a36778bf

Sharing

Copy URL Twitter E-mail

General

Target

1bd7d7b601dc003039eab648fdcb3b5689ff26c8b3de2112c1981aa9a36778bf
Size

3.3MB
MD5

50869aa6087fb47dc7fb9bb463943c3e
SHA1

887a1aa278c5c2ed39bebed8e87d292e73771bce
SHA256

1bd7d7b601dc003039eab648fdcb3b5689ff26c8b3de2112c1981aa9a36778bf
SHA512

e5e30906dce0a2c2e28266dabfb97457c7faa26369968517e41ca957c36fbccba191556616f7689084f10251ab0cfd3be4d82ad0ae5da55604131aa68027fca2
SSDEEP

98304:4FYmsqPXUWZvs5loSt3J+Ox+zk7l0oqebXqAEXk0:4FYmDlE5ltx2s0oqeQX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bd7d7b601dc003039eab648fdcb3b5689ff26c8b3de2112c1981aa9a36778bf

Files

1bd7d7b601dc003039eab648fdcb3b5689ff26c8b3de2112c1981aa9a36778bf
.exe windows:6 windows x86 arch:x86

8600e617eb27c877ff7a12c5b266cd66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathW

kernel32

GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
GetTimeFormatW
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetDateFormatW
LCMapStringW
IsValidLocale
GetDriveTypeW
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
GetEnvironmentStringsW
GetTempFileNameW
GetDiskFreeSpaceW
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
SetErrorMode
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
SystemTimeToFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetAtomNameW
GlobalGetAtomNameW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFlags
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
FlushFileBuffers
DeleteFileW
GetCurrentProcessId
CompareStringA
lstrcmpA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
SetEvent
MulDiv
LocalFree
GlobalSize
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
lstrlenW
lstrcpyW
lstrcpynW
lstrcmpiW
CreateProcessW
FindFirstFileW
FindClose
CreateDirectoryW
GetModuleHandleW
GetVersionExW
GetTickCount
GetCurrentDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
ExpandEnvironmentStringsW
WideCharToMultiByte
FormatMessageW
WritePrivateProfileStructW
GetPrivateProfileStructW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalAlloc
GetFileSize
CreateThread
TerminateProcess
CreateEventW
WaitForSingleObject
GetOverlappedResult
OutputDebugStringW
ReadFile
CreateFileW
MultiByteToWideChar
CopyFileW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
GetWindowsDirectoryW
CreateMutexW
ReleaseMutex
CloseHandle
GetLastError
WriteConsoleW
WinExec
Sleep
SetCurrentDirectoryW
VirtualAlloc

user32

GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
CharUpperW
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetActiveWindow
TranslateMessage
GetMessageW
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetTopWindow
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetActiveWindow
TrackPopupMenuEx
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
DeleteMenu
SetTimer
KillTimer
SetClipboardData
EmptyClipboard
SendMessageW
keybd_event
EnableWindow
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
UpdateWindow
UnregisterClassW
ClientToScreen
DestroyIcon
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
IntersectRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
TrackMouseEvent
LoadImageW
GetDialogBaseUnits
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
DrawFocusRect
DrawIconEx
GetAsyncKeyState
GetForegroundWindow
GetWindowLongW
GetDesktopWindow
IsWindowVisible
GetWindowRect
GetCursorPos
ScreenToClient
ChildWindowFromPoint
GetParent
EnumChildWindows
FindWindowExW
GetClassNameW
GetWindow
RegisterDeviceNotificationW
PostMessageW
GetDC
ReleaseDC
SetRect
AttachThreadInput
OpenClipboard
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
SetForegroundWindow
FindWindowW
GetWindowThreadProcessId
RegisterWindowMessageW
GetMessageExtraInfo
SendMessageTimeoutW
mouse_event
GetSystemMetrics
SetCursorPos
WindowFromPoint
SwapMouseButton
SetDoubleClickTime
CreatePopupMenu
SetParent
AppendMenuW
TrackPopupMenu
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
SetWindowLongW
GetLastActivePopup
LoadIconW
SystemParametersInfoW
SetCapture
ReleaseCapture
InvalidateRect
GetClientRect
GetSystemMenu
CopyIcon
FrameRect
DrawIcon
UnionRect
PostThreadMessageW
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
GetUpdateRect
GetDCEx
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
SendNotifyMessageW
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
DestroyCursor
GetTabbedTextExtentW
SetWindowRgn
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW

gdi32

SetTextColor
CopyMetaFileW
CreateDCW
GetDeviceCaps
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetBkColor
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
CreateFontW
GetCharWidthW
StretchDIBits
Rectangle
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateBitmap
GetObjectW
CreateDIBSection
StretchBlt
SelectPalette
SelectObject
RealizePalette
GetStockObject
GetDIBits
ExtCreateRegion
DeleteObject
DeleteDC
CreateCompatibleBitmap
CombineRgn
BitBlt
OffsetViewportOrgEx
CreateCompatibleDC
CreateScalableFontResourceW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

GetJobW
DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegSetValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegCreateKeyW
RegCloseKey

shell32

ShellExecuteW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListW
DragFinish
DragQueryFileW

shlwapi

PathRemoveExtensionW
StrStrIW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW

uxtheme

GetWindowTheme
DrawThemeText
GetThemeSysColor
DrawThemeBackground
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemePartSize
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed

ole32

OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleUninitialize
CoRegisterMessageFilter
DoDragDrop
OleInitialize
CoFreeUnusedLibraries
OleRun
CoInitializeEx
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
StgCreateDocfileOnILockBytes
OleFlushClipboard
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleLockRunning
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoCreateGuid
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
OleIsCurrentClipboard

oleaut32

OleLoadPicture
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
OleCreateFontIndirect
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantChangeType

oledlg

OleUIBusyW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

hid

HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetFeature
HidD_SetFeature
HidP_GetCaps

winmm

PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageI
GdipCreateFromHDC
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdipGetImageGraphicsContext

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8600e617eb27c877ff7a12c5b266cd66

Headers

DLL Characteristics

File Characteristics

Imports

shfolder

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

setupapi

hid

winmm

oleacc

gdiplus

imm32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 592KB - Virtual size: 591KB

.data Size: 33KB - Virtual size: 53KB

.rsrc Size: 246KB - Virtual size: 245KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 592KB - Virtual size: 591KB

.data
Size: 33KB - Virtual size: 53KB

.rsrc
Size: 246KB - Virtual size: 245KB